You implement log forwarding with Fluent Bit at the individual cluster level. This applies to both management clusters and Tanzu Kubernetes clusters that you deploy from the management cluster.
The procedures in this topic describe how to deploy Fluent Bit on management clusters and Tanzu Kubernetes clusters that are running on either vSphere or Amazon EC2.
You deploy Fluent Bit on clusters by applying YAML files from the Tanzu Kubernetes Grid extensions bundle onto clusters.
Perform this procedure on all clusters from which you want to collect logs. You can apply this procedure on either management clusters or Tanzu Kubernetes clusters, that are running on either vSphere or Amazon EC2. The instructions in this procedure assume that you unpacked the bundle of Tanzu Kubernetes Grid extensions in the location in which your are running the commands.
Get the contexts of the clusters from which to gather logs.
tkg get management-cluster.
tkg set management-cluster my-management-clusterthen
tkg get cluster.
Set the focus of
kubectl to the context of the management cluster or Tanzu Kubernetes cluster from which to gather logs.
kubectl config use-context my-cluster-admin@my-cluster
Create a namespace on the cluster for Fluent Bit.
kubectl apply -f tkg-extensions-v1.0.0/logging/fluent-bit/vsphere/00-fluent-bit-namespace.yaml
kubectl apply -f tkg-extensions-v1.0.0/logging/fluent-bit/aws/00-fluent-bit-namespace.yaml
Create role-based access control (RBAC) resources for Fluent Bit.
This procedure creates a cluster role that grants
watch permissions on pods and namespace objects. The
ClusterRoleBinding binds the
ClusterRole to the
ServiceAccount within the logging namespace.
Create a service account.
kubectl apply -f tkg-extensions-v1.0.0/logging/fluent-bit/vsphere/01-fluent-bit-service-account.yaml
kubectl apply -f tkg-extensions-v1.0.0/logging/fluent-bit/aws/01-fluent-bit-service-account.yaml
Create a cluster role.
kubectl apply -f tkg-extensions-v1.0.0/logging/fluent-bit/vsphere/02-fluent-bit-role.yaml
kubectl apply -f tkg-extensions-v1.0.0/logging/fluent-bit/aws/02-fluent-bit-role.yaml
Create a cluster role binding.
kubectl apply -f logging/fluent-bit/vsphere/03-fluent-bit-role-binding.yaml
kubectl apply -f tkg-extensions-v1.0.0/logging/fluent-bit/aws/03-fluent-bit-role-binding.yaml
Depending on whether you use Elastic Search, Kafka, Splunk, or HTTP, configure an output plugin on your cluster.