Use OpenShift® and the Vault UI to
update the Kibana URL for the Nimrod UI.
Before you begin
Complete this task only if multitenancy is not enabled for the Cloud Pak. If you allow Cloud Pak
users to access Kibana in a multitenant environment, users that belong to one tenant can view logs
that originate from the requests of users that belong to other tenants.
Procedure
- Run the following command to start the Red Hat® OpenShift CLI and switch to the IBM® Cloud Pak for Network
Automation
namespace:
oc project lifecycle-manager
- Get the Vault authorization token for IBM Cloud Pak for Network
Automation by running the
following command:
oc get secret cp4na-o-vault-keys -o jsonpath --template '{.data.alm_token}' | base64 -d
- Extract the URL that you can use to access the vault UI by running the following
command:
echo "https://$(oc get route cp4na-o-vault -o jsonpath='{.spec.host}' -n <cp4na_namespace>)"
<cp4na_namespace> is the namespace where IBM Cloud Pak for Network
Automation is installed.
A URL is displayed, similar to the following
URL:
https://cp4na-o-vault-<cp4na_namespace>.apps.opscluster.cp.abc.example.com
- Sign in to the Vault UI. Use the token that you got in 2.
- In the menu bar, click Secrets and then click
lm/1.0.0.
- Click the nimrod,custom secret configuration, then click
Edit secret.
- Get the Kibana URL by running the following command:
echo "https://$(oc get route kibana -o jsonpath='{.spec.host}' -n openshift-logging)"
A URL is displayed, similar to the following
URL:
https://kibana-openshift-logging.apps.opscluster.cp.abc.example.com
- In the Vault UI, add the following key-value pairs to the secret data:
Key |
Value |
alm.nimrod.loggingDashboard.enabled |
true |
alm.nimrod.loggingDashboard.endpoint |
Kibana URL from step 7 |
- Click Save.