akhan4u/kubernetes_logging.md

Last active August 12, 2025 04:19

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/akhan4u/14d72f7900969ce1832d621c09fe261b.js"></script>
Save akhan4u/14d72f7900969ce1832d621c09fe261b to your computer and use it in GitHub Desktop.

kubernetes logging

Raw

flowchart TD
    A[Kubernetes Cluster] --> B[Metrics Collection]
    A --> C[Log Collection]

    %% Metrics Branch
    B --> D[Prometheus]
    B --> Z[VictoriaMetrics Stack]
    D --> E[Grafana]
    D --> F[Alertmanager]
    D --> G[Mimir]
    Z --> ZA[VictoriaMetrics]
    Z --> ZB[VMAlert]
    Z --> ZC[VMUI]
    Z --> ZD[Grafana]

    %% Log Branch
    C --> H[EFK Stack]
    C --> I[Loki]
    C --> J[Fluent Bit / Promtail / Vector]

    %% EFK Details
    H --> K[Fluentd]
    H --> L[Elasticsearch]
    H --> M[Kibana]

    %% Loki Details
    I --> N[Promtail]
    I --> O[Loki]
    I --> P[Grafana]

    %% Lightweight Alternatives
    J --> Q[File/S3 Storage]
    J --> R[Loki]
    J --> S[External/Cloud Solutions]

    %% Monitoring vs Logging
    B -.-> T[Use for Performance, Health, Alerts]
    C -.-> U[Use for Troubleshooting, Auditing, Compliance]

    %% User Actions
    E --> V[Query Metrics]
    F --> W[Get Alerts]
    M --> X[Query Logs]
    P --> Y[Query Logs]
    ZD --> V
    ZB --> W
    ZC --> V
    ZA --> ZC
    ZA --> ZB

Author

akhan4u commented Aug 12, 2025

Prometheus stack and EFK stack serve different purposes when it comes to Kubernetes logging and monitoring:

Prometheus Stack

Components: Prometheus (metrics collection), Alertmanager (alerts), Grafana (visualization).
Main Focus: Metrics (CPU, memory, latency, request counts, error rates, etc.).
Logging Support: Prometheus itself does not collect or store logs. It can scrape log-based metrics (e.g., via exporters or Loki), but it’s not a log aggregation solution.
Use Case: Monitoring cluster and application health, performance, and alerting.

EFK Stack (Elasticsearch, Fluentd, Kibana)

Components: Fluentd (log collector/forwarder), Elasticsearch (log indexing/storage), Kibana (log visualization/search).
Main Focus: Log collection, aggregation, storage, and querying.
Logging Support: Purpose-built for collecting application, system, and cluster logs.
Use Case: Centralized log management, troubleshooting, search, compliance.

Summary Table

Stack	Main Purpose	Logging Support	Metric Support	Visualization
Prometheus	Metrics/Monitoring	❌ (not for logs)	✅	Grafana
EFK	Log Aggregation/Search	✅	❌ (not for metrics)	Kibana

Which is More Suitable for Log Collection?

EFK stack is more suitable for log collection in a Kubernetes (including K3s) environment.
If you want centralized, searchable logs, use EFK (or its alternatives: ELK, Loki, etc.).
Prometheus stack is for metrics—not logs.

akhan4u/kubernetes_logging.md

akhan4u commented Aug 12, 2025

Prometheus Stack

EFK Stack (Elasticsearch, Fluentd, Kibana)

Summary Table

Which is More Suitable for Log Collection?

Uh oh!