Collect application logs with AliyunLogConfig-Container Compute Service(ACS)-阿里云帮助中心

Step 1: Enable the Log Service add-on

You can select Enable Log Service when you create an ACS cluster to automatically enable the Log Service add-on. If you did not select this option during cluster creation, you can follow these steps to enable the add-on for an existing cluster.

Log on to the ACS console. In the left navigation pane, click Clusters.
On the Clusters page, click the name of the target cluster. In the left navigation pane, click Add-ons.
In the Logs and Monitoring section, find alibaba-log-controller. Click Install. In the Install dialog box, click OK.

Important

If you have customized the configuration and environment variables for alibaba-log-controller, the upgrade overwrites these parameters, and you must reconfigure them.

Step 2: Create an AliyunLogConfig custom resource

You can use an AliyunLogConfig custom resource to collect stdout and file logs from specific applications. To create a custom resource, choose Custom Resources > CRDs> Create from YAML in the left-side navigation pane. The following table describes the main parameters for an AliyunLogConfig custom resource.

Parameter	Description	Example
`.metadata.name`	The name of the log collection configuration resource. The name must be unique within the ACS cluster.	test-stdout
`.spec.project`	Optional. The name of the Project. We recommend that you use the `k8s-log-{ACS_cluster_ID}` format.	k8s-log-c326bc86****
`.spec.logstore`	Required. The name of the Logstore. If the Logstore does not exist, Simple Log Service creates it automatically.	test-stdout
`.spec.logtailConfig.inputType`	The data source type. `file` indicates file logs, and `plugin` indicates stdout.	plugin
`.spec.logtailConfig.configName`	The name of the Logtail configuration. This must be the same as the resource name specified in `metadata.name`.	test-stdout
`.spec.logtailConfig.inputDetail`	The detailed Logtail configuration. This includes settings for collecting stdout logs and file logs.	`plugin: inputs: - type: service_docker_stdout detail: Stdout: true Stderr: true` This collects the container's standard output (`Stdout`) and standard error (`Stderr`).
`.spec.logtailConfig.inputDetail.advanced`	Extended Logtail configuration features. The `k8s` settings include: `K8sNamespaceRegex`: Filter pods by namespace. Regular expressions are supported. `K8sContainerRegex`: Filter containers by container name. Regular expressions are supported. `K8sPodRegex`: Filter pods by pod name. Regular expressions are supported. `IncludeK8sLabel`: Match by pod labels.	`k8s: K8sNamespaceRegex: ^(default)$ K8sContainerRegex: ^(busybox)$ K8sPodRegex: ^backend.+$ IncludeK8sLabel: app: backend application: prod` Logtail collects container logs only when all of the following conditions are met: The namespace is `default`. The Pod name starts with `backend`. The container name is `busybox`. The pod has the labels `app: backend` and `application: prod`.

For more information about the configuration parameters, see Logtail configurations (legacy).

Example 1: Collect specific stdout logs

To collect stdout logs (including stderr) and filter them by specific pods or containers, add matching rules to the detail section of the input configuration. Apply the following configuration to your ACS cluster.

apiVersion: log.alibabacloud.com/v1alpha1      
kind: AliyunLogConfig                         
metadata:
  name: test-stdout               
spec:
  project: k8s-log-c326bc86****    # Replace this with the actual name of your Project.
  logstore: test-stdout                           
  shardCount: 2                                           
  lifeCycle: 90                    
  logtailConfig:                   
    inputType: plugin                                             
    configName: test-stdout        
    inputDetail:                   
      plugin:
        inputs:
          - type: service_docker_stdout
            detail:
              Stdout: true
              Stderr: true
              K8sNamespaceRegex: ^(default)$    
              K8sContainerRegex: ^(busybox)$    
              K8sPodRegex: ^backend.+$          
              IncludeK8sLabel:                  
                app: backend
                application: prod

Example 2: Collect specific file logs

To collect file logs from specific pods or containers, add matching rules within an advanced block inside the inputDetail configuration. Apply the following configuration to your ACS cluster.

apiVersion: log.alibabacloud.com/v1alpha1
kind: AliyunLogConfig
metadata:
  name: test-file                  
spec:
  project: k8s-log-c326bc86****    # Replace this with the actual name of your Project.
  logstore: test-file                 
  logtailConfig:                   
    inputType: file                
    configName: test-file           
    inputDetail:                  
      logType: common_reg_log      
      logPath: /log/               
      filePattern: "*.log"         
      dockerFile: true             
      advanced:
        k8s:
          K8sNamespaceRegex: ^(default)$    
          K8sContainerRegex: ^(busybox)$    
          K8sPodRegex: ^backend.+$          
          IncludeK8sLabel:                  
            app: backend
            application: prod

Note

After you create the test-stdout and test-file AliyunLogConfig custom resources, follow the instructions in Step 4: View logs in the SLS console to check whether the corresponding Logstores are created. If not, review and modify your configurations based on Logtail configurations (legacy).

Step 3: Create a sample application

After you create the AliyunLogConfig custom resource, Simple Log Service (SLS) automatically collects logs from new pods that match the configuration. You can create the following sample application to test the log collection.

The following example shows a sample application that is deployed as a Deployment. After the container starts, it runs commands to continuously print logs to stdout and a log file.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: backend-busybox
  labels:
    app: backend
    application: prod
spec:
  replicas: 1
  selector:
    matchLabels:
      app: backend
      application: prod
  template:
    metadata:
      name: backend-busybox
      labels:
        app: backend
        application: prod
    spec:
      containers:
      - args:
        - -c
        - mkdir -p /log; while true; do echo hello world; date; echo hello sls >> /log/busybox.log; sleep 1; done
        command:
        - /bin/sh
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/busybox:1.28
        imagePullPolicy: Always
        name: busybox

Step 4: View logs in the SLS console

After you apply the configuration, Simple Log Service (SLS) collects and stores logs from the sample application. You can view the container logs in the SLS console.

Log on to the SLS console.
In the Projects section, click the Project for your ACS cluster (default: k8s-log-{ACS_cluster_ID}) to open the Logstores list.
In the list, click the name of the Logstore specified in your log collection configuration to view the logs in a new tab.

In this example, you can view the stdout logs (in the test-stdout Logstore) and the container file logs (in the test-file Logstore) on the log query page.

On the query page for the test-stdout Logstore, you can see that SLS has collected 582 logs. The raw logs contain fields such as _container_name_, _image_name_, _namespace_, _pod_name_, _source_ (with the value stdout), and content. This confirms that the stdout logs from the busybox container were successfully collected.

The query results for the test-file Logstore show that the file logs from the busybox container were successfully collected. The source path is /log/busybox.log, and the log content is content: hello sls.

More information

For troubleshooting guidance, see Troubleshoot Logtail log collection failures.