Better Stack Kubernetes logging

Start logging in 2 minutes

How do you want to integrate Better Stack with your Kubernetes cluster?

Helm

1. Add Helm repository

Add Better Stack Helm repository:

Add Helm repo
helm repo add betterstack-logs https://betterstackhq.github.io/logs-helm-chart
helm repo update

2. Set up Helm chart

Create values.yaml config file with the following contents:

values.yaml values.yaml for Minikube
vector:
  customConfig:
    sinks:
      better_stack_http_sink:
        auth:
          token: $SOURCE_TOKEN
      better_stack_http_metrics_sink:
        auth:
          token: $SOURCE_TOKEN
vector:
  customConfig:
    sinks:
      better_stack_http_sink:
        auth:
          token: $SOURCE_TOKEN
      better_stack_http_metrics_sink:
        auth:
          token: $SOURCE_TOKEN
    sources:
      better_stack_kubernetes_metrics_nodes:
        tls:
          verify_certificate: false
          verify_hostname: false
      better_stack_kubernetes_metrics_pods:
        tls:
          verify_certificate: false
          verify_hostname: false

metrics-server:
  args:
    - --kubelet-insecure-tls

3. Deploy the chart

Install the Better Stack chart:

Install the chart
helm install betterstack-logs betterstack-logs/betterstack-logs -f values.yaml

You should see your logs in Better Stack -> Live tail.

warning

Kubernetes version 1.15 or higher is required.

Need help?

Please let us know at hello@betterstack.com.
We're happy to help! ๐Ÿ™

Kustomize

1. Install Kubernetes Metrics Server

Install Kubernetes Metrics Server into your cluster:

Install Metrics Server
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.6.4/components.yaml

2. Create namespace

Create namespace configuration file:

Create namespace
kubectl create namespace --dry-run=client -o yaml vector > namespace.yaml

3. Set up Kustomization

Save the following config as kustomization.yaml:

Kustomization config
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

# Override the namespace of all of the resources we manage.
namespace: vector

images:
  # Override the Vector image to pin the version used.
  - name: timberio/vector
    newName: timberio/vector
    newTag: 0.28.2-distroless-libc

resources:
  # The namespace previously created to keep the resources in.
  - namespace.yaml
  # RBAC config allowing Vector access to metrics and creating a Secret with the service account.
  - rbac.yaml
  # Include Vector recommended base (from git).
  - github.com/vectordotdev/vector/distribution/kubernetes/vector-agent

configMapGenerator:
  # ConfigMap with Vector config.
  - name: vector
    behavior: replace
    files:
      - vector-agent.toml

patches:
  # Prevent data dir read-only volume mount issue: https://github.com/vectordotdev/helm-charts/issues/226
  # Set volumeMount readOnly: false
  # Also, add vector SA token into an ENV variable, Vector will use it to connect to metrics-server
  - patch: |-
      - op: replace
        path: /spec/template/spec/containers/0/volumeMounts/3/readOnly
        value: false
      - op: add
        path: /spec/template/spec/containers/0/env/-
        value:
          name: SERVICE_ACCOUNT_TOKEN
          valueFrom:
            secretKeyRef:
              name: vector-service-account
              key: token
    target:
      group: apps
      version: v1
      kind: DaemonSet
      name: vector

4. Set up RBAC configuration

Save the following config as rbac.yaml to allow Vector to access the Metrics Server:

RBAC config
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: vector-metrics
  labels:
    app.kubernetes.io/name: vector
    app.kubernetes.io/instance: vector
    app.kubernetes.io/component: Agent
rules:
  - apiGroups:
      - "metrics.k8s.io"
    resources:
      - nodes
      - pods
    verbs:
      - list
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: vector-metrics
  labels:
    app.kubernetes.io/name: vector
    app.kubernetes.io/instance: vector
    app.kubernetes.io/component: Agent
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: vector-metrics
subjects:
  - kind: ServiceAccount
    name: vector
    namespace: vector
---
apiVersion: v1
kind: Secret
metadata:
  name: vector-service-account
  annotations:
    kubernetes.io/service-account.name: "vector"
type: kubernetes.io/service-account-token

5. Set up Vector

Download Vector configuration for your source:

Download Vector config
wget -O vector-agent.toml \
    https://logs.betterstack.com/vector-toml/kubernetes/$SOURCE_TOKEN

6. Reload & restart

Reload Vector configuration and restart it:

Reload and restart
kubectl apply -k .
kubectl rollout restart -n vector daemonset/vector

You should see your logs in Better Stack -> Live tail.

warning

Kubernetes version 1.15 or higher is required.

info

Kubelet certificate needs to be signed by cluster Certificate Authority.

If you're running Kubernetes in Minikube for testing purposes, you can disable certificate validation:

  • add --kubelet-insecure-tls to args config of metrics-server DaemonSet
  • add tls.verify_certificate = false and tls.verify_hostname = false to all http_client sources in vector-agent.toml

Need help?

Please let us know at hello@betterstack.com.
We're happy to help! ๐Ÿ™

Additional information

Interested in reading about installing and configuring Vector in more detail?
Check out the official Vector Kubernetes installation guide.

Head to the best Kubernetes monitoring tools for more resources.