Fluentd Logging


The Cloud-Native Network Functions (CNFs) Fluentd Pod is an open source data collector that can be configured to receive logging data from the BIG-IP Controller, Traffic Management Microkernel (TMM), Edge Firewall, Distributed Session State Managment (dSSM) Pods, and BGP updates from the TMM routing container. The Fluentd Pod must bind to a Kubernetes persistence volume in order to create the necessary log file directories.

This document guides you through understanding, configuring and deploying the f5-fluentd logging container.

Fluentd Service

When installing Fluentd, a Service object is created to receive logging data on TCP service port 54321, and forward the data to Fluentd on TCP service port 24224.

Example Fluentd Service:

Name:              f5-toda-fluentd
Namespace:         cnf-gateway
Port:              <unset>  54321/TCP

Example Fluentd integration:


Log file locations

Fluentd collects logging data in the following log files:

Container Log file
f5-dssm-sentinel /var/log/f5/f5-dssm-sentinel-0/sentinel.log
f5-dssm-db /var/log/f5/f5-dssm-db-0/dssm.log
f5ingress /var/log/f5/helm_release-f5ingress/pod_name/f5ingress.log
f5-tmm /var/log/f5/f5-tmm/pod_name/f5-fsm-tmm.log
f5-tmm-routing /var/log/f5/f5-tmm/pod_name/f5-tmm-routing.log

_images/spk_info.png Note: To modify the TMM logging level, review the tmm_cli section of the Debug Sidecar overview.


Prior to installing Fluentd, ensure you have:



Use the following steps to the install the f5-fluentd container.

  1. Change into local directory with the CNF files, and list the files in the tar directory:

    In this example, the CNF files are in the cnfinstall directory:

    cd cnfinstall
    ls -1 tar

    In this example, Fluentd Helm chart is named f5-toda-fluentd-1.8.30.tgz:

  2. Create a Helm values file named fluentd-values.yaml, and set the image.repository, persistence.storageClass, and robinNetworks parameters:

      repository: <registry>
      enabled: true
      storageClass: "<name>"
    robinNetworks: true

    In this example, Helm pulls the f5-fluentd image from registry.com, and the container will bind to the storageClass named managed-nfs-storage:

      repository: registry.com
      enabled: true
      storageClass: "managed-nfs-storage"
    robinNetworks: true
  3. Optional: Add the following parameters to the values file to collect logging data from the Controller, dSSM, and PCCD Pods:

    # Collect logging from the Ingress Controller Pod
      enabled: true
      stdout: true
    # Collect logging from the dSSM Pods
      enabled: true
      stdout: true
    # Configuration for sentinel logs
      enabled: true
      stdout: true
      enabled: true
      stdout: true
  4. Install the f5-fluentd container and save the Fluentd hostname for the Controller installation:

    helm install f5-fluentd <helm chart> -f <values>

    For example:

    helm install f5-fluentd f5-toda-fluentd-1.8.30.tgz -f fluentd-values.yaml

    _images/spk_info.png Note: In this example, the Fluentd hostname is f5-toda-fluentd.cnf-gateway.svc.cluster.local.:

    FluentD hostname: f5-toda-fluentd.cnf-gateway.svc.cluster.local.
    FluentD port: "54321"
  5. The f5-fluentd container should now be successfully installed:

    oc get pods

    In this example, the Fluentd Pod STATUS is Running:

    NAME                              READY   STATUS    
    f5-toda-fluentd-8cf96967b-jxckr   1/1     Running  
  6. Fluentd should also be bound to the persistent volume:

    oc get pvc

    In this example, the Fluentd Pod PVC displays STATUS as Bound:

    NAME              STATUS   VOLUME                                     STORAGECLASS
    f5-toda-fluentd   Bound    pvc-7d36b530-b718-466c-9b6e-895e8f1079a2   managed-nfs-storage

Viewing logs

After installing the BIG-IP Controller and dSSM Pods, you can use the following steps to view the logs in the f5-fluentd container:

  1. Log in to the fluentd container:

    kubectl exec -it deploy/f5-toda-fluentd -n <project> -- bash

    In this example, the container is in the cnf-gateway Project:

    kubectl exec -it deploy/f5-toda-fluentd -n cnf-gateway -- bash
  2. Change to the main logging directory, and list the subdirectories:

    cd /var/log/f5; ls

    In this example, logging directories are present for the f5ingress, f5-tmm, f5-dssm-db, and f5-dssm-sentinel Pods:

    f5-dssm-db-0  f5-dssm-db-1  f5-dssm-db-2  f5-dssm-sentinel-0  
    f5-dssm-sentinel-1  f5-dssm-sentinel-2  f5-ingress-f5ingress  f5-tmm  
  3. Change into one of the subdirectories, for example f5-dssm-db-0:

    cd f5-dssm-db-0
  4. View the logs using the more command:

    more -d dssm.log

Next step

Continue to one of the following steps listed by installation precedence:


Provide feedback to improve this document by emailing cnfdocs@f5.com.