Configurable log output for the aws-eks-nodeagent in the daemonset
OcamsRazor opened this issue · 3 comments
What would you like to be added:
Hi, I'm wondering if it would be possible to add support for the --log-file argument on the aws-eks-nodeagent container to set /dev/stdout as the log output.
I have found following comment aws/aws-network-policy-agent#50 (comment) but seems this is not yet possible.
I'm deploying the VPC CNI using TF (aws_eks_addon). Is the JSON schema that is used for configuration generated based on the values.yaml file of this chart ?
Why is this needed:
Agent logs and policy decision logs are by default stored in /var/log/aws-routed-eni/network-policy-agent.log. For log scraping with e.g. fluent-bit, pods need to be privileged to gain access to the log file.
Writing logs to stdout would enable standard log tooling to be used
Thanks
The flag https://github.com/aws/aws-network-policy-agent/blob/main/pkg/config/controller_config.go#L10 is configurable via --log-file. It looks like we aren't exposing this in the helm chart here - https://github.com/aws/amazon-vpc-cni-k8s/tree/master/charts/aws-vpc-cni
This needs to be added.
This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.