As a developer trying to diagnose problems in the Galasa kubernetes service, I want to use centralised tools to look at the pod container logs, rather than have to log into pods individually, so that my diagnostics activity is more secure.
Background
Developers should not have access to the pods that are running.
They should be diagnosing problems using a central log store.
We should adopt a log-capture side-card container in our pods, which forward logs to a central point where developer access can be controlled. eg: Adopt graphana loki or similar.
Story
As a developer trying to diagnose problems in the Galasa kubernetes service, I want to use centralised tools to look at the pod container logs, rather than have to log into pods individually, so that my diagnostics activity is more secure.
Background
Developers should not have access to the pods that are running.
They should be diagnosing problems using a central log store.
We should adopt a log-capture side-card container in our pods, which forward logs to a central point where developer access can be controlled. eg: Adopt graphana loki or similar.