2 min read crispytechtips

How to read logs from Kubernetes worker nodes using kubectl

"I run k8s on a cloud provider so I don't care about worker nodes' logs and I'm so happy of that" Some days later.. Writing on google "How to access k8s worker node's logs in a SaaS solution ..."
How to read logs from Kubernetes worker nodes using kubectl
Sea lion watching for logs out there (Galapagos)

Problem

You probably faced at least one time problems with Kubernetes worker nodes using managed services (like AWS EKS, Azure AKS and so on).
I mention for example a private Kubernetes cluster configuration (aka air gapped k8s) where worker nodes are not properly able to configure themselves for a missing firewall rule.

In many of these cases, because we are in a managed service, it is not easy to get access to worker nodes' logs.

Accessing these logs could save a lot of time, going directly to the error log.

Solution

Kubernetes 1.27 introduced a new feature called Node log query that allows viewing logs of services running on the node.

It basically allows you to query logs usually under /var/log of any worker nodes using kubectl

K8s 1.27 Query Node Logs Using The Kubelet API | by Benson Philemon | Medium

How to use it

# Fetch kubelet logs from a node named node-1.example
kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet"
# Fetch kubelet logs from a node named node-1.example that have the word "error"
kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet&pattern=error"
kubectl get --raw "/api/v1/nodes/<insert-node-name-here>/proxy/logs/?query=/<insert-log-file-name-here>"

Official reference

Kubernetes 1.27: Query Node Logs Using The Kubelet API
Author: Aravindh Puthiyaparambil (Red Hat) Kubernetes 1.27 introduced a new feature called Node log query that allows viewing logs of services running on the node. What problem does it solve? Cluster administrators face issues when debugging malfunctioning services running on the node. They usually…
Kubernetes

Published by:

Yuri Bacciarini

You might also like...

Mar
01
[k8s] kubernetes events logger

[k8s] kubernetes events logger

Cluster administrators usually need to collect Kubernetes events to allow a better troubleshooting. By default Kubernetes does not stream these logs on regular STDOUT, "k8s-event-logger" tools comes exactly for this reason!
1 min read
Feb
28
[k8s] optimize workloads with pod resource recommendations

[k8s] optimize workloads with pod resource recommendations

Most Kubernetes pods could be better configured in terms of resources. Unfortunately, is not so easy out-of-the-box. Robusta KRR (Kubernetes Resource Recommender) comes to help us with it.
1 min read
Feb
20
[docker] optimise distributed builds with remote docker cache

[docker] optimise distributed builds with remote docker cache

Optimize distributed builds with remote docker cache
2 min read
Feb
10
[k8s] resource and cost optimisation with kube-green

[k8s] resource and cost optimisation with kube-green

Gone are the days when we had our applications always up&running. Cloud providers gave us a lot of elasticity, but without a mind change all this magic world will soon become a hell.
1 min read
Feb
10
[GCP] Google Kubernetes Engine autopilot

[GCP] Google Kubernetes Engine autopilot

GKE autopilot is the Kubernetes solution by Google for who wants to run pods and nothing else while having in the meantime a Kubernetes feeling!
2 min read
Tweets by YBacciarini