Use Log Service to collect container logs - User Guide for Kubernetes Clusters| Alibaba Cloud Documentation Center

Container Service for Kubernetes (ACK) is integrated with Log Service. When you create a cluster, you can enable Log Service to collect container logs, including standard outputs and text files.

Step 1: Activate Logtail

When you create a cluster, select Enable Log service to activate Logtail. You can also install Logtail for an existing cluster.

Activate Logtail when you create a cluster:

Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, click Create Kubernetes Cluster in the upper-right corner. For more information, see Create a cluster.
In the Select Cluster Template dialog box, select a cluster type.
In the Component Configurations step, select the Log Service check box to install Logtail for the newly created Kubernetes cluster.
After you select the Enable Log Service check box, you must specify a project to manage log data. For more information about projects, see Projects.
- Select an existing project.
- Create a project. By default, the system names the project in the format of k8s-log-{ClusterID}. ClusterID indicates the unique ID of the cluster to be created.
After you set the parameters, click Create Cluster in the lower-right corner. In the message that appears, click OK.
On the Clusters page, you can find the created cluster.

Install Logtail for an existing cluster:

Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
In the left-side navigation pane of the cluster details page, choose Operations > Add-ons. In the Optional Add-ons section, find logtail-ds.
Click Install next to logtail-ds.
In the Confirm message, click OK.

If you have installed an earlier version of Logtail, you can upgrade the Logtail in the Optional Add-ons section. Upgrade logtail-ds

Step 2: Configure Log Service when you create an application

You can configure Log Service to collect container logs when you create an application. You can use the wizard in the console or YAML templates to create applications.

Use the wizard to create an application:

Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
In the left-side navigation pane of the details page, choose Workloads > Deployments.
Click the Deployment tab and select a Namespace from the drop-down list where you want to create an application, and then click Create from Image in the upper-right corner.
In the Basic Information step, specify Name, Replicas, and Type. Then, click Next to go to the Container step.
In the Container step, select an image. In this example, select an NGINX image.
The following steps describe how to configure Log Service. For more information about other configuration items, see Deploy a stateless application from an image.
In the Log section, click the plus sign (+) to add a Logstore. You must specify Logstore and Log Path in Container (Can be set to stdout).
- Logstore: specifies the Logstore that stores collected logs. If the specified Logstore does not exist, the system automatically creates a Logstore in the Log Service project that is associated with the cluster.
  
  Note The name of the Logstore can contain hyphens (-) but cannot contain underscores (_).
- Log Path in Container (Can be set to stdout): specifies the path from which you want to collect logs. For example, /usr/local/tomcat/logs/catalina. *.log indicates Tomcat log files.
  
  Note If you set the value to stdout, standard outputs and error messages are collected.
  
  After you add a collection configuration, the system automatically creates a Logstore. By default, logtail-ds collects logs in simple mode. This mode collects logs by line. To use more collection methods, go to the Log Service console and modify the log collection configurations of the project and Logstore. By default, the project uses k8s-log as the prefix.
Add custom tags.
Click the plus sign (+) to add custom tags. Each tag is a key-value pair that is appended to collected logs. You can use custom tags to mark log data. For example, you can use a tag to denote the application version.
After you set all parameters, click Next to configure advanced settings. For more information about advanced settings, see Deploy a stateless application from an image.

Use a YAML template to create an application

In the left-side navigation pane of the cluster details page, click Workload.
Click the Deployment tab and select a Namespace from the drop-down list where you want to create an application, and then click Create from Template in the upper-right corner.
YAML templates follow the Kubernetes syntax. You can use environment variables to define collection configurations and custom tags. You must also configure volumeMounts and volumes. The following sample template shows how to create a pod:
```
apiVersion: v1
kind: Pod
metadata:
  name: my-demo
spec:
  containers:
  - name: my-demo-app
    image: 'registry.cn-hangzhou.aliyuncs.com/log-service/docker-log-test:latest'
    env:
    ######### Configure environment variables ###########
    - name: aliyun_logs_log-stdout
      value: stdout
    - name: aliyun_logs_log-varlog
      value: /var/log/*.log
    - name: aliyun_logs_mytag1_tags
      value: tag1=v1
    ###############################
    ######### Configure volume mounting ###########
    volumeMounts:
    - name: volumn-sls-mydemo
      mountPath: /var/log
  volumes:
  - name: volumn-sls-mydemo
    emptyDir: {}
  ###############################
```
Perform the following steps based on your needs:

Note If you have more log collection requirements, see (Optional) Step 3: Configure advanced parameters in the env field.
1. Use environment variables to add collection configurations and custom tags. All environment variables related to log collection must use aliyun_logs_ as the prefix.
  - Add collection configurations in the following format:
```
- name: aliyun_logs_{Logstore name}
  value: {Log path}                            
```
    In the preceding YAML template, two environment variables are added to the collection configuration. Environment variable aliyun_logs_log-stdout indicates that a Logstore named log-stdout is created to store the stdout files from containers.
    
    Note The name of a Logstore can contain hyphens (-) but cannot contain underscores (_).
  - Custom tags must be specified in the following format:
```
- name: aliyun_logs_{Tag name without underscores (_)}_tags
  value: {Tag name}={Tag value}                            
```
    After a tag is added, the tag is automatically appended to log fields when logtail-ds collects the container logs.
2. If you specify a log path to collect logs that are not standard outputs, you must configure volumeMounts.
  In the preceding YAML template, the mountPath field in volumeMounts is set to /var/log. This allows logtail-ds to collect /var/log/*.log files.
After you edit the YAML template, click Create to submit the configurations.

(Optional) Step 3: Configure advanced parameters in the env field

You can specify multiple parameters in the env field to configure log collection. The following table lists the parameters.

Notice This configuration method is not applicable to edge computing scenarios.


Field	Description	Reference	Precautions
aliyun_logs_{key}	Required. {key} can only contain lowercase letters, digits, and hyphens (-). If the specified aliyun_logs_{key}_logstore does not exist, a Logstore named {key} is created. To collect standard outputs of container logs, set the value to stdout. You can also set the value to a path inside a container.	`- name: aliyun_logs_catalina stdout` `- name: aliyun_logs_access-log /var/log/nginx/access.log`	By default, logtail-ds collects logs in simple mode. In this case, the collected logs are not parsed. If you want to parse the logs, we recommend that you modify the collection mode in the Log Service console. For more information, see Use the console to collect Kubernetes text logs in DaemonSet mode, Use the console to collect Kubernetes stdout and stderr logs in DaemonSet mode, or Use CRDs to collect Kubernetes container logs in the DaemonSet mode. The value of {key} must be unique in the cluster.
aliyun_logs_{key}_tags	Optional. This parameter is used to add tags to log data. The value must be in the following format: {tag-key}={tag-value}.	`- name: aliyun_logs_catalina_tags app=catalina`	-
aliyun_logs_{key}_project	Optional. This parameter specifies a project in Log Service. By default, the project that you specified when you create the cluster is used.	`- name: aliyun_logs_catalina_project my-k8s-project`	The region of the project must be the same as where your logtail-ds is located.
aliyun_logs_{key}_logstore	Optional. This parameter specifies a Logstore in Log Service. By default, the Logstore is named after {key}.	`- name: aliyun_logs_catalina_tags my-logstore`	-
aliyun_logs_{key}_shard	Optional. This parameter specifies the number of shards in the Logstore. Valid values: 1 to 10. Default value: 2.	`- name: aliyun_logs_catalina_shard 4`	-
aliyun_logs_{key}_ttl	Optional. This parameter specifies the number of days for which log data is retained. Valid values: 1 to 3650. To retain log data permanently, set the value to 3650. Default value: 90.	`- name: aliyun_logs_catalina_ttl 3650`	-
aliyun_logs_{key}_machinegroup	Optional. This parameter specifies the machine group of the application. By default, the machine group is the one where your logtail-ds is located.	`- name: aliyun_logs_catalina_machinegroup my-machine-group`	-

Scenario 1: Collect logs from multiple applications and store the logs in the same Logstore
In this scenario, set the aliyun_logs_{key}_logstore parameter. The following example shows how to collect standard output logs from two applications and store the logs in stdout-logstore.
Configure the following environment variables for Application 1:
```
######### Configure environment variables ###########
    - name: aliyun_logs_app1-stdout
      value: stdout
    - name: aliyun_logs_app1-stdout_logstore
      value: stdout-logstore
```
Configure the following environment variables for Application 2:
```
######### Configure environment variables ###########
    - name: aliyun_logs_app2-stdout
      value: stdout
    - name: aliyun_logs_app2-stdout_logstore
      value: stdout-logstore
```
Scenario 2: Collect logs from different applications and store the logs in different projects
In this scenario, perform the following steps:
1. Create a machine group in each project and set the machine group ID in the following format: k8s-group-{cluster-id}, where {cluster-id} is the ID of the cluster. You can customize the machine group name.
2. Specify the project, Logstore, and machine group in the environment variables for each application.
```
######### Configure environment variables ###########
    - name: aliyun_logs_app1-stdout
      value: stdout
    - name: aliyun_logs_app1-stdout_project
      value: app1-project
    - name: aliyun_logs_app1-stdout_logstore
      value: app1-logstore
    - name: aliyun_logs_app1-stdout_machinegroup
      value: app1-machine-group
```

Step 4: View logs

The following example shows how to view logs of the Tomcat application created in the console. Tomcat application logs are stored in Log Service. Perform the following steps to view logs:

Log on to the Log Service console.
In the Projects section, click the project that is associated with the Kubernetes cluster to go to the Logstores tab. By default, the project name follows the format of k8s-log-{Kubernetes cluster ID}.
In the Logstores list, find the Logstore that is specified when you configure log collection. Move the pointer over the Logstore name and click the icon. Then, click Search & Analysis.
In this example, you can view standard outputs of the Tomcat application and container text files. You can also find that custom tags are appended to log fields.

More information

By default, Log Service collects logs by line and does not parse the logs. If you want to change the log collection mode and parse the logs, modify the log collection configurations in the Log Service console. For more information, see the following topics:
- Use the console to collect Kubernetes text logs in DaemonSet mode
- Use the console to collect Kubernetes stdout and stderr logs in DaemonSet mode
You can also use CRDs to collect Kubernetes cluster logs..
For more information about troubleshooting, see Troubleshoot collection errors.