Add new EKS Logging documentation (#20847)

* Add new EKS Logging documentation

* Update docs

* Update docs

* Update operator CR values

* Temporarily remove tabs

* Updates

* More updates

* Address comments

Author: justin-lesko

eks_fargate/README.md

@@ -552,7 +552,7 @@ spec:
         - name: "<CONTAINER_NAME>"
           image: "<CONTAINER_IMAGE>"
 
-        # Running the Agent as a side-car
+        # Running the Agent as a sidecar
         - name: datadog-agent
           image: gcr.io/datadoghq/agent:7
           env:
@@ -689,7 +689,7 @@ spec:
       - name: "<CONTAINER_NAME>"
         image: "<CONTAINER_IMAGE>"
 
-      # Running the Agent as a side-car
+      # Running the Agent as a sidecar
       - name: datadog-agent
         image: gcr.io/datadoghq/agent:7
         env:
@@ -852,7 +852,7 @@ spec:
       - name: "<CONTAINER_NAME>"
         image: "<CONTAINER_IMAGE>"
 
-      # Running the Agent as a side-car
+      # Running the Agent as a sidecar
       - name: datadog-agent
         image: gcr.io/datadoghq/agent:7
         env:
@@ -881,6 +881,158 @@ spec:
 
 ## Log collection
 
+### Collecting logs from EKS on Fargate natively with the Agent
+
+Monitor EKS Fargate logs using the Datadog Agent to collect logs from the kubelet and ship them to Datadog.
+
+1. The most convenient way to enable native kubelet logging is through the Cluster Agent's Admission Controller sidecar injection feature. When configured, all subsequent injected Agent containers automatically have kubelet logging enabled. This feature can also be configured manually in your Application's manifest.
+
+  <!-- xxx tabs xxx -->
+  <!-- xxx tab "Enable Logging - Datdog Operator" xxx -->
+
+  Set the `DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_KUBELET_API_LOGGING_ENABLED` Cluster Agent environment variable to `true`, so newly injected Agent containers will have kubelet logging enabled.
+
+  ```yaml
+  apiVersion: datadoghq.com/v2alpha1
+  kind: DatadogAgent
+  metadata:
+    name: datadog
+    namespace: datadog
+  spec:
+    overrides:
+      clusterAgent:
+        env:
+          - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_KUBELET_API_LOGGING_ENABLED
+            value: "true"
+  ```
+
+  <!-- xxz tab xxx -->
+  <!-- xxx tab "Enable Logging - Helm" xxx -->
+
+  Set the `DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_KUBELET_API_LOGGING_ENABLED` Cluster Agent environment variable to `true`, so newly injected Agent containers will have kubelet logging enabled.
+
+  ```yaml
+  clusterAgent:
+    env:
+      - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_KUBELET_API_LOGGING_ENABLED
+        value: true
+  ```
+
+  <!-- xxz tab xxx -->
+  <!-- xxx tab "Enable Logging - Manual" xxx -->
+
+  To enable Agent logging manually, you must:
+  1. Attach an [emptyDir][29] volume to your pod and mount it inside the Agent container. This prevents duplicate logs should the Agent container restart.
+  2. Set `DD_LOGS_ENABLED` to `"true"` - this instructs the Agent to collect logs.
+  3. Set `DD_LOGS_CONFIG_RUN_PATH` to the emptyDir mount path.
+  4. Set `DD_LOGS_CONFIG_K8S_CONTAINER_USE_KUBELET_API` to `"true"` - this instructs the Agent on which logging method to use. 
+
+  ```yaml
+  apiVersion: apps/v1
+  kind: Deployment
+  spec:
+    #(...)
+    template:
+      #(...)
+      spec:
+        # Empty dir to keep track of logging timestamps in case of agent restart
+        volumes:
+          - name: agent-option
+            emptyDir: {}
+        containers:
+          #(...)
+          # Running the Agent as a sidecar
+          - name: datadog-agent
+            image: gcr.io/datadoghq/agent:7
+            # Mount the empty dir to the Agent
+            volumeMounts:
+              - name: agent-option
+                mountPath: /opt/datadog-agent/run
+                readOnly: false
+            env:
+              #(...)
+              - name: DD_LOGS_ENABLED
+                value: "true"
+              - name: DD_LOGS_CONFIG_K8S_CONTAINER_USE_KUBELET_API
+                value: "true"
+              - name: DD_LOGS_CONFIG_RUN_PATH
+                value: "/opt/datadog-agent/run"
+            resources:
+              requests:
+                memory: "256Mi"
+                cpu: "200m"
+              limits:
+                memory: "256Mi"
+                cpu: "200m"
+  ```
+
+  <!-- xxz tab xxx -->
+  <!-- xxz tabs xxx -->
+
+2. You can configure the injected Agents to automatically collect logs for all containers by enabling `CONTAINER_COLLECT_ALL`. Alternatively, logs can be filtered through the standard Kubernetes [Autodiscovery annotations](https://docs.datadoghq.com/containers/kubernetes/log/?tab=helm#autodiscovery-annotations).
+
+  <!-- xxx tabs xxx -->
+  <!-- xxx tab "Configure Logging - Datdog Operator" xxx -->
+
+  ```yaml
+  #(...)
+  spec:
+    #(...)
+    features:
+      admissionController:
+        agentSidecarInjection:
+          #(...)
+          profiles:
+            - env:
+              # Collect all container logs
+              - name: DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL
+                value: "true"
+  ```
+
+  <!-- xxz tab xxx -->
+  <!-- xxx tab "Configure Logging - Helm" xxx -->
+
+  ```yaml
+  clusterAgent:
+    admissionController:
+      agentSidecarInjection:
+        # (...)
+        profiles:
+          - env:
+            # Collect all container logs
+            - name: DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL
+              value: "true"
+  ```
+
+  <!-- xxz tab xxx -->
+  <!-- xxx tab "Configure Logging - Manual" xxx -->
+
+  ```yaml
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: "<APPLICATION_NAME>"
+      namespace: default
+    spec:
+      #(...)
+      template:
+      #(...)
+        spec:
+          #(...)
+          containers:
+            # Running the Agent as a sidecar
+            - name: datadog-agent
+              image: gcr.io/datadoghq/agent:7
+              env:
+                # Collect all container logs
+                - name: DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL
+                  value: "true"
+              #(...)
+    ```
+
+  <!-- xxz tab xxx -->
+  <!-- xxz tabs xxx -->
+
 ### Collecting logs from EKS on Fargate with Fluent Bit
 
 Monitor EKS Fargate logs by using [Fluent Bit][14] to route EKS logs to CloudWatch Logs and the [Datadog Forwarder][15] to route logs to Datadog.
@@ -936,7 +1088,7 @@ spec:
       - name: "<CONTAINER_NAME>"
         image: "<CONTAINER_IMAGE>"
 
-      # Running the Agent as a side-car
+      # Running the Agent as a sidecar
       - name: datadog-agent
         image: gcr.io/datadoghq/agent:7
         # (...)
@@ -1106,3 +1258,4 @@ Additional helpful documentation, links, and articles:
 [26]: https://kubernetes.io/docs/concepts/configuration/secret/
 [27]: https://helm.sh/docs/intro/install/
 [28]: https://docs.datadoghq.com/tracing/trace_collection/proxy_setup/apigateway
+[29]: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir