0.1.43
Pre-release
Pre-release
Klibs: AWS CloudWatch: add support for sending logs This change implements a new console driver that sends log messages to AWS CloudWatch when Nanos runs on an AWS instance. This feature is enabled by loading the cloudwatch and tls klibs and adding a "logging" tuple to the "cloudwatch" tuple in the root tuple. The "logging" tuple may contain the following attributes: - "log_group": specifies the CloudWatch log group to which log messages should be sent; if not present, the log group is derived from the image name (taken from the environment variables), or from the name of the user program if no IMAGE_NAME environment variable is present - "log_stream": specifies the CloudWatch log stream to which log messages should be sent; if not present, the log stream is derived from an instance identifier (e.g. 'ip-172-31-23-224.us-west-1.compute.internal') The log group and the log stream are automatically created if not existing. In order for the cloudwatch klib to retrieve the appropriate credentials needed to communicate with the CloudWatch Logs server, the AWS instance on which it runs must be associated to an IAM role with the CloudWatchAgentServerPolicy, which must grant permissions for the logs:PutLogEvents, logs:CreateLogGroup, and logs:CreateLogStream actions, as described in https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html Example contents of Ops configuration file: ``` "ManifestPassthrough": { "cloudwatch": { "logging": {"log_group":"my_log_group","log_stream":"my_log_stream"} } } ```