Steps to Forward Logs Using Fluentd in Open Shift - unix1998/technical_notes GitHub Wiki

To forward logs from a Java Spring Boot application running in a container to a remote Elasticsearch instance using Fluentd, you indeed need to set up Fluentd properly. The configuration can be defined in a ConfigMap, and the Fluentd container can run in a separate Pod. Here's how you can achieve this:

1. Create a ConfigMap for Fluentd Configuration
2. Deploy Fluentd as a DaemonSet (or separate Pod)
3. Verify the Log Forwarding

First, define the Fluentd configuration in a ConfigMap. This configuration will specify how Fluentd should collect logs and where it should send them (e.g., to Elasticsearch).

Create a file named fluentd-configmap.yaml:

apiVersion: v1
kind: ConfigMap
metadata:
  name: fluentd-config
  namespace: your-namespace
data:
  fluent.conf: |
    <source>
      @type tail
      path /var/log/containers/*.log
      pos_file /var/log/fluentd-containers.log.pos
      tag kubernetes.*
      <parse>
        @type json
      </parse>
    </source>

    <filter kubernetes.**>
      @type kubernetes_metadata
    </filter>

    <match kubernetes.**>
      @type elasticsearch
      host your-elasticsearch-host
      port 9200
      logstash_format true
      logstash_prefix fluentd
      logstash_dateformat %Y%m%d
      include_tag_key true
      type_name access_log
      flush_interval 5s
    </match>

Apply the ConfigMap:

oc apply -f fluentd-configmap.yaml

You can deploy Fluentd as a DaemonSet so that it runs on all nodes and collects logs from all pods. Alternatively, you can deploy it as a standalone Pod if you have specific requirements.

Create a file named fluentd-daemonset.yaml:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd
  namespace: your-namespace
spec:
  selector:
    matchLabels:
      name: fluentd
  template:
    metadata:
      labels:
        name: fluentd
    spec:
      containers:
      - name: fluentd
        image: fluent/fluentd:v1.11-1
        env:
        - name: FLUENT_ELASTICSEARCH_HOST
          valueFrom:
            configMapKeyRef:
              name: fluentd-config
              key: elasticsearch_host
        - name: FLUENT_ELASTICSEARCH_PORT
          valueFrom:
            configMapKeyRef:
              name: fluentd-config
              key: elasticsearch_port
        volumeMounts:
        - name: config-volume
          mountPath: /fluentd/etc
        - name: varlog
          mountPath: /var/log
      volumes:
      - name: config-volume
        configMap:
          name: fluentd-config
      - name: varlog
        hostPath:
          path: /var/log

Apply the DaemonSet:

oc apply -f fluentd-daemonset.yaml

After deploying the Fluentd DaemonSet, verify that logs from your Spring Boot application are being collected and forwarded to Elasticsearch.

• Check Fluentd logs to ensure it is running correctly:

  oc logs daemonset/fluentd

• Verify Elasticsearch: Check your Elasticsearch instance to see if the logs are being indexed properly. You can use tools like Kibana to visualize the logs.

• ConfigMap: Define Fluentd configuration in a ConfigMap.
• Fluentd Deployment: Deploy Fluentd as a DaemonSet or a standalone Pod to collect logs from all nodes.
• Log Verification: Ensure logs are being forwarded correctly to Elasticsearch.

This setup ensures that Fluentd collects logs from your Spring Boot application containers and forwards them to your Elasticsearch instance for storage and analysis.