\u524d\u63d0\u6761\u4ef6<\/h3>\n\n- kubectl<\/a>\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b<\/li>\n
- eksctl<\/a>\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b<\/li>\n<\/ul>\n
1. EKS\u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210\u3059\u308b<\/h3>\n
\u307e\u305a\u4eca\u56de\u306e\u30ed\u30b0\u8ee2\u9001\u3067\u4f7f\u7528\u3059\u308b\u691c\u8a3c\u7528\u306eEKS\u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002
\neks-cluster-config.yaml<\/code><\/p>\napiVersion: eksctl.io\/v1alpha5\nkind: ClusterConfig\nmetadata:\n name: fluentbit\n region: us-east-1\n version: '1.16'\niam:\n withOIDC: true\nfargateProfiles:\n - name: defaultfp\n selectors:\n - namespace: demo\n - namespace: kube-system\ncloudWatch:\n clusterLogging:\n enableTypes: ["*"]<\/code><\/pre>\neksctl\u30b3\u30de\u30f3\u30c9\u3067EKS\u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n
$ eksctl create cluster -f eks-cluster-config.yaml<\/code><\/pre>\n\u5b8c\u4e86\u3059\u308b\u3068\u3001EKS\u30af\u30e9\u30b9\u30bf\u30fc\u304c\u4f5c\u6210\u3055\u308c\u3066\u3044\u307e\u3059\u3002
\n![\"\"](\"\/images\/2021\/08\/eks_cluster_for_fluent_bit_sample.png\")
<\/p>\n
2. Fluent Bit for Amazon EKS on AWS Fargate\u5c02\u7528\u306enamespace\u3092\u4f5c\u6210\u3059\u308b<\/h3>\n
Fluent Bit for Amazon EKS on AWS Fargate\u5c02\u7528\u306enamespace\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002
\n\u3053\u306e\u969b\u3001namespace\u540d\u306faws-observability<\/code>\u3067\u3042\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\naws-observability-namespace.yaml<\/code><\/p>\nkind: Namespace\napiVersion: v1\nmetadata:\n name: aws-observability\n labels:\n aws-observability: enabled<\/code><\/pre>\nnamespace\u7528\u306e\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u3092apply\u3057\u307e\u3059<\/p>\n
$ kubectl apply -f aws-observability-namespace.yaml\nnamespace\/aws-observability created<\/code><\/pre>\n3. ConfigMap\u3092\u4f5c\u6210\u3057\u3066\u3001Fargate\u30ed\u30b0\u306e\u9001\u4fe1\u5148\u3092\u8a2d\u5b9a\u3059\u308b<\/h3>\n
\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n
aws-observability-namespace.yaml<\/code><\/p>\nkind: ConfigMap\napiVersion: v1\nmetadata:\n name: aws-logging\n namespace: aws-observability\n labels:\ndata:\n output.conf: |\n [OUTPUT]\n Name cloudwatch\n Match *\n region us-east-1\n log_group_name \/aws\/eks\/fluent-bit-cloudwatch\n log_stream_prefix from-fluent-bit-\n auto_create_group true<\/code><\/pre>\nregion<\/code> \u2192 \u30ed\u30b0\u8ee2\u9001\u5148\u3068\u306a\u308bCloudwatchLogs\u306eAWS\u30ea\u30fc\u30b8\u30e7\u30f3
\nlog_group_name<\/code> \u2192 \u30ed\u30b0\u8ee2\u9001\u5148\u3068\u306a\u308bCloudwatchLogs\u306e\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7\u540d
\nlog_stream_prefix<\/code> \u2192 CloudwatchLogs\u30ed\u30b0\u30b9\u30c8\u30ea\u30fc\u30e0\u306eprefix\u306b\u30bb\u30c3\u30c8\u3055\u308c\u308b\u547d\u540d
\nauto_create_group<\/code> \u2192 true\u306b\u3059\u308b\u3068\u3001log_group_name<\/code>\u3067\u6307\u5b9a\u3057\u305f\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7\u304cCloudwatchLogs\u306b\u307e\u3060\u5b9f\u5728\u3057\u306a\u3044\u5834\u5408\u3001\u81ea\u52d5\u3067\u305d\u306e\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7\u3092\u4f5c\u6210\u3057\u3066\u304f\u308c\u308b<\/p>\n\u3053\u306e\u969b\u3001Name<\/code>\u306b\u306fOUTPUT\u30d7\u30e9\u30b0\u30a4\u30f3\u540d\u3092\u30bb\u30c3\u30c8\u3057\u307e\u3059\u3002
\n\u5229\u7528\u53ef\u80fd\u306a\u3082\u306e\u3068\u3057\u3066\u306fC\u8a00\u8a9e\u3067\u66f8\u304b\u308c\u305fcloudwatch_logs<\/code>\u3068Go\u8a00\u8a9e\u3067\u66f8\u304b\u308c\u305fcloudwatch<\/code>\u304c\u3042\u308a\u307e\u3059\u304c\u3001\u5b9f\u969b\u306e\u672c\u756a\u30ef\u30fc\u30af\u30ed\u30fc\u30c9\u3067\u306f
\ncloudwatch_logs<\/code>\u3067\u306f\u306a\u304f\u3001cloudwatch<\/code>\u3092\u30bb\u30c3\u30c8\u3059\u308b\u3053\u3068\u3092\u63a8\u5968\u3044\u305f\u3057\u307e\u3059\u3002<\/strong>
\ncloudwatch_logs<\/code>\u3092\u30bb\u30c3\u30c8\u3057\u3066\u3057\u307e\u3063\u305f\u5834\u5408\u3001\u30ed\u30b0\u306e\u9001\u4fe1\u304c\u505c\u6b62\u3057\u3066\u3057\u307e\u3046\u4e0d\u5177\u5408\u304c\u751f\u3058\u3066\u3057\u307e\u3046\u53ef\u80fd\u6027\u304c\u3042\u308b\u304b\u3089\u3067\u3059\u3002(\u203b\u516c\u5f0fAWS\u30b5\u30dd\u30fc\u30c8\u554f\u3044\u5408\u308f\u305b\u6e08\u307f)<\/p>\nConfigMap\u7528\u306e\u30d5\u30a1\u30a4\u30eb\u3092apply\u3057\u307e\u3059<\/p>\n
$ kubectl apply -f aws-observability-namespace.yaml\nconfigmap\/aws-logging created<\/code><\/pre>\n4. CloudWatchLogs\u3078\u306e\u66f8\u304d\u8fbc\u307f\u6a29\u9650\u3092\u4ed8\u4e0e\u3059\u308b<\/h3>\n
EKS on Fargate\u306e\u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306bCloudWatchLogs\u3078\u306e\u30ed\u30b0\u66f8\u304d\u8fbc\u307f\u6a29\u9650\u304c\u8a31\u53ef\u3055\u308c\u3066\u3044\u308bIAM\u30dd\u30ea\u30b7\u30fc\u3092\u30a2\u30bf\u30c3\u30c1\u3057\u307e\u3059\u3002<\/p>\n
EKS on Fargate \u30af\u30e9\u30b9\u30bf\u30fc\u306e\u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306f\u30b3\u30f3\u30bd\u30fc\u30eb\u4e0a\u306a\u3069\u304b\u3089\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002
\n![\"\"](\"\/images\/2021\/08\/pod_execution_role_for_eks_cluster.jpg\")
<\/p>\n
# \u4eca\u56de\u691c\u8a3c\u7528\u306e\u30b5\u30f3\u30d7\u30ebIAM\u30dd\u30ea\u30b7\u30fc\u306ejson\u3092\u53d6\u5f97\n$ curl -o permissions.json \\\nhttps:\/\/raw.githubusercontent.com\/aws-samples\/amazon-eks-fluent-logging-examples\/mainline\/examples\/fargate\/cloudwatchlogs\/permissions.json\n % Total % Received % Xferd Average Speed Time Time Time Current\n Dload Upload Total Spent Left Speed\n100 215 100 215 0 0 689 0 --:--:-- --:--:-- --:--:-- 686\n\n# CloudWatchLogs\u3078\u306e\u30ed\u30b0\u66f8\u304d\u8fbc\u307f\u6a29\u9650\u304c\u8a31\u53ef\u3055\u308c\u3066\u3044\u308bIAM\u30dd\u30ea\u30b7\u30fc\u3092\u4f5c\u6210\n$ aws iam create-policy \\\n--policy-name eks-fargate-fluent-bit-cloudwatch-sample \\\n--policy-document file:\/\/permissions.json\n{\n "Policy": {\n "PolicyName": "eks-fargate-fluent-bit-cloudwatch-sample",\n "PolicyId": "ANPATELHUHM263Z5IG6S4",\n "Arn": "arn:aws:iam::xxxxxxxxxxxxxxxx:policy\/eks-fargate-fluent-bit-cloudwatch-sample",\n "Path": "\/",\n "DefaultVersionId": "v1",\n "AttachmentCount": 0,\n "PermissionsBoundaryUsageCount": 0,\n "IsAttachable": true,\n "CreateDate": "2021-07-24T12:13:20+00:00",\n "UpdateDate": "2021-07-24T12:13:20+00:00"\n }\n}\n\n# IAM\u30dd\u30ea\u30b7\u30fc\u3092EKS on Fargate\u306e\u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306b\u30a2\u30bf\u30c3\u30c1\n$ aws iam attach-role-policy \\\n--policy-arn arn:aws:iam::xxxxxxxxxxxxxxxx:policy\/eks-fargate-fluent-bit-cloudwatch-sample \\\n--role-name eksctl-fluentbit-cluster-FargatePodExecutionRole-G5P7ZMG795KS<\/code><\/pre>\n\u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306bIAM\u30dd\u30ea\u30b7\u30fc\u304c\u30a2\u30bf\u30c3\u30c1\u3055\u308c\u3066\u3044\u307e\u3059\u3002
\n![\"\"](\"\/images\/2021\/08\/attach_iam_policy_to_pod_execution_role.jpg\")
<\/p>\n
5.\u3000\u691c\u8a3c\u7528\u30ed\u30b0\u51fa\u529b\u30ea\u30bd\u30fc\u30b9\u3092\u69cb\u7bc9\u3059\u308b<\/h3>\n
\u6700\u5f8c\u306b\u3001Pod\u30ed\u30b0\u3092\u691c\u8a3c\u7528\u306b\u751f\u6210\u3055\u305b\u308b\u30ea\u30bd\u30fc\u30b9\u69cb\u7bc9\u3092\u884c\u3044\u307e\u3059\u3002
\n\u4ee5\u4e0b\u306e2\u3064\u306e\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u3092\u751f\u6210\u3057\u3066apply\u3057\u307e\u3059\u3002<\/p>\n
demo-namespace.yaml<\/code><\/p>\nkind: Namespace\napiVersion: v1\nmetadata:\n name: demo<\/code><\/pre>\nlogger-server.yaml<\/code><\/p>\napiVersion: apps\/v1\nkind: Deployment\nmetadata:\n name: logger-server\nspec:\n selector:\n matchLabels:\n app: nginx\n replicas: 1\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: main\n image: nginx:1.14.2\n ports:\n - containerPort: 80<\/code><\/pre>\n$ kubectl apply -f demo-namespace.yaml\nnamespace\/demo created<\/code><\/pre>\n$ kubectl -n demo apply -f logger-server.yaml && kubectl -n demo expose deploy logger-server\ndeployment.apps\/logger-server created\nservice\/logger-server exposed<\/code><\/pre>\n\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u30d5\u30a1\u30a4\u30ebapply\u5f8c\u306b\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u3066\u30ed\u30b0\u3092\u751f\u6210\u3057\u307e\u3059\u3002<\/p>\n
$ kubectl -n demo port-forward svc\/logger-server 8080:80 \nForwarding from 127.0.0.1:8080 -> 80\nForwarding from [::1]:8080 -> 80\nHandling connection for 8080\n\n$ curl localhost:8080<\/code><\/pre>\n\u672c\u8a18\u4e8b\u3067\u306f\u3001EKS\u30af\u30e9\u30b9\u30bf\u53ca\u3073Pod\u524d\u63d0\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u69cb\u7bc9\u3092\u884c\u306a\u3063\u3066\u3044\u307e\u3059\u304c\u3001\u65e2\u306b\u69cb\u7bc9\u6e08\u307f\u306ePod\u4e0a\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30ed\u30b0\u3092CloudWatchLogs\u306b\u8ee2\u9001\u3057\u305f\u3044\u5834\u5408\u306f\u3001\u5bfe\u8c61Pod\u306e\u518d\u8d77\u52d5\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n
# \u5bfe\u8c61\u3068\u306a\u308bdeployment\u540d\u306e\u78ba\u8a8d\n$ kubectl -n {namespace} get deploy\n# Pod\u518d\u8d77\u52d5\n$ kubectl -n {namespace} rollout restart deploy {deployment\u540d}<\/code><\/pre>\n6.\u3000CloudWatchLogs\u306b\u30ed\u30b0\u304c\u8ee2\u9001\u3055\u308c\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3059\u308b<\/h3>\n
\u5b9f\u969b\u306b\u624b\u98063.\u3067\u6307\u5b9a\u3057\u305f\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7\/aws\/eks\/fluent-bit-cloudwatch<\/code>\u3092\u78ba\u8a8d\u3059\u308b\u3068\u3001\u30ed\u30b0\u304c\u8ee2\u9001\u3055\u308c\u3066\u3044\u307e\u3059\u3002
\n![\"\"](\"\/images\/2021\/08\/cloudwatchlogs_eks_fluent_bit.png\")
<\/p>\n\u307e\u3068\u3081<\/h2>\n
Fluent Bit for Amazon EKS on AWS Fargate\u3092\u5229\u7528\u3057\u305fCloudWatchLogs\u3078\u306e\u30ed\u30b0\u8ee2\u9001\u65b9\u6cd5\u3092\u3054\u7d39\u4ecb\u3055\u305b\u3066\u3044\u305f\u3060\u304d\u307e\u3057\u305f\u3002
\nAWS\u516c\u5f0f\u30d6\u30ed\u30b0\u3067\u306fOUTPUT\u30d7\u30e9\u30b0\u30a4\u30f3\u306bcloudwatch_logs<\/code>\u3092\u5229\u7528\u3057\u3066\u3044\u307e\u3059\u304c\u3001\u5148\u8ff0\u306e\u901a\u308acloudwatch<\/code>\u306e\u3054\u5229\u7528\u3092\u304a\u52e7\u3081\u3044\u305f\u3057\u307e\u3059\u3002<\/p>\n\u53c2\u8003<\/h2>\n
Fluent Bit for Amazon EKS on AWS Fargate \u3092\u30ea\u30ea\u30fc\u30b9<\/a>
\nFargate \u30ed\u30b0\u8a18\u9332<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"\u306f\u3058\u3081\u306b \u4eca\u56de\u306fAmazon EKS on Fargate\u4e0a\u306ePod\u30ed\u30b0\u3092AWS CloudWatch Logs\u306b\u8ee2\u9001\u3059\u308b\u624b\u6bb5\u4e26\u3073\u306b\u6ce8\u610f\u70b9\u306b\u3064\u3044\u3066\u66f8\u304b\u305b\u3066\u3044\u305f\u3060\u304d\u307e\u3059\u3002 \u4ee5\u524d\u3067\u306fAmazon EKS on Fargate\u4e0a\u306ePod\u30ed\u30b0\u3092AWS CloudWatch Logs\u306b\u8ee2\u9001\u3059\u308b\u969b\u306b\u306f\u30b5\u30a4\u30c9\u30ab\u30fc\u3092\u5c0e\u5165\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3057\u305f\u304c\u3001 \u73fe\u5728\u3067\u306f\u7d44\u307f\u8fbc\u307f\u306e\u30ed\u30b0\u30eb\u30fc\u30bf\u30fc\u3092\u5229\u7528\u3059\u308b\u3053\u3068\u3067\u30b5\u30a4\u30c9\u30ab\u30fc\u306e\u5c0e\u5165\u304c\u4e0d\u8981 […]<\/p>\n","protected":false},"author":10,"featured_media":2011,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13],"tags":[344,408,406],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/1704"}],"collection":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/comments?post=1704"}],"version-history":[{"count":21,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/1704\/revisions"}],"predecessor-version":[{"id":1739,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/1704\/revisions\/1739"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/media\/2011"}],"wp:attachment":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/media?parent=1704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/categories?post=1704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/tags?post=1704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
1. EKS\u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210\u3059\u308b<\/h3>\n
\u307e\u305a\u4eca\u56de\u306e\u30ed\u30b0\u8ee2\u9001\u3067\u4f7f\u7528\u3059\u308b\u691c\u8a3c\u7528\u306eEKS\u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002 eksctl\u30b3\u30de\u30f3\u30c9\u3067EKS\u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n \u5b8c\u4e86\u3059\u308b\u3068\u3001EKS\u30af\u30e9\u30b9\u30bf\u30fc\u304c\u4f5c\u6210\u3055\u308c\u3066\u3044\u307e\u3059\u3002 Fluent Bit for Amazon EKS on AWS Fargate\u5c02\u7528\u306enamespace\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002 namespace\u7528\u306e\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u3092apply\u3057\u307e\u3059<\/p>\n \u4ee5\u4e0b\u306e\u3088\u3046\u306a\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n \u3053\u306e\u969b\u3001 ConfigMap\u7528\u306e\u30d5\u30a1\u30a4\u30eb\u3092apply\u3057\u307e\u3059<\/p>\n EKS on Fargate\u306e\u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306bCloudWatchLogs\u3078\u306e\u30ed\u30b0\u66f8\u304d\u8fbc\u307f\u6a29\u9650\u304c\u8a31\u53ef\u3055\u308c\u3066\u3044\u308bIAM\u30dd\u30ea\u30b7\u30fc\u3092\u30a2\u30bf\u30c3\u30c1\u3057\u307e\u3059\u3002<\/p>\n EKS on Fargate \u30af\u30e9\u30b9\u30bf\u30fc\u306e\u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306f\u30b3\u30f3\u30bd\u30fc\u30eb\u4e0a\u306a\u3069\u304b\u3089\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002 \u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306bIAM\u30dd\u30ea\u30b7\u30fc\u304c\u30a2\u30bf\u30c3\u30c1\u3055\u308c\u3066\u3044\u307e\u3059\u3002 \u6700\u5f8c\u306b\u3001Pod\u30ed\u30b0\u3092\u691c\u8a3c\u7528\u306b\u751f\u6210\u3055\u305b\u308b\u30ea\u30bd\u30fc\u30b9\u69cb\u7bc9\u3092\u884c\u3044\u307e\u3059\u3002 \u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u30d5\u30a1\u30a4\u30ebapply\u5f8c\u306b\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u3066\u30ed\u30b0\u3092\u751f\u6210\u3057\u307e\u3059\u3002<\/p>\n \u672c\u8a18\u4e8b\u3067\u306f\u3001EKS\u30af\u30e9\u30b9\u30bf\u53ca\u3073Pod\u524d\u63d0\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u69cb\u7bc9\u3092\u884c\u306a\u3063\u3066\u3044\u307e\u3059\u304c\u3001\u65e2\u306b\u69cb\u7bc9\u6e08\u307f\u306ePod\u4e0a\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30ed\u30b0\u3092CloudWatchLogs\u306b\u8ee2\u9001\u3057\u305f\u3044\u5834\u5408\u306f\u3001\u5bfe\u8c61Pod\u306e\u518d\u8d77\u52d5\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n \u5b9f\u969b\u306b\u624b\u98063.\u3067\u6307\u5b9a\u3057\u305f\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7 Fluent Bit for Amazon EKS on AWS Fargate\u3092\u5229\u7528\u3057\u305fCloudWatchLogs\u3078\u306e\u30ed\u30b0\u8ee2\u9001\u65b9\u6cd5\u3092\u3054\u7d39\u4ecb\u3055\u305b\u3066\u3044\u305f\u3060\u304d\u307e\u3057\u305f\u3002 Fluent Bit for Amazon EKS on AWS Fargate \u3092\u30ea\u30ea\u30fc\u30b9<\/a> \u306f\u3058\u3081\u306b \u4eca\u56de\u306fAmazon EKS on Fargate\u4e0a\u306ePod\u30ed\u30b0\u3092AWS CloudWatch Logs\u306b\u8ee2\u9001\u3059\u308b\u624b\u6bb5\u4e26\u3073\u306b\u6ce8\u610f\u70b9\u306b\u3064\u3044\u3066\u66f8\u304b\u305b\u3066\u3044\u305f\u3060\u304d\u307e\u3059\u3002 \u4ee5\u524d\u3067\u306fAmazon EKS on Fargate\u4e0a\u306ePod\u30ed\u30b0\u3092AWS CloudWatch Logs\u306b\u8ee2\u9001\u3059\u308b\u969b\u306b\u306f\u30b5\u30a4\u30c9\u30ab\u30fc\u3092\u5c0e\u5165\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3057\u305f\u304c\u3001 \u73fe\u5728\u3067\u306f\u7d44\u307f\u8fbc\u307f\u306e\u30ed\u30b0\u30eb\u30fc\u30bf\u30fc\u3092\u5229\u7528\u3059\u308b\u3053\u3068\u3067\u30b5\u30a4\u30c9\u30ab\u30fc\u306e\u5c0e\u5165\u304c\u4e0d\u8981 […]<\/p>\n","protected":false},"author":10,"featured_media":2011,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13],"tags":[344,408,406],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/1704"}],"collection":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/comments?post=1704"}],"version-history":[{"count":21,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/1704\/revisions"}],"predecessor-version":[{"id":1739,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/1704\/revisions\/1739"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/media\/2011"}],"wp:attachment":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/media?parent=1704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/categories?post=1704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/tags?post=1704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\neks-cluster-config.yaml<\/code><\/p>\napiVersion: eksctl.io\/v1alpha5\nkind: ClusterConfig\nmetadata:\n name: fluentbit\n region: us-east-1\n version: '1.16'\niam:\n withOIDC: true\nfargateProfiles:\n - name: defaultfp\n selectors:\n - namespace: demo\n - namespace: kube-system\ncloudWatch:\n clusterLogging:\n enableTypes: ["*"]<\/code><\/pre>\n$ eksctl create cluster -f eks-cluster-config.yaml<\/code><\/pre>\n
\n<\/p>\n2. Fluent Bit for Amazon EKS on AWS Fargate\u5c02\u7528\u306enamespace\u3092\u4f5c\u6210\u3059\u308b<\/h3>\n
\n\u3053\u306e\u969b\u3001namespace\u540d\u306faws-observability<\/code>\u3067\u3042\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\naws-observability-namespace.yaml<\/code><\/p>\nkind: Namespace\napiVersion: v1\nmetadata:\n name: aws-observability\n labels:\n aws-observability: enabled<\/code><\/pre>\n$ kubectl apply -f aws-observability-namespace.yaml\nnamespace\/aws-observability created<\/code><\/pre>\n3. ConfigMap\u3092\u4f5c\u6210\u3057\u3066\u3001Fargate\u30ed\u30b0\u306e\u9001\u4fe1\u5148\u3092\u8a2d\u5b9a\u3059\u308b<\/h3>\n
aws-observability-namespace.yaml<\/code><\/p>\nkind: ConfigMap\napiVersion: v1\nmetadata:\n name: aws-logging\n namespace: aws-observability\n labels:\ndata:\n output.conf: |\n [OUTPUT]\n Name cloudwatch\n Match *\n region us-east-1\n log_group_name \/aws\/eks\/fluent-bit-cloudwatch\n log_stream_prefix from-fluent-bit-\n auto_create_group true<\/code><\/pre>\nregion<\/code> \u2192 \u30ed\u30b0\u8ee2\u9001\u5148\u3068\u306a\u308bCloudwatchLogs\u306eAWS\u30ea\u30fc\u30b8\u30e7\u30f3
\nlog_group_name<\/code> \u2192 \u30ed\u30b0\u8ee2\u9001\u5148\u3068\u306a\u308bCloudwatchLogs\u306e\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7\u540d
\nlog_stream_prefix<\/code> \u2192 CloudwatchLogs\u30ed\u30b0\u30b9\u30c8\u30ea\u30fc\u30e0\u306eprefix\u306b\u30bb\u30c3\u30c8\u3055\u308c\u308b\u547d\u540d
\nauto_create_group<\/code> \u2192 true\u306b\u3059\u308b\u3068\u3001log_group_name<\/code>\u3067\u6307\u5b9a\u3057\u305f\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7\u304cCloudwatchLogs\u306b\u307e\u3060\u5b9f\u5728\u3057\u306a\u3044\u5834\u5408\u3001\u81ea\u52d5\u3067\u305d\u306e\u30ed\u30b0\u30b0\u30eb\u30fc\u30d7\u3092\u4f5c\u6210\u3057\u3066\u304f\u308c\u308b<\/p>\nName<\/code>\u306b\u306fOUTPUT\u30d7\u30e9\u30b0\u30a4\u30f3\u540d\u3092\u30bb\u30c3\u30c8\u3057\u307e\u3059\u3002
\n\u5229\u7528\u53ef\u80fd\u306a\u3082\u306e\u3068\u3057\u3066\u306fC\u8a00\u8a9e\u3067\u66f8\u304b\u308c\u305fcloudwatch_logs<\/code>\u3068Go\u8a00\u8a9e\u3067\u66f8\u304b\u308c\u305fcloudwatch<\/code>\u304c\u3042\u308a\u307e\u3059\u304c\u3001\u5b9f\u969b\u306e\u672c\u756a\u30ef\u30fc\u30af\u30ed\u30fc\u30c9\u3067\u306f
\ncloudwatch_logs<\/code>\u3067\u306f\u306a\u304f\u3001cloudwatch<\/code>\u3092\u30bb\u30c3\u30c8\u3059\u308b\u3053\u3068\u3092\u63a8\u5968\u3044\u305f\u3057\u307e\u3059\u3002<\/strong>
\ncloudwatch_logs<\/code>\u3092\u30bb\u30c3\u30c8\u3057\u3066\u3057\u307e\u3063\u305f\u5834\u5408\u3001\u30ed\u30b0\u306e\u9001\u4fe1\u304c\u505c\u6b62\u3057\u3066\u3057\u307e\u3046\u4e0d\u5177\u5408\u304c\u751f\u3058\u3066\u3057\u307e\u3046\u53ef\u80fd\u6027\u304c\u3042\u308b\u304b\u3089\u3067\u3059\u3002(\u203b\u516c\u5f0fAWS\u30b5\u30dd\u30fc\u30c8\u554f\u3044\u5408\u308f\u305b\u6e08\u307f)<\/p>\n$ kubectl apply -f aws-observability-namespace.yaml\nconfigmap\/aws-logging created<\/code><\/pre>\n4. CloudWatchLogs\u3078\u306e\u66f8\u304d\u8fbc\u307f\u6a29\u9650\u3092\u4ed8\u4e0e\u3059\u308b<\/h3>\n
\n<\/p>\n# \u4eca\u56de\u691c\u8a3c\u7528\u306e\u30b5\u30f3\u30d7\u30ebIAM\u30dd\u30ea\u30b7\u30fc\u306ejson\u3092\u53d6\u5f97\n$ curl -o permissions.json \\\nhttps:\/\/raw.githubusercontent.com\/aws-samples\/amazon-eks-fluent-logging-examples\/mainline\/examples\/fargate\/cloudwatchlogs\/permissions.json\n % Total % Received % Xferd Average Speed Time Time Time Current\n Dload Upload Total Spent Left Speed\n100 215 100 215 0 0 689 0 --:--:-- --:--:-- --:--:-- 686\n\n# CloudWatchLogs\u3078\u306e\u30ed\u30b0\u66f8\u304d\u8fbc\u307f\u6a29\u9650\u304c\u8a31\u53ef\u3055\u308c\u3066\u3044\u308bIAM\u30dd\u30ea\u30b7\u30fc\u3092\u4f5c\u6210\n$ aws iam create-policy \\\n--policy-name eks-fargate-fluent-bit-cloudwatch-sample \\\n--policy-document file:\/\/permissions.json\n{\n "Policy": {\n "PolicyName": "eks-fargate-fluent-bit-cloudwatch-sample",\n "PolicyId": "ANPATELHUHM263Z5IG6S4",\n "Arn": "arn:aws:iam::xxxxxxxxxxxxxxxx:policy\/eks-fargate-fluent-bit-cloudwatch-sample",\n "Path": "\/",\n "DefaultVersionId": "v1",\n "AttachmentCount": 0,\n "PermissionsBoundaryUsageCount": 0,\n "IsAttachable": true,\n "CreateDate": "2021-07-24T12:13:20+00:00",\n "UpdateDate": "2021-07-24T12:13:20+00:00"\n }\n}\n\n# IAM\u30dd\u30ea\u30b7\u30fc\u3092EKS on Fargate\u306e\u30dd\u30c3\u30c9\u5b9f\u884c\u30ed\u30fc\u30eb\u306b\u30a2\u30bf\u30c3\u30c1\n$ aws iam attach-role-policy \\\n--policy-arn arn:aws:iam::xxxxxxxxxxxxxxxx:policy\/eks-fargate-fluent-bit-cloudwatch-sample \\\n--role-name eksctl-fluentbit-cluster-FargatePodExecutionRole-G5P7ZMG795KS<\/code><\/pre>\n
\n<\/p>\n5.\u3000\u691c\u8a3c\u7528\u30ed\u30b0\u51fa\u529b\u30ea\u30bd\u30fc\u30b9\u3092\u69cb\u7bc9\u3059\u308b<\/h3>\n
\n\u4ee5\u4e0b\u306e2\u3064\u306e\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u3092\u751f\u6210\u3057\u3066apply\u3057\u307e\u3059\u3002<\/p>\ndemo-namespace.yaml<\/code><\/p>\nkind: Namespace\napiVersion: v1\nmetadata:\n name: demo<\/code><\/pre>\nlogger-server.yaml<\/code><\/p>\napiVersion: apps\/v1\nkind: Deployment\nmetadata:\n name: logger-server\nspec:\n selector:\n matchLabels:\n app: nginx\n replicas: 1\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: main\n image: nginx:1.14.2\n ports:\n - containerPort: 80<\/code><\/pre>\n$ kubectl apply -f demo-namespace.yaml\nnamespace\/demo created<\/code><\/pre>\n$ kubectl -n demo apply -f logger-server.yaml && kubectl -n demo expose deploy logger-server\ndeployment.apps\/logger-server created\nservice\/logger-server exposed<\/code><\/pre>\n$ kubectl -n demo port-forward svc\/logger-server 8080:80 \nForwarding from 127.0.0.1:8080 -> 80\nForwarding from [::1]:8080 -> 80\nHandling connection for 8080\n\n$ curl localhost:8080<\/code><\/pre>\n# \u5bfe\u8c61\u3068\u306a\u308bdeployment\u540d\u306e\u78ba\u8a8d\n$ kubectl -n {namespace} get deploy\n# Pod\u518d\u8d77\u52d5\n$ kubectl -n {namespace} rollout restart deploy {deployment\u540d}<\/code><\/pre>\n6.\u3000CloudWatchLogs\u306b\u30ed\u30b0\u304c\u8ee2\u9001\u3055\u308c\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3059\u308b<\/h3>\n
\/aws\/eks\/fluent-bit-cloudwatch<\/code>\u3092\u78ba\u8a8d\u3059\u308b\u3068\u3001\u30ed\u30b0\u304c\u8ee2\u9001\u3055\u308c\u3066\u3044\u307e\u3059\u3002
\n<\/p>\n\u307e\u3068\u3081<\/h2>\n
\nAWS\u516c\u5f0f\u30d6\u30ed\u30b0\u3067\u306fOUTPUT\u30d7\u30e9\u30b0\u30a4\u30f3\u306bcloudwatch_logs<\/code>\u3092\u5229\u7528\u3057\u3066\u3044\u307e\u3059\u304c\u3001\u5148\u8ff0\u306e\u901a\u308acloudwatch<\/code>\u306e\u3054\u5229\u7528\u3092\u304a\u52e7\u3081\u3044\u305f\u3057\u307e\u3059\u3002<\/p>\n\u53c2\u8003<\/h2>\n
\nFargate \u30ed\u30b0\u8a18\u9332<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"