Enabling and using logging

The following YAML examples are settings that you can use when deploying the ClusterLogging Kubernetes resource. For more information, see Configuring CPU and memory limits and Configuring the log collector in the Red Hat OpenShift documentation.

Minimal install

If your use case is a proof-of-concept where data loss or log loss is not a concern, and the OpenShift cluster has limited resources, you can run a single node Elasticsearch cluster. Update the redundancyPolicy to ZeroRedundancy and the nodeCount to 1 in the following snippet. If the cluster has no persistent storage and you still want to test the logging setup, you can set the storage to empty.

apiVersion: logging.openshift.io/v1
kind: ClusterLogging
metadata:
  name: instance
  namespace: openshift-logging
spec:
  logStore:
    type: "elasticsearch"
    elasticsearch:
      nodeCount: 1
      storage: {}
      redundancyPolicy: ZeroRedundancy

Specifying a storage class

In the spec section, configure the storage value for your OpenShift cluster. The following example is configured for the ibmc-block-gold RWO storage class:

apiVersion: logging.openshift.io/v1
kind: ClusterLogging
metadata:
  name: instance
  namespace: openshift-logging
spec:
  logStore:
    type: "elasticsearch"
    elasticsearch:
      nodeCount: 3
      redundancyPolicy: SingleRedundancy
      storage:
        size: 200G
        storageClassName: ibmc-block-gold
      resources: 
        limits:
          memory: 16Gi
        requests:
          cpu: 200m
          memory: 16Gi

Deploying components individually

If you do not want to deploy all the components of the OpenShift cluster logging resource, you can install the ones that you want, individually. This example deploys only the fluentd collector:

apiVersion: logging.openshift.io/v1
kind: ClusterLogging
metadata:
  name: instance
  namespace: openshift-logging
spec:
  collection:
    logs:
      type: fluentd
      fluentd: {}
  managementState: Managed

1. Log in to IBM Cloud Pak Platform UI.

2. In the list of instances, find the desired instance.

3. Click the overflow menu (three-dot icon), then click Logs.

4. By default, no index patterns are created, and therefore kibana does not show any logs from the instance. To get the logs, create an index pattern by entering app-* in the text field.

If you want to send logs from OpenShift cluster logging to a third-party application, these are the minimum tasks required for setup:

• Install and configure OpenShift cluster logging

• Enable external access to OpenShift cluster logging

• Configure log forwarding

After you have installed OpenShift cluster logging, add a route to expose OpenShift cluster logging data to applications that are outside the OpenShift cluster.

1. Extract the CA Certificate:

   oc extract secret/elasticsearch --to=. --keys=admin-ca -n openshift-logging

2. Create a route file called es_route.yaml that contains this YAML:

   apiVersion: route.openshift.io/v1
   kind: Route
   metadata:
       name: elasticsearch
       namespace: openshift-logging
   spec:
       host:
       to:
           kind: Service
           name: elasticsearch
       tls:
           termination: reencrypt
           destinationCACertificate: |

3. Add the CA certificate content to the YAML file and create the route by running the following:

   cat ./admin-ca | sed -e "s/^/      /" >> es_route.yaml
   oc create -f es_route.yaml

4. Confirm that the route is working as expected:

   token=$(oc whoami -t)
   
   routeES=`oc get route elasticsearch -n openshift-logging -o jsonpath={.spec.host}`
   
   curl -sS -k -H "Authorization: Bearer ${token}" "https://${routeES}/_cat/health"

Next, complete the process by configuring log forwarding.

After you enable external access to OpenShift cluster logging, create an OpenShift cluster log forwarder so that you can forward logs to a third-party application. For instructions, see About forwarding logs to third-party systems in the Red Hat OpenShift documentation.