Kernel Logs
https://docs.fluentbit.io/manual/pipeline/inputs/kernel-logs
Configuration
toml
[INPUT]
Name kmsg
Tag kernel
[OUTPUT]
Name stdout
Match kube.*
Json_date_key timestamp
Json_date_format iso8601
Format jsonbash
[2025/01/22 08:22:29] [error] [/src/fluent-bit/plugins/in_kmsg/in_kmsg.c:311 errno=2] No such file or directory
[2025/01/22 08:22:29] [error] failed initialize input kmsg.1
[2025/01/22 08:22:29] [error] [engine] input initialization failedFLB_KMSG_DEV 的值是 dev/kmsg,原因是该文件没有挂载进容器。
c
/* open device */
fd = open(FLB_KMSG_DEV, O_RDONLY);
if (fd == -1) {
flb_errno();
flb_free(ctx);
return -1;
}如果挂载为 file 类型,会报错 /dev/kmsg is not a file。
bash
Message
-------
Unable to attach or mount volumes: unmounted volumes=[kmsg], unattached volumes=[kmsg kube-api-access-tqggh config varlog varlibdockercontainers datadockercontainers etcmachineid]: timed out waiting for the condition
Unable to attach or mount volumes: unmounted volumes=[kmsg], unattached volumes=[config varlog varlibdockercontainers datadockercontainers etcmachineid kmsg kube-api-access-tqggh]: timed out waiting for the condition
MountVolume.SetUp failed for volume "kmsg" : hostPath type check failed: /dev/kmsg is not a file
Unable to attach or mount volumes: unmounted volumes=[kmsg], unattached volumes=[varlibdockercontainers datadockercontainers etcmachineid kmsg kube-api-access-tqggh config varlog]: timed out waiting for the condition需要改为 ChartDevice 类型。
yaml
volumeMounts:
- mountPath: /dev/kmsg
name: kmsg
readOnly: true
volumes:
- name: kmsg
hostPath:
path: /dev/kmsg
type: CharDevice如果报 Operation not permitted ,看清楚配置是否写在对应的容器上。
bash
[2025/01/22 09:05:40] [error] [/src/fluent-bit/plugins/in_kmsg/in_kmsg.c:311 errno=1] Operation not permitted
[2025/01/22 09:05:40] [error] failed initialize input kmsg.1
[2025/01/22 09:05:40] [error] [engine] input initialization failed还有下面的权限配置。
bash
securityContext:
capabilities:
add:
- SYS_ADMIN
- SYSLOG
privileged: trueTODO
- Add
Node IPto logs.