Kubernetes Pod的日志到底来自哪里（在容器级别）？ [英] Where exactly do the logs of kubernetes pods come from (at the container level)?

问题描述

我希望将某些日志从使用 kubectl exec 运行的命令重定向到该pod的日志，以便可以使用 kubectl读取它们日志< pod-name> （或者实际上是 /var/log/containers/<pod-name>.log ）。运行命令时，我可以看到需要的日志作为输出，它们存储在运行容器中的单独日志目录中。

I'm looking to redirect some logs from a command run with kubectl exec to that pod's logs, so that they can be read with kubectl logs <pod-name> (or really, /var/log/containers/<pod-name>.log). I can see the logs I need as output when running the command, and they're stored inside a separate log directory inside the running container.

将输出（即>&log; logfile.log ）重定向到我认为正在镜像的文件位于 kubectl日志< pod-name> 中不会更新该容器的日志，也不会重定向到stdout。

Redirecting the output (i.e. >> logfile.log) to the file which I thought was mirroring what is in kubectl logs <pod-name> does not update that container's logs, and neither does redirecting to stdout.

在调用 kubectl日志< pod-name> 时，我的理解是kubelet从内部 / var / log / containers / 目录。但是，什么决定哪些日志存储在此处？是否与将日志存储在任何其他Docker容器中的过程相同？

When calling kubectl logs <pod-name>, my understanding is that kubelet gets them from it's internal /var/log/containers/ directory. But what determines which logs are stored there? Is it the same process as the way logs get stored inside any other docker container?

是否可以检查/跟踪日志记录过程，或确定这些日志在何处？

Is there a way to examine/trace the logging process, or determine where these logs are coming from?

推荐答案

STDOUT 和<$ c $的日志捕获容器中的c> STDERR 个容器并将其存储在/ var / log / containers中的文件内。这是运行 kubectl日志时显示的内容。

Logs from the STDOUT and STDERR of containers in the pod are captured and stored inside files in /var/log/containers. This is what is presented when kubectl log is run.

为了理解为什么kubectl运行的命令的输出在运行 kubectl日志时未显示exec，下面以一个示例来看一下它们的工作方式：

In order to understand why output from commands run by kubectl exec is not shown when running kubectl log, let's have a look how it all works with an example:

第一个启动运行永久睡眠的ubuntu容器：

First launch a pod running ubuntu that are sleeping forever:

$> kubectl run test --image=ubuntu --restart=Never -- sleep infinity

执行到其中

$> kubectl exec -it test bash

从容器内部看到的是 STDOUT捕获的PID 1的和 STDERR 。当您在容器中执行 kubectl执行程序时，将与PID 1一起创建一个新进程：

Seen from inside the container it is the STDOUT and STDERR of PID 1 that are being captured. When you do a kubectl exec into the container a new process is created living alongside PID 1:

root@test:/# ps -auxf
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         7  0.0  0.0  18504  3400 pts/0    Ss   20:04   0:00 bash
root        19  0.0  0.0  34396  2908 pts/0    R+   20:07   0:00  \_ ps -auxf
root         1  0.0  0.0   4528   836 ?        Ss   20:03   0:00 sleep infinity

重定向到 STDOUT 不起作用，因为 / dev / stdout 是访问它的进程的符号链接（ / proc / self / fd / 1 而不是 / proc / 1 / fd / 1 ）。

Redirecting to STDOUT is not working because /dev/stdout is a symlink to the process accessing it (/proc/self/fd/1 rather than /proc/1/fd/1).

root@test:/# ls -lrt /dev/stdout
lrwxrwxrwx 1 root root 15 Nov  5 20:03 /dev/stdout -> /proc/self/fd/1

为了查看使用<$ c运行的命令的日志$ c> kubectl exec 日志需要重定向到kubelet捕获的流（ STDOUT 和 STDERR （pid 1）。可以通过将输出重定向到 / proc / 1 / fd / 1 来完成。

In order to see the logs from commands run with kubectl exec the logs need to be redirected to the streams that are captured by the kubelet (STDOUT and STDERR of pid 1). This can be done by redirecting output to /proc/1/fd/1.

root@test:/# echo "Hello" > /proc/1/fd/1

退出交互式shell并使用<$ c $检查日志c> kubectl日志现在应该显示输出

Exiting the interactive shell and checking the logs using kubectl logs should now show the output

$> kubectl logs test
Hello

这篇关于Kubernetes Pod的日志到底来自哪里（在容器级别）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！