OpenShift 容器日志和应用日志分离问题

 

一般来说应用日志和容器日志一样输出到console,这样oc logs的时候就能把所有的获取到，但这种模式下输出的日志比较多，问题定位不方便，更多的时候开发人员只想通过应用日志来查看定位问题就够了，所以可以考虑容器日志和应用日志进行分离。在Openshift的实现如下：

1.打开scc对宿主机访问的限制

[root@master ~]# oc adm policy add-scc-to-user hostaccess -z default
scc "hostaccess" added to: ["system:serviceaccount:project-1:default"]

2.编辑DeploymentConfig.添加volumeMounts

界面上带的添加存储是不支持hostPath的，所以只能自己修改yaml

apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
  annotations:
    openshift.io/generated-by: OpenShiftWebConsole
  creationTimestamp: '2018-12-25T09:40:54Z'
  generation: 8
  labels:
    app: tomcat
  name: tomcat
  namespace: project-1
  resourceVersion: '199951'
  selfLink: /apis/apps.openshift.io/v1/namespaces/project-1/deploymentconfigs/tomcat
  uid: 2c73ab7e-0829-11e9-97d4-080027dc991a
spec:
  replicas: 1
  selector:
    app: tomcat
    deploymentconfig: tomcat
  strategy:
    activeDeadlineSeconds: 21600
    resources: {}
    rollingParams:
      intervalSeconds: 1
      maxSurge: 25%
      maxUnavailable: 25%
      timeoutSeconds: 600
      updatePeriodSeconds: 1
    type: Rolling
  template:
    metadata:
      annotations:
        openshift.io/generated-by: OpenShiftWebConsole
      creationTimestamp: null
      labels:
        app: tomcat
        deploymentconfig: tomcat
    spec:
      containers:
        - image: >-
            docker-registry.default.svc:5000/project-1/tomcat@sha256:8f701fff708316aabc01520677446463281b5347ba1d6e9e237dd21de600f809
          imagePullPolicy: Always
          name: tomcat
          ports:
            - containerPort: 8080
              protocol: TCP
          resources: {}
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          volumeMounts:
            - mountPath: /var/applogs
              name: log-storage
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
        - hostPath:
            path: /apps/project-1/tomcat
            type: ''
          name: log-storage
  test: false
  triggers:
    - type: ConfigChange
    - imageChangeParams:
        automatic: true
        containerNames:
          - tomcat
        from:
          kind: ImageStreamTag
          name: 'tomcat:8-slim'
          namespace: project-1
        lastTriggeredImage: >-
          docker-registry.default.svc:5000/project-1/tomcat@sha256:8f701fff708316aabc01520677446463281b5347ba1d6e9e237dd21de600f809
      type: ImageChange
status:
  availableReplicas: 1
  conditions:
    - lastTransitionTime: '2018-12-30T02:30:36Z'
      lastUpdateTime: '2018-12-30T02:30:36Z'
      message: Deployment config has minimum availability.
      status: 'True'
      type: Available
    - lastTransitionTime: '2018-12-30T04:42:52Z'
      lastUpdateTime: '2018-12-30T04:42:54Z'
      message: replication controller "tomcat-7" successfully rolled out
      reason: NewReplicationControllerAvailable
      status: 'True'
      type: Progressing
  details:
    causes:
      - type: ConfigChange
    message: config change
  latestVersion: 7
  observedGeneration: 8
  readyReplicas: 1
  replicas: 1
  unavailableReplicas: 0
  updatedReplicas: 1

如果通过template来创建，可以将部署的dc参数化

volumes:
        - hostPath:
            path: /apps/{NAMESPACES}/{DEPLOYMENT_NAME}
            type: ''
          name: log-storage

启动以后就看到在容器内部多了一个/var/applogs的目录

同时在宿主机上自动建立了一个project-1/tomcat的目录

就可以配置日志云收集/apps下所有的日志内容了。