Chapter 5. Working with Event Router
The Event Router communicates with the OpenShift Container Platform and prints OpenShift Container Platform events to log of the pod where the event occurs.
If Cluster Logging is deployed, you can view the OpenShift Container Platform events in Kibana.
5.1. Deploying and Configuring the Event Router
Use the following steps to deploy Event Router into your cluster.
The following Template object creates the Service Account, ClusterRole, and ClusterRoleBinding required for the Event Router.
Prerequisites
- You need proper permissions to create service accounts and update cluster role bindings. For example, you can run the following template with a user that has the cluster-admin role.
Set
TRANSFORM_EVENTS=truein order to process and store event router events in Elasticsearch.- Set cluster logging to the unmanaged state.
Enable the
TRANSFORM_EVENTSfeature.$ oc set env ds/fluentd TRANSFORM_EVENTS=true
Procedure
Create a template for the Event Router:
kind: Template apiVersion: v1 metadata: name: eventrouter-template annotations: description: "A pod forwarding kubernetes events to cluster logging stack." tags: "events,EFK,logging,cluster-logging" objects: - kind: ServiceAccount 1 apiVersion: v1 metadata: name: eventrouter namespace: ${NAMESPACE} - kind: ClusterRole 2 apiVersion: v1 metadata: name: event-reader rules: 3 - apiGroups: [""] resources: ["events"] verbs: ["get", "watch", "list"] - kind: ClusterRoleBinding 4 apiVersion: v1 metadata: name: event-reader-binding subjects: - kind: ServiceAccount name: eventrouter namespace: ${NAMESPACE} roleRef: kind: ClusterRole name: event-reader - kind: ConfigMap apiVersion: v1 metadata: name: eventrouter namespace: ${NAMESPACE} data: config.json: |- { "sink": "stdout" } - kind: Deployment apiVersion: apps/v1 metadata: name: eventrouter namespace: ${NAMESPACE} labels: component: eventrouter logging-infra: eventrouter provider: openshift spec: selector: matchLabels: component: eventrouter logging-infra: eventrouter provider: openshift replicas: 1 template: metadata: labels: component: eventrouter logging-infra: eventrouter provider: openshift name: eventrouter spec: serviceAccount: eventrouter containers: - name: kube-eventrouter image: ${IMAGE} imagePullPolicy: IfNotPresent resources: limits: memory: ${MEMORY} requests: cpu: ${CPU} memory: ${MEMORY} volumeMounts: - name: config-volume mountPath: /etc/eventrouter volumes: - name: config-volume configMap: name: eventrouter parameters: - name: IMAGE 5 displayName: Image value: "registry.redhat.io/openshift4/ose-logging-eventrouter:latest" - name: MEMORY 6 displayName: Memory value: "128Mi" - name: CPU 7 displayName: CPU value: "100m" - name: NAMESPACE 8 displayName: Namespace value: "openshift-logging"- 1
- Creates a Service Account for the Event Router.
- 2
- Creates a cluster role to monitor for events in the cluster.
- 3
- Allows the
get,watch, andlistpermissions for theeventsresource. - 4
- Creates a ClusterRoleBinding to bind the ClusterRole to the ServiceAccount.
- 5
- Specify the image version for the Event Router.
- 6
- Specify the memory limit for the Event Router pods. Defaults to '128Mi'.
- 7
- Specify the minimum amount of CPU to allocate to the Event Router. Defaults to '100m'.
- 8
- Specify the namespace where eventrouter is deployed. Defaults to
openshift-logging. The value must be the same as specified for the ServiceAccount and ClusterRoleBinding. The project indicates where in Kibana you can locate events:-
If the event router pod is deployed in a default project, such as
kube-*andopenshift-*, you can find the events under the .operation index. - If the event router pod is deployed in other projects, you can find the event under the index using the project namespace.
-
If the event router pod is deployed in a default project, such as
Use the following command to process and apply the template:
$ oc process -f <templatefile> | oc apply -f -
For example:
$ oc process -f eventrouter.yaml | oc apply -f - serviceaccount/logging-eventrouter created clusterrole.authorization.openshift.io/event-reader created clusterrolebinding.authorization.openshift.io/event-reader-binding created configmap/logging-eventrouter created deployment.apps/logging-eventrouter created
Validate that the Event Router installed:
$ oc get pods --selector component=eventrouter -o name pod/logging-eventrouter-d649f97c8-qvv8r
$ oc logs logging-eventrouter-d649f97c8-qvv8r {"verb":"ADDED","event":{"metadata":{"name":"elasticsearch-operator.v0.0.1.158f402e25397146","namespace":"openshift-operators","selfLink":"/api/v1/namespaces/openshift-operators/events/elasticsearch-operator.v0.0.1.158f402e25397146","uid":"37b7ff11-4f1a-11e9-a7ad-0271b2ca69f0","resourceVersion":"523264","creationTimestamp":"2019-03-25T16:22:43Z"},"involvedObject":{"kind":"ClusterServiceVersion","namespace":"openshift-operators","name":"elasticsearch-operator.v0.0.1","uid":"27b2ca6d-4f1a-11e9-8fba-0ea949ad61f6","apiVersion":"operators.coreos.com/v1alpha1","resourceVersion":"523096"},"reason":"InstallSucceeded","message":"waiting for install components to report healthy","source":{"component":"operator-lifecycle-manager"},"firstTimestamp":"2019-03-25T16:22:43Z","lastTimestamp":"2019-03-25T16:22:43Z","count":1,"type":"Normal"}}
