55/100 Kubernetes Sidecar Containers

We have a web server container running the nginx image. The access and error logs generated by the web server are not critical enough to be placed on a persistent volume. However, Nautilus developers need access to the last 24 hours of logs so that they can trace issues and bugs. Therefore, we need to ship the access and error logs for the web server to a log-aggregation service. Following the separation of concerns principle, we implement the Sidecar pattern by deploying a second container that ships the error and access logs from nginx. Nginx does one thing, and it does it well—serving web pages. The second container also specializes in its task—shipping logs. Since containers are running on the same Pod, we can use a shared emptyDir volume to read and write logs.

1. Create a pod named webserver.
2. Create an emptyDir volume shared-logs.
3. Create two containers from nginx and ubuntu images with latest tag only and remember to mention tag i.e nginx:latest, nginx container name should be nginx-container and ubuntu container name should be sidecar-container on webserver pod.
4. Add command on sidecar-container "sh","-c","while true; do cat /var/log/nginx/access.log /var/log/nginx/error.log; sleep 30; done"
5. Mount the volume shared-logs on both containers at location /var/log/nginx, all containers should be up and running.

Create the pod yaml file, named webserver.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: webserver
spec:
  containers:
    - name: nginx-container
      image: nginx:latest
      volumeMounts:
        - name: shared-logs
          mountPath: /var/log/nginx

    - name: sidecar-container
      image: ubuntu:latest
      command: ["sh", "-c", "while true; do cat /var/log/nginx/access.log /var/log/nginx/error.log; sleep 30; done"]
      volumeMounts:
        - name: shared-logs
          mountPath: /var/log/nginx

  volumes:
    - name: shared-logs
      emptyDir: {}

Apply the file and then verify:

thor@jumphost ~$ kubectl apply -f webserver.yaml
pod/webserver created
thor@jumphost ~$ kubectl get pods
NAME        READY   STATUS    RESTARTS   AGE
webserver   2/2     Running   0          16s

Verify log sharing - checking the logs from nginx:

thor@jumphost ~$ kubectl exec -it webserver -c nginx-container -- bash
root@webserver:/# ls /var/log/nginx
access.log  error.log

exit

Finally, check what the sidecar sees. This should be the log output from /var/log/nginx/access/log and /var/log/nginx/error.log which will be printed continously every 30 seconds.

thor@jumphost ~$ kubectl logs -f webserver -c sidecar-container
2025/10/23 08:48:18 [notice] 1#1: using the "epoll" event method
2025/10/23 08:48:18 [notice] 1#1: nginx/1.29.2
2025/10/23 08:48:18 [notice] 1#1: built by gcc 14.2.0 (Debian 14.2.0-19) 
2025/10/23 08:48:18 [notice] 1#1: OS: Linux 5.4.0-1106-gcp
2025/10/23 08:48:18 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2025/10/23 08:48:18 [notice] 1#1: start worker processes
2025/10/23 08:48:18 [notice] 1#1: start worker process 77
-- Snipped --