Mounted Hostfile system to windows container to read logs

karthik akkur 1 Reputation point
2022-03-24T20:51:08.587+00:00

I am running a customized fluent-bit workload on a Kubernetes Windows worker node.

https://github.com/fluent/fluent-bit/blob/master/dockerfiles/Dockerfile.windows

I am mounting var/log/containers host filesystem to the fluent-bit pod

apiVersion: apps/v1  
kind: DaemonSet  
metadata:  
  labels:  
    app: fluent-bit  
  name: fluent-bit-windows  
  namespace: signpath  
spec:  
  selector:  
    matchLabels:  
      app: fluent-bit  
  template:  
    metadata:  
      labels:  
        app: fluent-bit  
    spec:  
      nodeSelector:  
       beta.kubernetes.io/os: windows  
      tolerations:  
      - key: "windows"  
        operator: "Equal"  
        value: "2019"  
        effect: "NoSchedule"  
      containers:  
      - image: kartheekakkur1/fluent-bit-1.8:latest  
        imagePullPolicy: IfNotPresent  
        name: fluent-bit  
        resources:  
          limits:  
            memory: 200Mi  
          requests:  
            cpu: 100m  
            memory: 200Mi  
        env:  
        - name: LOGGLY_TAG  
          valueFrom:  
            secretKeyRef:  
              name: fluent-loggly-secrets  
              key: tag  
        - name: LOGGLY_TOKEN  
          valueFrom:  
            secretKeyRef:  
              name: fluent-loggly-secrets  
              key: token  
        volumeMounts:  
        - mountPath: /var/log  
          name: varlog  
          readOnly: false  
        - mountPath: /fluent-bit/etc  
          name: fluent-bit-windows-config  
      volumes:  
      - name: varlog  
        hostPath:  
          path: /var/log  
      - configMap:  
          defaultMode: 420  
          name: fluent-bit-windows-config                                         
        name: fluent-bit-windows-config  
      serviceAccountName: fluent-bit-win  
  updateStrategy:  
    type: RollingUpdate  

All the windows containers are created using the user “user manager\containeradministrator” but the logs written to the folder var/log/containers have BUILTIN/Administrator. Even when I grant the folder access still the fluent-bit cannot read the log files.

186612-2022-03-23-11-24-46.png

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,883 questions
{count} votes