How to get k8s master logs on EKS?

Question

I am looking for these logs:

/var/log/kube-apiserver.log
/var/log/kube-scheduler.log
/var/log/kube-controller-manager.log

In EKS user does not have access to the control plane and can't see these files directly.

I am aware of CloudTrail integration announced by AWS. But it shows events not from k8s API, but AWS EKS API like CreateCluster event. Also the open question how to get scheduler and controller manager logs.

There is no pods for api and controller in pods list.

$ kubectl get po --all-namespaces
NAMESPACE     NAME                             READY     STATUS             RESTARTS   AGE
kube-system   aws-node-9f4lm                   1/1       Running            0          2h
kube-system   aws-node-wj2cg                   1/1       Running            0          2h
kube-system   kube-dns-64b69465b4-4gw6n        3/3       Running            0          2h
kube-system   kube-proxy-7mt7l                 1/1       Running            0          2h
kube-system   kube-proxy-vflzv                 1/1       Running            0          2h

There is no master nodes in the node list

$ kubectl get nodes
NAME                        STATUS    ROLES     AGE       VERSION
ip-10-0-0-92.ec2.internal   Ready     <none>    9m        v1.10.3
ip-10-0-1-63.ec2.internal   Ready     <none>    9m        v1.10.3

Answer 1

Logs can be send to CloudWatch (not free of charge). The following logs can be individually selected to be send to CloudWatch:

• API server
• Audit
• Authenticator
• Controller Manager
• Scheduler

Logs can be enabled via UI or AWS CLI. See Amazon EKS Control Plane Logging