Last active
April 29, 2019 22:39
-
-
Save PatrickLang/52789618cf94bd50f447eb7901cb1f18 to your computer and use it in GitHub Desktop.
Gathering Kubernetes logs with Azure Portal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Set this to a storage account with write access to the VM's managed identity. If empty, uploading will be skipped | |
| $azStorageDestination = "" | |
| $lockedFiles = "kubelet.err.log", "kubelet.log", "kubeproxy.log", "kubeproxy.err.log", "azure-vnet-telemetry.log"; | |
| $netDebugFiles = "network.txt", "endpoint.txt", "policy.txt", "ip.txt", "ports.txt", "routes.txt", "vfpOutput.txt"; | |
| $timeStamp = get-date -format 'yyyyMMdd-hhmmss'; | |
| $zipName = "$(hostname)-$($timeStamp)_logs.zip"; | |
| $paths = get-childitem c:\k\*.log -Exclude $lockedFiles; | |
| $paths += get-childitem c:\k\azure-vnet.log.*; | |
| $paths += $lockedFiles | Foreach-Object { Copy-Item "c:\k\$_" . -Passthru }; | |
| $scm = Get-WinEvent -FilterHashtable @{logname='System';ProviderName='Service Control Manager'} | Where-Object { $_.Message -Like "*docker*" -or $_.Message -Like "*kub*" } | Select-Object -Property TimeCreated, Id, LevelDisplayName, Message; | |
| $reboots = Get-WinEvent -FilterHashtable @{logname='System'; id=1074,1076,2004,6005,6006,6008} | Select-Object -Property TimeCreated, Id, LevelDisplayName, Message; | |
| $crashes = Get-WinEvent -FilterHashtable @{logname='Application'; ProviderName='Windows Error Reporting' } | Select-Object -Property TimeCreated, Id, LevelDisplayName, Message; | |
| $scm + $reboots + $crashes | Sort-Object TimeCreated | Export-CSV -Path "$ENV:TEMP\\$($timeStamp)_services.csv"; | |
| $paths += "$ENV:TEMP\\$($timeStamp)_services.csv"; | |
| Get-WinEvent -LogName Microsoft-Windows-Hyper-V-Compute-Operational | Select-Object -Property TimeCreated, Id, LevelDisplayName, Message | Sort-Object TimeCreated | Export-Csv -Path "$ENV:TEMP\\$($timeStamp)_hyper-v-compute-operational.csv"; | |
| $paths += "$ENV:TEMP\\$($timeStamp)_hyper-v-compute-operational.csv"; | |
| get-eventlog -LogName Application -Source Docker | Select-Object Index, TimeGenerated, EntryType, Message | Sort-Object Index | Export-CSV -Path "$ENV:TEMP\\$($timeStamp)_docker.csv"; | |
| $paths += "$ENV:TEMP\\$($timeStamp)_docker.csv"; | |
| Get-CimInstance win32_pagefileusage | ConvertTo-CSV | Out-File -Append "$ENV:TEMP\\$($timeStamp)_pagefile.txt"; | |
| Get-CimInstance win32_computersystem | Format-List AutomaticManagedPagefile | Out-File -Append "$ENV:TEMP\\$($timeStamp)_pagefile.txt"; | |
| $paths += "$ENV:TEMP\\$($timeStamp)_pagefile.txt"; | |
| mkdir 'c:\k\debug' -ErrorAction Ignore | Out-Null; | |
| Invoke-WebRequest -UseBasicParsing https://raw.githubusercontent.com/Microsoft/SDN/master/Kubernetes/windows/debug/collectlogs.ps1 -OutFile 'c:\k\debug\collectlogs.ps1'; | |
| & 'c:\k\debug\collectlogs.ps1' | write-Host; | |
| $netLogs = get-childitem c:\k -Recurse -Include $netDebugFiles; | |
| $paths += $netLogs; | |
| Compress-Archive -Path $paths -DestinationPath $zipName; | |
| $netLogs | Foreach-Object { Remove-Item $_ } | Out-Null; | |
| Write-Host Compressing all logs to $zipName; | |
| $zipPath = (Get-ChildItem $zipName).DirectoryName | |
| Write-Host All logs written to "$((Get-ChildItem $zipName).FullName)" | |
| if ($azStorageDestination) { | |
| # This section is still untested | |
| curl.exe -L https://aka.ms/downloadazcopy -o c:\azuredata\azcopy.msi | |
| msiexec /i c:\azuredata\azcopy.msi /qn /norestart /l*v c:\azuredata\azcopy-install.log | |
| $ENV:PATH += ';C:\Program Files (x86)\Microsoft SDKs\Azure\AzCopy' | |
| azcopy login --identity | |
| azcopy /Source:"$zipPath" /Dest:$azStorageDestination /Pattern:"$zipName" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment