Saltar al contenido principal

Loki

Introduction Loki is an Addon that enables you to store and query logs from the containers deployed inside the cluster. Loki depends on Grafana as Sleakops uses it as log viewer. It is a crucial tool for troubleshooting as it can store logs of everything inside the cluster which is useful for root cause analysis of problems in your applications or from any resource allocated inside the cluster.

loki-log-explorer

FAQs

Which dashboards allow me to read logs?

At this moment, Sleakops provide two dashboard to consult the logs that were recollected by Loki.

  • Log Explorer: It's a simple dashboard that allows you to filter by Namespace, Pod, Container and Stream where you can choose between 'stdout' and 'stderr'. It also allows you to search expressions through the 'Search Query' field above.
  • Container Log Dashboard: Similar to the previous but is more close to a Logs Dashboard that lets you analyze more complex cases that you might need. It's slower as it required more processing and for general querying it will not be needed.

Which is the best way to use Loki?

Minimizing the time-range that is being queried is the best way for fast and error-free logs revision as this parameter is the one with the most influence in the weight of the response. We recommend to first check for a big picture of when the problem occured and then check in Loki for logs in a more specific time-range as, generally, logs quantities could be really high. Bear in mind that Loki contains small processing units for reading, writing and as a controller (backend) so big queries might be slow if not having enough read replicas or processing capacity on them. This is modifiable through Sleakops but will also increase costs.

How can I modify the processing capacity of Loki?

SleakOps allows you to modify the processing capacity of the deployed Loki through the configuration of the Addon. One way of increasing its capacity is by modifying the quantity of replicas deployed.

loki-replicas-configuration

How does Loki capture and store logs?

Loki collects logs from each Node of the cluster and therefore, from every container that it's running on it. In order to achieve this, SleakOps uses Promtail that is the default log Collector for Loki, for that reason, every Node of the cluster will have a Promtail instance deployed on it that is in charge of scrapping and pushing them to the Loki write instance that after a certain period of time pushes it to the S3 for long-term storage.

How is the log collection process?

The log collector, Promtail, collects and streams to Loki all the logs output through 'stdout' or 'stderr' from each running container in the cluster