解决方案
在 Linux 中,内核日志的保存路径并不相同:
1)在 Ubuntu 中,/var/log/kern.log
values.yaml(form Helm Chart)
// ---------------------------------------------------------------------------- // 挂载日志文件
defaultVolumes:
- name: var-log
hostPath:
path: /var/log/
defaultVolumeMounts:
- name: var-log
mountPath: /var/log/
readOnly: true
// ---------------------------------------------------------------------------- // 读取日志文件
config:
snippets:
extraScrapeConfigs: |
- job_name: linux-kernel
static_configs:
- targets:
- localhost
labels:
__path__: /var/log/kern.log
log_category: linux-kernel
hostname: ${HOSTNAME}
// ---------------------------------------------------------------------------- // 解析配置文件中的环境变量
extraArgs:
- -config.expand-env
// ---------------------------------------------------------------------------- // 授予日志文件访问权限
containerSecurityContext:
capabilities:
add:
- DAC_READ_SEARCH
关于 HOSTNAME 变量:Helm Chart 默认修改 HOSTNAME 变量,使其为 nodeName 值,所以该变量不会成为容器名;
关于 DAC_READ_SEARCH 参数:The CAP_DAC_OVERRIDE capability allows the root user to bypass kernel permission checks on file read, write and execute operations. 在这里,我们授予 DAC_READ_SEARCH 即可(仅需读取问题)。否则,在容器中,promtail 读取 /var/log/kern.log 会产生 permission denied 错误;
参考文献
capabilities(7) – Linux manual page
Getting permission denied even as root inside the docker container – Stack Overflow