Is it good or if there is some trouble will happen do a logrotate inside k8s pods with common file?

0
votes

enter image description here

Using Kubernetes deploying nginx in several pods. Each pod is mounting access.log file to hostPath in order to read by Filebeat to collect to other output.

If do log rotation in the same cron time in every pod, they are using common access.log file, it works.

I tested with few data in a simple cluster. If large data occurred in production, is it a good plan or something wrong will happen with logrotate's design?

1
nginxkubernetescronfilebeatlogrotate
I wouldn't use hostPath for a place to put the logs: you'll run into trouble if multiple pods wind up on the same node. Using hostPath in a DaemonSet to collect the logs is one of the few places it's appropriate. - David Maze
Then how to use filebeat in this case? - iooi

1 Answers

2
votes

This will not usually work well since logrotate can't see the other nginx processes to sighup them. If nginx in particular can detect a rotation without a hup or other external poke then maybe, but most software cannot.

In general container logs should go to stdout or stderr and be handled by your container layer, which generally handles rotation itself or will include logrotate at the system level.