Fluentbit with Tomcat logs
You didn't specify 👀 how you deployed fluent-bit.
But yes you can run it as a different user specifying a SecurityContext in Kubernetes.
For example:
apiVersion: apps/v1kind: DaemonSetmetadata: name: fluent-bit namespace: logging labels: k8s-app: fluent-bit-logging version: v1 kubernetes.io/cluster-service: "true"spec: selector: matchLabels: k8s-app: fluent-bit-logging template: metadata: labels: k8s-app: fluent-bit-logging version: v1 kubernetes.io/cluster-service: "true" annotations: prometheus.io/scrape: "true" prometheus.io/port: "2020" prometheus.io/path: /api/v1/metrics/prometheus spec: securityContext: runAsUser: 1000 👈 user id that you want to run the containers in the pod as containers: - name: fluent-bit image: fluent/fluent-bit:1.3.11 imagePullPolicy: Always ports: - containerPort: 2020 volumeMounts: - name: varlog mountPath: /var/log - name: varlibdockercontainers mountPath: /var/lib/docker/containers readOnly: true - name: fluent-bit-config mountPath: /fluent-bit/etc/ - name: mnt mountPath: /mnt readOnly: true...
✌️
thanks for all the tips, I tried all of them, and it works, but unfortunately, on our deployments it does not as we have some custom users.
What was needed to be done is to set the UMASK as env variable with a value of "111" which would change permissions of the log files so they can be picked up by fluent-bit.