Kubernetes CKAD weekly challenge #9 Logging Sidecar
#####################################
THIS CHALLENGE WON’T BE UPDATED HERE AND MOVED TO:
https://killercoda.com/killer-shell-ckad
######################################
Challenges:
- Creating Pods
- Namespaces, Deployments and Services
- CronJobs and Volumes
- Deployment Rollout Rollback
- Secrets and ConfigMaps
- NetworkPolicy
- Service Migration
- (moved to CKA challenge series)
- Logging Sidecar
- Deployment Hacking
- SecurityContexts
- Various Environment Variables
- ReplicaSet without Downtime
Rules!
- be fast, avoid creating yaml manually from scratch
- use only kubernetes.io/docs for help.
- check my solution after you did yours. You probably have a better one!
Notices
- This challenge was tested on k8s 1.18. Please let us know should you encounter any issues in the comments
- how to be fast with Kubectl ≥ 1.18
Scenario Setup
kubectl create -f https://raw.githubusercontent.com/wuestkamp/k8s-challenges/master/9/scenario.yaml
We have a deployment of one nginx instance and a LoadBalancer service to expose this. So you should be able to access nginx on your external ip:
curl localhost:1234
If you can’t access the nginx via localhost just create a temporary pod to use curl to connect.
The nginx pod has an emptyDir volume setup which is mounted at /var/log/nginx
. You should be able to see access logs with:
kubectl exec nginx-54d8ff86dc-tthzg -- tail -f /var/log/nginx/access.log
Todays Task: Create a sidecar container for logging
- Add a sidecar container of image bash to the nginx pod
- Mount the pod scoped volume named logs into the sidecar, so same as nginx container does.
- Our sidecar should pipe the content of file
access.log
(that’s inside the volume logs because nginx container writes it there) to stdout - Check if you can access the logs of your sidecar using
kubectl logs
.
# 1,2,3 Create a sidecar container in the nginx pod, mount log volume and pipe those to output
We can edit a running deployment and add a sidecar container:
alias k=kubectlk edit deploy nginx
Or we export it first:
k nginx -o yaml --export > d_nginx.yaml
Now we edit the deployment and add a new container:
...spec:
containers:
- image: bash
name: sidecar
volumeMounts:
- mountPath: /tmp/logs
name: logs
command:
- "/bin/sh"
- "-c"
- "tail -f /tmp/logs/access.log"
- image: nginx
imagePullPolicy: Always
name: nginx
...
If you used kubectl edit
then your changes will be automatically applied. If you used export via a file then you need to:
k delete deploy nginx
k create -f d_nginx.yaml
# 4 Check if you can access the logs of your sidecar using
curl localhost:1234k logs nginx-5c989bbd58-wzc6b sidecar
Recap
Sidecars can be helpful to collect logging information or other data and provide it using a standardized method across your cluster for other services to collect, this could be called the Adapter Pattern.
They can also be useful for debugging purposes like investigating network issues. It would be awesome to be able to add a new container which has all the debugging tools needed into a running pod. It seems kubectl-debug let’s you do this though.