Documentation
Start typing to search…

Kubernetes Logging with Lumigo Operator

Overview

Lumigo’s Kubernetes Operator provides an integrated solution for tracing and logging Kubernetes workloads, enabling users to monitor applications with minimal configuration. Logging with Kubernetes simplifies logging by automatically enabling log collection from workloads across specified namespaces.

Supported Distributions

All runtimes are supported using Container File Collection, while the ones listed below allow a correlation between logs and traces via the Lumigo CRD approach:

Installation with Logging Enabled

To install the Lumigo operator and enable logging for specific namespaces:

helm repo add lumigo https://lumigo-io.github.io/lumigo-kubernetes-operator
helm repo update

This will apply monitoring to the specified namespaces, and by default set log or trace collection to true. To create a Helm values file or pass configuration inline:

cluster:
  name: my-cluster
lumigoToken:
  value: <your-lumigo-token>
monitoredNamespaces:
  - namespace: my-app-namespace
    loggingEnabled: true
    tracingEnabled: true
" | helm upgrade -i lumigo lumigo/lumigo-operator --namespace lumigo-system --create-namespace --values -

There are a few things for you to consider:

  • Adding additional namespaces: Re-run the command above with only the additional namespace(s) added to the monitoredNamespaces list (no need to re-include the ones from previous runs).
  • Opting out from Lumigo monitoring: To opt out of monitoring a a namespace specified in the monitoredNamespaces list, follow the detailed instructions here.
  • Enabling all-encompassing monitoring: To do this, set monitoredNamespaces=all, which allows the Lumigo Kubernetes operator to monitor all the namespaces in the cluster, with traces and logs enabled by default.

📘

Note

We strongly recommend only using this in non-production environments, as it may result in many workloads being restarted over a short time period, causing spikes of CPU and memory consumption. This only applies for existing namespaces at time of running, not future ones.

How It Works

When loggingEnabled: true is set for a namespace, the operator:

  • Injects a sidecar container and modifies the pod's environment variables
  • Forwards logs to Lumigo’s platform where they are correlated with traces and metrics.

Enabling Logging

Lumigo's Kubernetes Operator simplifies the process of monitoring Kubernetes applications by automating the forwarding of logs emitted by traced pods to Lumigo's log-management solution. We support several logging providers, such as logging for Python apps, or Winston and Bunyan for Node.js apps. Enabling log forwarding is done by adding the spec.logging.enabled field to the Lumigo resource:

apiVersion: operator.lumigo.io/v1alpha1
kind: Lumigo
metadata:
  labels:
    app.kubernetes.io/name: lumigo
    app.kubernetes.io/instance: lumigo
    app.kubernetes.io/part-of: lumigo-operator
  name: lumigo
spec:
  lumigoToken: ... # same token used for tracing
  logging:
    enabled: true # enables log forwarding for pods with tracing injected

For detailed instructions on setting up, go here.

Logging Methods

Lumigo provides you with the following logging methods:

ScopingCorrelationReusability with other featuresKubernetes context per log lineMutates podsSupported runtimes and loggers
Lumigo CRDYou can report logs from different namespaces to different projects in Lumigo.Correlates logs to tracesThe same CRD can be also used to apply logging for a given namespaceEach log line shows the entire resource change from container and pod to the parent resource. Includes Deployment, Daemonset, and more.Pods are mutated to add auto-instrumentation for supported loggers.Python, Node and Java, with a selection of supported loggers for each runtime.
Resource LabelsLogs from different resources can be reported to different projects in LumigoCorrelates logs to tracesSeparate labels can be used for both logging and tracingEach log line shows the entire resource change from container and pod to the parent resource (Deployment, Daemonset, etc).Pods from labeled resources only are mutated to add auto-instrumentation for supported librariesPython, Node and Java (with a selection of supported loggers for each runtime)
Container File CollectionAll logs are reported to a single Lumigo project.N/AN/AEach log line shows only the source container, pod and namespace.N/AFull support - all logs from all runtimes and logging libraries are collected.

Disabling Logging

To disable logging for a namespace, rerun the Helm upgrade command and remove or set loggingEnabled: false for that namespace.

Best Practices

  • Use namespace-specific monitoring in production to control resource usage.
  • Avoid monitoredNamespaces: all in production as it can trigger mass restarts and resource spikes.
  • Combine log masking and data redaction practices to maintain privacy compliance.

Further Reading

Updated about 1 month ago