Kubernetes CKAD weekly challenge #9 Logging Sidecar

CKS Exam Series | CKA Exam Series | CKAD Exam Series

#####################################

THIS CHALLENGE WON’T BE UPDATED HERE AND MOVED TO:

https://killercoda.com/killer-shell-ckad

######################################

Challenges:

Overview and Tips

1. Creating Pods
2. Namespaces, Deployments and Services
3. CronJobs and Volumes
4. Deployment Rollout Rollback
5. Secrets and ConfigMaps
6. NetworkPolicy
7. Service Migration
8. (moved to CKA challenge series)
9. Logging Sidecar
10. Deployment Hacking
11. SecurityContexts
12. Various Environment Variables
13. ReplicaSet without Downtime

Rules!

1. be fast, avoid creating yaml manually from scratch
2. use only kubernetes.io/docs for help.
3. check my solution after you did yours. You probably have a better one!

Notices

• This challenge was tested on k8s 1.18. Please let us know should you encounter any issues in the comments
• how to be fast with Kubectl ≥ 1.18

Scenario Setup

kubectl create -f https://raw.githubusercontent.com/wuestkamp/k8s-challenges/master/9/scenario.yaml

We have a deployment of one nginx instance and a LoadBalancer service to expose this. So you should be able to access nginx on your external ip:

curl localhost:1234

If you can’t access the nginx via localhost just create a temporary pod to use curl to connect.

The nginx pod has an emptyDir volume setup which is mounted at /var/log/nginx. You should be able to see access logs with:

kubectl exec nginx-54d8ff86dc-tthzg -- tail -f /var/log/nginx/access.log

Todays Task: Create a sidecar container for logging

1. Add a sidecar container of image bash to the nginx pod
2. Mount the pod scoped volume named logs into the sidecar, so same as nginx container does.
3. Our sidecar should pipe the content of file access.log (that’s inside the volume logs because nginx container writes it there) to stdout
4. Check if you can access the logs of your sidecar using kubectl logs.

# 1,2,3 Create a sidecar container in the nginx pod, mount log volume and pipe those to output

We can edit a running deployment and add a sidecar container:

alias k=kubectl
k edit deploy nginx

Or we export it first:

k nginx -o yaml --export > d_nginx.yaml

Now we edit the deployment and add a new container:

...
spec:
  containers:
  - image: bash
    name: sidecar
    volumeMounts:
    - mountPath: /tmp/logs
      name: logs
    command:
      - "/bin/sh"
      - "-c"
      - "tail -f /tmp/logs/access.log"
  - image: nginx
    imagePullPolicy: Always
    name: nginx
...

If you used kubectl edit then your changes will be automatically applied. If you used export via a file then you need to:

k delete deploy nginx
k create -f d_nginx.yaml

# 4 Check if you can access the logs of your sidecar using

curl localhost:1234
k logs nginx-5c989bbd58-wzc6b sidecar

Recap

Sidecars can be helpful to collect logging information or other data and provide it using a standardized method across your cluster for other services to collect, this could be called the Adapter Pattern.

They can also be useful for debugging purposes like investigating network issues. It would be awesome to be able to add a new container which has all the debugging tools needed into a running pod. It seems kubectl-debug let’s you do this though.

ALL CHALLENGES AND TIPS

More on

https://killer.sh