Fluentd Logging¶
Overview¶
The Cloud-Native Network Functions (CNFs) Fluentd Pod is an open source data collector that can be configured to receive logging data from the BIG-IP Controller, Traffic Management Microkernel (TMM), Edge Firewall, Distributed Session State Managment (dSSM) Pods, and BGP updates from the TMM routing container. The Fluentd Pod must bind to a Kubernetes persistence volume in order to create the necessary log file directories.
This document guides you through understanding, configuring and deploying the f5-fluentd logging container.
Fluentd Service¶
When installing Fluentd, a Service object is created to receive logging data on TCP service port 54321, and forward the data to Fluentd on TCP service port 24224.
Example Fluentd Service:
Name: f5-toda-fluentd
Namespace: cnf-gateway
IP: 10.109.102.215
Port: <unset> 54321/TCP
Endpoints: 10.244.1.75:24224
Example Fluentd integration:
Log file locations¶
Fluentd collects logging data in the following log files:
Container | Log file |
---|---|
f5-dssm-sentinel | /var/log/f5/f5-dssm-sentinel-0/sentinel.log |
f5-dssm-db | /var/log/f5/f5-dssm-db-0/dssm.log |
f5ingress | /var/log/f5/helm_release-f5ingress/pod_name/f5ingress.log |
f5-tmm | /var/log/f5/f5-tmm/pod_name/f5-fsm-tmm.log |
f5-tmm-routing | /var/log/f5/f5-tmm/pod_name/f5-tmm-routing.log |
Note: To modify the TMM logging level, review the tmm_cli section of the Debug Sidecar overview.
Requirements¶
Prior to installing Fluentd, ensure you have:
- An available persistence volume.
- Installed the CNFs software.
- A Linux based workstation with Helm installed.
Procedures¶
Installation¶
Use the following steps to the install the f5-fluentd container.
Change into local directory with the CNF files, and list the files in the tar directory:
In this example, the CNF files are in the cnfinstall directory:
cd cnfinstall
ls -1 tar
In this example, Fluentd Helm chart is named f5-toda-fluentd-1.8.30.tgz:
cnf-docker-images.tgz f5-dssm-0.22.12.tgz f5-toda-fluentd-1.8.30.tgz f5ingress-6.0.13.tgz
Create a Helm values file named fluentd-values.yaml, and set the
image.repository
,persistence.storageClass
, androbinNetworks
parameters:image: repository: <registry> persistence: enabled: true storageClass: "<name>" robinNetworks: true
In this example, Helm pulls the f5-fluentd image from registry.com, and the container will bind to the storageClass named managed-nfs-storage:
image: repository: registry.com persistence: enabled: true storageClass: "managed-nfs-storage" robinNetworks: true
Optional: Add the following parameters to the values file to collect logging data from the Controller, dSSM, and PCCD Pods:
# Collect logging from the Ingress Controller Pod f5ingress_logs: enabled: true stdout: true # Collect logging from the dSSM Pods dssm_logs: enabled: true stdout: true # Configuration for sentinel logs dssm_sentinel_logs: enabled: true stdout: true pccd_logs: enabled: true stdout: true
Install the f5-fluentd container and save the Fluentd hostname for the Controller installation:
helm install f5-fluentd <helm chart> -f <values>
For example:
helm install f5-fluentd f5-toda-fluentd-1.8.30.tgz -f fluentd-values.yaml
Note: In this example, the Fluentd hostname is f5-toda-fluentd.cnf-gateway.svc.cluster.local.:
FluentD hostname: f5-toda-fluentd.cnf-gateway.svc.cluster.local. FluentD port: "54321"
The f5-fluentd container should now be successfully installed:
oc get pods
In this example, the Fluentd Pod STATUS is Running:
NAME READY STATUS f5-toda-fluentd-8cf96967b-jxckr 1/1 Running
Fluentd should also be bound to the persistent volume:
oc get pvc
In this example, the Fluentd Pod PVC displays STATUS as Bound:
NAME STATUS VOLUME STORAGECLASS f5-toda-fluentd Bound pvc-7d36b530-b718-466c-9b6e-895e8f1079a2 managed-nfs-storage
Viewing logs¶
After installing the BIG-IP Controller and dSSM Pods, you can use the following steps to view the logs in the f5-fluentd
container:
Log in to the fluentd container:
kubectl exec -it deploy/f5-toda-fluentd -n <project> -- bash
In this example, the container is in the cnf-gateway Project:
kubectl exec -it deploy/f5-toda-fluentd -n cnf-gateway -- bash
Change to the main logging directory, and list the subdirectories:
cd /var/log/f5; ls
In this example, logging directories are present for the f5ingress, f5-tmm, f5-dssm-db, and f5-dssm-sentinel Pods:
f5-dssm-db-0 f5-dssm-db-1 f5-dssm-db-2 f5-dssm-sentinel-0 f5-dssm-sentinel-1 f5-dssm-sentinel-2 f5-ingress-f5ingress f5-tmm
Change into one of the subdirectories, for example f5-dssm-db-0:
cd f5-dssm-db-0
View the logs using the more command:
more -d dssm.log
Next step¶
Continue to one of the following steps listed by installation precedence:
- Optional: Install the dSSM Database to store session-state information.
- Required: Install the BIG-IP Controller, TMM and AFM Pods.
Feedback¶
Provide feedback to improve this document by emailing cnfdocs@f5.com.