Logging

We recommend enabling the following logging to help with debugging and troubleshooting:

Control plane logging

We recommend enabling control plane logging in EKS, at least for the API server logs, audit logs, and authenticator logs, as these are critical for debugging and auditing. You may wish to enable controller manager and scheduler logs too.

Worker node logging

We recommend installing fluentd-cloudwatch in the EKS cluster. This will run fluentd on each worker node and configure it to send all the logs from the worker nodes (including all the pods on them) to CloudWatch.

Control plane logging​

Worker node logging​

Control plane logging

Worker node logging