I have a kubernetes cluster running on coreos. I wish to run journal2gelf https://github.com/systemd/journal2gelf in a container in a pod I call logging. (I also have a fluentd container in this pod, which works great, I highly recommend it for streaming logs elsewhere). Is it possible to configure a pod to allow essentially this:

journalctl -o json -f | docker run <my journal2gelf image> -d -p $GRAYLOG_PORT

but within the containers: key in a replication controller config? And in general can kubernetes allow piping to a container?

First, no, Kubernetes doesn't currently have any mechanism for specifying a stdin to the container. The main ways for passing information in are environment variables, secrets, and volumes, and those seem to handle most use cases.

Also, this request is for more than just being able to pass information to stdin, it's for being able to run an arbitrary command on the host and pipe that information in, which would come with some pretty serious security concerns.

In this particular case, you might be able to get what you want by mounting the directory used by journalctl on your nodes as a hostDir volume into your container, and then running the journalctl command as the entrypoint into your container. Of course, there may be more difficult issues here which would require you to run it as a privileged container instead.

If you want to do exactly what you specify in the question, you may be best off just setting up that process on each node directly rather than through Kubernetes.

This will let you send stdin to a container:

kubectl exec -i POD_NAME COMMAND

Or

kubectl attach -i POD_NAME

But there isn't a good way to define to stdin sent to all containers in a pod, or all containers spawned by a replication controller

First, no, Kubernetes doesn't currently have any mechanism for specifying a stdin to the container. The main ways for passing information in are environment variables, secrets, and volumes, and those seem to handle most use cases.

Also, this request is for more than just being able to pass information to stdin, it's for being able to run an arbitrary command on the host and pipe that information in, which would come with some pretty serious security concerns.

In this particular case, you might be able to get what you want by mounting the directory used by journalctl on your nodes as a hostDir volume into your container, and then running the journalctl command as the entrypoint into your container. Of course, there may be more difficult issues here which would require you to run it as a privileged container instead.

If you want to do exactly what you specify in the question, you may be best off just setting up that process on each node directly rather than through Kubernetes.