100 Days of DevOps: Day 55

Deploying a Sidecar Pattern for Nginx Log Shipping in Kubernetes

Overview

The goal was to run a web server (nginx) inside a Kubernetes Pod and ship its logs to an aggregation service using the Sidecar pattern.

• Main Container: nginx-container serves web pages and generates access/error logs.
• Sidecar Container: sidecar-container (Ubuntu) reads the same logs every 30 seconds.
• Shared Storage: An emptyDir volume allows both containers to share log files during the Pod’s lifetime.

This pattern keeps responsibilities separate:

Nginx focuses on serving web content, while the sidecar focuses on log collection.

Step 1 – Create the Pod Definition

I defined the Pod in a YAML file named webserver.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: webserver
spec:
  volumes:
  - name: shared-logs
    emptyDir: {}
  containers:
  - name: nginx-container
    image: nginx:latest
    volumeMounts:
    - name: shared-logs
      mountPath: /var/log/nginx
  - name: sidecar-container
    image: ubuntu:latest
    command: ["sh","-c","while true; do cat /var/log/nginx/access.log /var/log/nginx/error.log; sleep 30; done"]
    volumeMounts:
    - name: shared-logs
      mountPath: /var/log/nginx

Step 2 – Apply the Configuration

Command:

kubectl apply -f webserver.yaml

Output:

pod/webserver created

This confirmed the Pod was created successfully.

Step 3 – Inspect the Pod

Command:

kubectl describe pod webserver

Key Output Highlights:

Name:             webserver
Status:           Running
Containers:
  nginx-container:  Running
  sidecar-container: Running
Volumes:
  shared-logs: EmptyDir

This shows:

• Both containers (nginx-container and sidecar-container) are Running.
• The shared-logs emptyDir volume is mounted in both containers at /var/log/nginx.

Step 4 – View Sidecar Logs

Command:

kubectl logs -f webserver -c sidecar-container

Output (sample):

2025/09/27 07:43:13 [notice] 1#1: using the "epoll" event method
2025/09/27 07:43:13 [notice] 1#1: nginx/1.29.1
2025/09/27 07:43:13 [notice] 1#1: start worker processes
...

These are the Nginx startup messages and worker process notices being printed from the error log.
Because the sidecar loops every 30 seconds, these lines repeat whenever it re-reads the files.

Final Result

• Pod Name: webserver

• Containers Running:

  • nginx-container (serves pages, writes logs)
  • sidecar-container (reads & outputs logs)

• Shared Volume: shared-logs (type: emptyDir)

• Behavior: Logs from Nginx are continuously read and displayed by the sidecar every 30 seconds.

Key Takeaways

1. Separation of Concerns: The main container serves web pages only; the sidecar handles log shipping.
2. Shared Volumes Enable Communication: emptyDir allows both containers to share log files without persistence.
3. Scalable Pattern: In production, the sidecar could be replaced with a real log shipper like Fluentd or Filebeat to forward logs to a central system.