Log data is a valuable and often irreplaceable source of troubleshooting data for software developers, especially for complex platforms like Kubernetes. New Relic offers a Fluent Bit output plugin—that you can deploy as a Helm chart—to enable New Relic Logs for Kubernetes to collect cluster log data.
Recently, a customer asked if it’s possible to disable logging from a container or pod after enabling NR Logging for Kubernetes. They wanted to disable access logs from an NGINX server, and Node.js logs coming from an app pod—because those logs weren’t as useful to them, and also because they wanted to optimize costs by not sending unnecessary logging data to New Relic.
Building from this example, we can discuss two different strategies to indicate to Fluent Bit which logs it should pick up and which it should ignore. Both of these will get the job done, but we'll explain why the second strategy is generally your better option.
Building from this example, we can discuss two different strategies to indicate to Fluent Bit which logs it should pick up and which it should ignore. Both of these will get the job done, but we'll explain why the second strategy is generally your better option.
Strategy 1: Edit the parser configuration
This approach changes Fluentd’s parser configuration to specify which log files it should collect. Once you have installed and configured the Fluent Bit plugin, you can configure how the plugin parses log data.
When you install the plugin with Helm, configmap.yml
sets the variable {PATH}
:
That path is used in new-relic-fluent-plugin.yml
to set log tailing for all pods to /var/log/containers/*.log
. Instead of using *.log to tail all logs, replace this default path with your preferred path, as shown:
This is a centralized and simple configuration change, but it can get complicated to manage later on. For example, what if a developer added a new pod or needed new logs? They might not have access to change that central config; or if they do have access, it could become a messy situation with people changing the plugin’s parser config on the fly.
For more information about Fluent Bit's parser configurations, see their documentation.
Strategy 2: Use Kubernetes annotations
In Fluent Bit, Kubernetes annotations are essentially filters you can set to control what logs a pod sends to the Fluent Bit log processor pipeline. More specifically, when you define the config for a pod, you can add the fluentbit.io/exclude, which tells Fluent Bit, "Hey don't log me." The annotation value can be expressed as “true” or “false” and must include quotation marks.
Important: This setting will only be processed if you first enable K8S-Logging.Exclude
in the Fluent Bit Kubernetes Filter, which is disabled by default. Refer to the Fluent Bit docs for a full list of config parameter options.
Here is an example pod definition that uses fluentbit.io/exclude
to request that the Fluent Bit processor skip apache logs:
At this point, you’ve decentralized the configuration for which logs get processed. This gives developers more flexibility for adjusting their logging needs as they add new pods to a cluster.
Get what you need from New Relic Logs for Kubernetes
Once you’ve enabled New Relic Logs for Kubernetes, here are some potential next steps:
이 블로그에 표현된 견해는 저자의 견해이며 반드시 New Relic의 견해를 반영하는 것은 아닙니다. 저자가 제공하는 모든 솔루션은 환경에 따라 다르며 New Relic에서 제공하는 상용 솔루션이나 지원의 일부가 아닙니다. 이 블로그 게시물과 관련된 질문 및 지원이 필요한 경우 Explorers Hub(discuss.newrelic.com)에서만 참여하십시오. 이 블로그에는 타사 사이트의 콘텐츠에 대한 링크가 포함될 수 있습니다. 이러한 링크를 제공함으로써 New Relic은 해당 사이트에서 사용할 수 있는 정보, 보기 또는 제품을 채택, 보증, 승인 또는 보증하지 않습니다.