Container Service for Kubernetes:Collect the diagnostic logs of nodes

Select nodes to diagnose

1. Log on to the ACK console. In the left-side navigation pane, click Cluster.

2. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.

3. Optional: Perform the following steps to authorize the cluster to collect logs to OSS.

   Before you can upload diagnostic logs from nodes to an OSS bucket, you must grant the nodes the write permissions on the specified directory in OSS.

   1. Create a custom policy and add the following content to the policy. For more information, see the Step 1: Create a custom policy section of the "[Product Changes] Permissions of the worker RAM role of ACK managed clusters are revoked" topic.

      {
          "Action": [
              "oss:GetBucket",
              "oss:PutObject",
              "oss:GetObject"
          ],
          "Resource": [
              "acs:oss:*:*:<OSS bucket name>/<Directory used to store diagnostic logs>/*"
          ],
          "Effect": "Allow"
      },
      {
          "Action": [
              "oss:GetBucketInfo"
          ],
          "Resource": [
              "acs:oss:*:*:<OSS bucket name>"
          ],
          "Effect": "Allow"
      }

   2. Attach the Resource Access Management (RAM) policy to the worker RAM role used by your cluster. For more information, see the Step 2: Attach the custom policy to the worker RAM role section of the "[Product Changes] Permissions of the worker RAM role of ACK managed clusters are revoked" topic.

4. In the left-side navigation pane of the details page, choose Nodes > Nodes.

5. On the Nodes page, find the node that you want to manage and choose More > Node Diagnosis in the Actions column.

6. In the Node Diagnosis dialog box, perform the following operations:

   You can choose whether to upload diagnostic logs to OSS. You can view the diagnostic logs regardless of whether the logs are uploaded to OSS.

   Scenario 1: Upload diagnostic logs to OSS

   You can upload the diagnostic logs to an OSS bucket. Before you perform the following steps, you must authorize the worker RAM role of the cluster to collect logs to OSS. For more information, see Step 3 of this topic.

   1. Select Upload to OSS and enter the name and directory of the OSS bucket.

      For example, if you want to upload the diagnostic logs to the /acs/diagnose directory in myBucket, enter myBucket/acs/diagnose.

   2. Select or clear Share Diagnosis Logs.

      If you select Share Diagnosis Logs, the system generates a temporary link for you to download the diagnostic logs. You can also share the link with the ACK support team to request technical support.

   3. Click OK.

      After the preceding steps are complete, you can obtain the task ID of Cloud Assistant in the console. Then, you can use the task ID to find and view the logs of diagnostic script executions in the Elastic Compute Service (ECS) Cloud Assistant console.

   4. In the Node Diagnosis dialog box, click Go to Cloud Assistant to View Diagnosis Script Execution Logs.

   5. Go to the ECS console. In the left-side navigation pane, choose Maintenance & Monitoring > Cloud Assistant. On the ECS Cloud Assistant page, click the Command Execution Result tab to view the diagnostic logs.

   6. Find the task based on the task ID and click View in the Actions column.

      You can also go to the OSS console to view the diagnostic logs that are collected in the specified directory.

   Scenario 2: Do not upload diagnostic logs to OSS

   If you clear Upload to OSS, you do not need to grant the nodes the write permissions on the specified directory in OSS. You can log on to the ECS console. In the left-side navigation pane, choose Maintenance & Monitoring > Cloud Assistant. On the ECS Cloud Assistant page, click the Command Execution Result tab to view relevant diagnostic logs.