Frequently I get asked “What is the best strategy to enable access to the logs of container pods without giving access to Kubernetes?”. The obvious answer is log forwarding to a central location e.g. Splunk. However because of the cost of platforms like Splunk many organisations choose not to use it in Dev, or at least not straight away.

LogEar aims to bridge the gap. https://github.com/ChrisPhillips-cminion/LogEar

LogEar is a container that runs in Kubernetes and allows access to the log of a single other container via a HTTP request. Multiple instances can be run if multiple container logs are required.

LogEar works by calling the Kubernetes API to access the logs on demand. The user initiates a request via HTTP and this triggers the LogEar Go application running in the LogEar container. The log is then returned to the HTTP requestor.

The common way of doing this is by using a sidecar in same pod. This sidecar takes the logs that must be written to disk and forwards them on. has many advantages over the sidecar implementation. They are:

1. LogEar does not require modifying the original POD
2. LogEar does not require the original application to store the logs to disk. This is sometimes not possible
3. LogEar can be deployed as and when needed with no prior planning.

LogEar is deployed with helm and must have the following helm values set.

params:
  namespace: default #Namespace of the target pod in
  podname: Kubernetes-bootcamp-6bf84cb898-hsg6w #Name of the target pod
  username: unset #Credentials to secure webpage showing the log. If either of these are set to 'unset' then there is no challenge.
  password: unset

In addition, it is recommended that the Ingress should be configured to meet your project needs.

In order to add a very basic security level a username and password can be hard coded in the helm config. If this is set users must provide this username and password over basic auth to access the log.

To use ensure your kubeconfig is correct and helm is installed locally and initialised in the Kubernetes cluster.

1. git clone https://github.com/ChrisPhillips-cminion/LogEar
2. Modify the values file in the helm directory to meet your needs
3. helm install --name <podnamne>-logger ./helm

Notes:

1. The webpage does not auto refresh.
2. A Kubernetes service account is created for each deployment that gives the LogEar pod view access to pods in the desired namespace.