tomcatkubernetespermissionslogstashfluent-bit

Fluentbit with Tomcat logs


I am using fluent-bit version 1.4.6 and I am trying to collect logs from a tomcat/logs folder, but I receive:

[error] [input:tail:tail.0] read error, check permissions These files inside the logs folder are all "rw-r-----" (640).

I tried to confirm whether it can read it at all by changing the permissions of a file inside the logs folder and it works, but that does not solve the overall problem.

My question is, is this something that should be set on the tomcat level or it can be done via fluent-bit? Can I start that as a different user?

Thanks in advance!


Solution

  • You didn't specify šŸ‘€ how you deployed fluent-bit.

    But yes you can run it as a different user specifying a SecurityContext in Kubernetes.

    For example:

    apiVersion: apps/v1
    kind: DaemonSet
    metadata:
      name: fluent-bit
      namespace: logging
      labels:
        k8s-app: fluent-bit-logging
        version: v1
        kubernetes.io/cluster-service: "true"
    spec:
      selector:
        matchLabels:
          k8s-app: fluent-bit-logging
      template:
        metadata:
          labels:
            k8s-app: fluent-bit-logging
            version: v1
            kubernetes.io/cluster-service: "true"
          annotations:
            prometheus.io/scrape: "true"
            prometheus.io/port: "2020"
            prometheus.io/path: /api/v1/metrics/prometheus
        spec:
          securityContext:
            runAsUser: 1000 šŸ‘ˆ user id that you want to run the containers in the pod as
          containers:
          - name: fluent-bit
            image: fluent/fluent-bit:1.3.11
            imagePullPolicy: Always
            ports:
              - containerPort: 2020
            volumeMounts:
            - name: varlog
              mountPath: /var/log
            - name: varlibdockercontainers
              mountPath: /var/lib/docker/containers
              readOnly: true
            - name: fluent-bit-config
              mountPath: /fluent-bit/etc/
            - name: mnt
              mountPath: /mnt
              readOnly: true
    ...
    

    āœŒļø