Send logs from Kubernetes clusters running on AWS Fargate
When you deploy the SWO K8s Collector to an AWS EKS cluster with a Fargate profile, by default, the SWO K8s Collector does not collect any logs from pods running on Fargate. If you wish to collect logs from pods running on Fargate, you must set up the log collection.
Prerequisites
Before you begin, make sure:
-
You have an AWS EKS cluster with a Fargate profile.
-
Kubernetes version 1.23 or later.
-
Clusters using both EC2 node groups and Fargate profiles are also supported.
-
-
You have permissions to configure the Fargate pod execution role.
-
You have reviewed the instructions for deploying the SWO K8s Collector.
Set up Fargate logs
-
Configure the EKS cluster to send Fargate logs to AWS CloudWatch. For manual configuration, see Set up log collection manually. For automatic configuration, see Set up log collection using the SWO K8s Collector.
-
Verify that the logs are available in SolarWinds Observability SaaS. By default, all container logs are collected without any filtering.
Filter Fargate logs
You can filter logs sent to SolarWinds Observability SaaS using the following methods:
-
Apply event filtering to the Lambda that is forwarding logs to SolarWinds Observability SaaS. For more information, see Lambda event filtering.
-
Apply additional FluentBit filters in the ConfigMap that is deployed to the cluster during setup.
Any changes to the ConfigMap will be applied only to pods that start after the modification.
Stop log collection
To stop sending logs from a Fargate EKS cluster to SolarWinds Observability SaaS, follow the instructions below.
-
Remove the Fargate logging configuration from the cluster.
-
If the Fargate logging configuration in the cluster is managed by the SWO K8s Collector, adjust the
values.yaml
file by removing theaws_fargate
section and re-deploying the SWO K8s Collector to the cluster. -
If the Fargate logging configuration in the cluster was created manually, remove the
aws-logging
ConfigMap from theaws-observability
namespace.
-
-
(Optional) Remove the CloudWatch IAM policy applied to the pod execution role during the setup.
-
Remove the Lambda that forwards the logs to SolarWinds Observability SaaS.