Istio (1.6.4) best practice for log aggregation on K8s

1
votes

We plan to use Istio on our AWS EKS K8s-Cluster and have explored Ingress, Egress and auth via Keycloak so far, but we are a little lost how we can easily aggregate all logs to a single, easy to query and monitoring place. Istio docs are just mentioning Mixer will be dead, but no really help what else could be done.

Scope: Access-Logs, Istiod logs and Apllication/Microservices logs from stdout as well. mTLS is enabled cluster-wide (that seems to make problems using log sidecars)

We use Kiali, but that's not exactly what we need. We are looking more on something like an ELK-Stack or Graylog but idealy more lightweight. We thought of Grafana Loki, but that its quite calm when you google for Istio+Loki... Seems to be not working.

So my question: What would be a best practice for log aggregation with Istio on K8s for all these logs in one place, and what is needed to getting it started (tutorial/how-to link?)

Thanks in advance!

1
kubernetesloggingistioamazon-eksgrafana-loki
The Kubernetes documentation contains some discussion of the Kubernetes Logging Architecture. As the page section notes, though, this is more a cluster-administration topic than a programming question.David Maze

1 Answers

0
votes

Istio docs are just mentioning Mixer will be dead, but no really help what else could be done.

As mentioned in documentation

Mixer is deprecated. The functionality provided by Mixer is being moved into the Envoy proxies.

If you take a look at 1.5 release notes documentation

A new model for extensibility Istio has long been the most extensible service mesh, with Mixer plugins allowing custom policy and telemetry support and Envoy extensions allowing data plane customization. In Istio 1.5 we’re announcing a new model that unifies Istio’s extensibility model with Envoy’s, using WebAssembly (Wasm). Wasm will give developers the ability to safely distribute and execute code in the Envoy proxy – to integrate with telemetry systems, policy systems, control routing and even transform the body of a message. It will be more flexible and more efficient, eliminating the need for running a Mixer component separately (which also simplifies deployments).

Read our Wasm blog post, and look out for posts from Google, Solo.io and the Envoy community for much more detail about this exciting work!

After mixer beeing deprecated there is something new, called telemetry v2

Telemetry V2 lacks a central component (Mixer) with access to K8s metadata, the proxies themselves require the metadata necessary to provide rich metrics. Additionally, features provided by Mixer had to be added to the Envoy proxies to replace the Mixer-based telemetry. Istio Telemetry V2 uses two custom Envoy plugins to achieve just that.

It´s well described there.

So it´s not like mixer is dead and there is nothing else to replace it.

What would be a best practice for log aggregation with Istio on K8s for all these logs in one place, and what is needed to getting it started (tutorial/how-to link?)

I would start with Remotely Accessing Telemetry Addons, which shows how to configure Istio to expose and access the telemetry addons(prometheus,grafana, kiali and jaeger/zipkin).

Everything depends on your use case, by default you can enable prometheus,grafana kiali and jaeger/zipkin versions provided by istio.

Additionally take a look at istio documentation metrics,logs and tracing.

We use Kiali, but that's not exactly what we need. We are looking more on something like an ELK-Stack or Graylog but idealy more lightweight. We thought of Grafana Loki, but that its quite calm when you google for Istio+Loki... Seems to be not working.

As far as I know you should be able to configure istio with elk, but it´s not easy and there is lack of documentation about that.

There is information what you have to do with elasticsearch to make it work and related github issue about that, so I assume elk would work too. Take a look at this tutorial.