Collecting Data Plane Logs
Billing
LTS does not charge you for creating log groups and offers a free quota for log collection every month. You pay only for log volume that exceeds the quota.
Control Plane Components
There are two control plane log types. Each log stream corresponds to a component of the Kubernetes control plane. To learn more about these components, see Kubernetes Components.
Log Type |
Component |
Log Stream |
Description |
---|---|---|---|
Control plane component logs |
default-stdout |
stdout-{clusterID} |
Stdout logs Default log group: k8s-logs-{Cluster ID} |
default-event |
event-{clusterID} |
Kubernetes events Default log group: k8s-logs-{Cluster ID} |
Log Collection
- View and configure log collection policies.
- Access the fleet console. In the navigation pane, choose Container Clusters. Then, click the cluster name to access the cluster console. In the navigation pane, choose Logging.
-
Click View Log Collection Policies in the upper right corner.
All log collection policies reported to LTS are displayed.
Figure 1 Viewing log collection policies
If Container standard output and Kubernetes events are selected during add-on installation, two log collection policies will be created, and the collected logs will be reported to the default log group and log streams.
- Click Create Log Policy and configure parameters as required.
Policy Template: If no log collection policy is selected during add-on installation or the log collection policy is deleted, you can use this option to create a default log collection policy.
Figure 2 Policy template
Custom Policy: You can use this option to create custom log collection policies.
Figure 3 Custom policy
- Click Edit to modify an existing log collection policy.
- Click Delete to delete an existing log collection policy.
- View the logs.
- Access the fleet console. In the navigation pane, choose Container Clusters. Then, click the cluster name to access the cluster console. In the navigation pane, choose Logging.
- View different types of logs:
- Container Logs: displays all logs in the default log stream stdout-{Cluster ID} of the default log group k8s-log-{Cluster ID}. You can search for logs by workload for a Huawei Cloud cluster.
Figure 4 Querying container logs
- Kubernetes Events: displays all Kubernetes events in the default log stream event-{Cluster ID} of the default log group k8s-log-{Cluster ID}.
- Control Plane Logs: displays all logs of components on the control plane in the default log stream {Component name}-{Cluster ID} of the default log group k8s-log-{Cluster ID}.
- Control Plane Audit Logs: displays all control plane audit logs in the default log stream audit-{Cluster ID} of the default log group k8s-log-{Cluster ID}.
- Global Log Query: You can view logs in the log streams of all log groups. You can specify a log stream to view the logs. By default, the default log group k8s-log-{Cluster ID} is selected. You can click the edit icon on the right of Switching Log Groups to switch to another log group.
Figure 5 Global log query
- Container Logs: displays all logs in the default log stream stdout-{Cluster ID} of the default log group k8s-log-{Cluster ID}. You can search for logs by workload for a Huawei Cloud cluster.
- Click View Log Collection Policies in the upper right corner. Locate the log collection policy and click View Log to go to the log list.
Figure 6 Viewing logs
Troubleshooting
- "Failed to create log group, the number of log groups exceeds the quota" is reported in the standard output log of log-operator.
Example:
2023/05/05 12:17:20.799 [E] call 3 times failed, resion: create group failed, projectID: xxx, groupName: k8s-log-xxx, err: create groups status code: 400, response: {"error_code":"LTS.0104","error_msg":"Failed to create log group, the number of log groups exceeds the quota"}, url: https://lts.cn-north-4.myhuaweicloud.com/v2/xxx/groups, process will retry after 45s
Solution: On the LTS console, delete unnecessary log groups. For details about the quota limit of log groups, see Log Groups.
- A container file path is configured but is not mounted to the container, and Docker is used as the container engine. As a result, logs cannot be collected.
Solution:
Check whether Device Mapper is used for the node where the workload resides. Device Mapper does not support text log collection. (This restriction has been displayed when you create a log collection policy, as shown in Figure 7.) To check this, perform the following operations:
- Go to the node where the workload resides.
- Run the docker info | grep "Storage Driver" command.
- If the value of Storage Driver is devicemapper, text logs cannot be collected.
- Logs cannot be reported, and "log's quota has full" is reported in the standard output log of the OTel component.
Solution:
LTS provides a free log quota. If the quota is used up, you will be billed for the excess log usage. If an error message is displayed, the free quota has been used up. To continue collecting logs, log in to the LTS console, choose Configuration Center > Quota Configuration, and enable Continue to Collect Logs When the Free Quota Is Exceeded.
- Text logs cannot be collected because wildcards are configured for the collection directory.
Troubleshooting: Check the volume mounting status in the workload configuration. If a volume is attached to the data directory of a service container, this add-on cannot collect data from the parent directory. In this case, you need to set the collection directory to a complete data directory. For example, if the data volume is attached to the /var/log/service directory, logs cannot be collected from the /var/log or /var/log/* directory. In this case, you need to set the collection directory to /var/log/service.
Solution: If the log generation directory is /application/logs/{Application name}/*.log, attach the data volume to the /application/logs directory and set the collection directory in the log collection policy to /application/logs/*/*.log.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot