Chapter 1. Search

1.1. Search service
Copy link

For Red Hat Advanced Cluster Management for Kubernetes, search provides visibility into your Kubernetes resources across all of your clusters. Search also indexes the Kubernetes resources and the relationships to other resources.

Search is configured by default on the hub cluster. When you provision or manually import a managed cluster, the klusterlet-addon-search is enabled.

1.1.1. Search components
Copy link

The search architecture is composed of the following components:

Expand

Table 1.1. Search component table
Component name	Metrics	Metric type	Description
`search-collector`			Watches the Kubernetes resources, collects the resource metadata, computes relationships for resources across all of your managed clusters, and sends the collected data to the `search-indexer`. The `search-collector` on your managed cluster runs as a pod named, `klusterlet-addon-search`.
`search-indexer` Receives resource metadata from the collectors and writes to PostgreSQL database. The `search-indexer` also watches resources in the hub cluster to keep track of active managed clusters.	`search_indexer_request_duration`	Histogram	Time (seconds) the search indexer takes to process a request (from managed cluster).
	`search_indexer_request_size`	Histogram	Total changes (add, update, delete) in the search indexer request (from managed cluster).
	`search_indexer_request_count`	Counter	Total requests received by the search indexer (from managed clusters).
	`search_indexer_requests_in_flight`	Gauge	Total requests the search indexer is processing at a given time.
`search-api` Provides access to all cluster data in the `search-indexer` through GraphQL and enforces role-based access control (RBAC).	`search_api_requests`	Histogram	Histogram of HTTP requests duration in seconds.
	`search_dbquery_duration_seconds`	Histogram	Latency of database requests in seconds.
	`search_api_db_connection_failed_total`	Counter	The total number of database connection attempts that failed.
`search-postgres`			Stores collected data from all managed clusters in an instance of the PostgreSQL database.

1.1.2. Search operations and data types
Copy link

Specify your search query by using search operations as conditions. Characters such as >, >=, <, <=, != are supported. See the following search operation table:

Expand

Table 1.2. Search operation table
Default operation	Data type	Description
`=`	string, number	This is the default operation.
`!` or `!=`	string, number	This represents the NOT operation, which means to exclude from the search results.
`<, ⇐, >, >=`	number
`>`	date	Dates matching the last hour, day, week, month, and year.
`*`	string	Partial string match.

1.1.3. Additional resources
Copy link

For more topics about the Red Hat Advanced Cluster Management for Kubernetes console, see Web console.
If you want to disable the Search service on your managed cluster, see Modifying the klusterlet add-ons settings of your cluster for more information.

1.2. Creating search configurable collection
Copy link

Define which Kubernetes resources are collected from the cluster by creating a search-collector-config config map for each managed cluster where you want to customize the resources that search collects.

Required access: Cluster administrator

Place the config map in the same namespace where the search add-on is deployed. The default namespace is open-cluster-management-agent-addon.

Complete the following steps:

Run the following command to create the search-collector-config config map:
```
oc apply -f <your-search-collector-config>.yaml
```
```
oc apply -f <your-search-collector-config>.yaml
```
Copy to Clipboard Toggle word wrap

List the resources in the allow (data.AllowedResources) and deny list (data.DeniedResources) sections within the config map. Your config map might resemble the following YAML file:

apiVersion: v1
kind: ConfigMap
metadata:
 name: search-collector-config
 namespace: <namespace where search-collector add-on is deployed>
data:
 AllowedResources: |- 
   - apiGroups:
       - "*"
     resources:
       - services
       - pods
   - apiGroups:
       - admission.k8s.io
       - authentication.k8s.io
     resources:
       - "*"
 DeniedResources: |- 
   - apiGroups:
       - "*"
     resources:
       - secrets
   - apiGroups:
       - admission.k8s.io
     resources:
       - policies
       - iampolicies
       - certificatepolicies

apiVersion: v1
kind: ConfigMap
metadata:
 name: search-collector-config
 namespace: <namespace where search-collector add-on is deployed>
data:
 AllowedResources: |-

1


   - apiGroups:
       - "*"
     resources:
       - services
       - pods
   - apiGroups:
       - admission.k8s.io
       - authentication.k8s.io
     resources:
       - "*"
 DeniedResources: |-

2


   - apiGroups:
       - "*"
     resources:
       - secrets
   - apiGroups:
       - admission.k8s.io
     resources:
       - policies
       - iampolicies
       - certificatepolicies

Copy to Clipboard

Toggle word wrap

1: The previous config map example displays services and pods to be collected from all apiGroups, while allowing all resources to be collected from the admission.k8s.io and authentication.k8s.io apiGroups.
2: The config map example also prevents the central collection of secrets from all apiGroups while preventing the collection of policies, iampolicies, and certificatepolicies from the apiGroup admission.k8s.io.

Note: If you do not provide a config map, all resources are collected by default. If you only provide AllowedResources, all resources not listed in AllowedResources are automatically excluded. Resources listed in AllowedResources and DeniedResources at the same time are also excluded.

1.3. Customizing the Search service
Copy link

Customize the Search service to set up persistent storage, to fine-tune for performance and scalability, or to modify certain behaviors through environment variables. Access the search configuration options from the search operator which watches the search-v2-operator custom resource, reconciles the changes, and updates active pods.

Required access: Cluster administrator

Prerequisites

You must have access to the open-cluster-management namespace.

Procedure

Complete the following steps to customize the Search service:

Modify the default values in the search-v2-operator custom resource.
1. To view details of the custom resource, run the following command:
  oc get search search-v2-operator -n <acm-namespace> -o yaml
  Copy to Clipboard Toggle word wrap
2. Configure a persistent volume claim for your clusters that are in production. If the empty directory size is limited for your PostgreSQL database, save your PostgreSQL data on a persistent volume claim to improve search performance.
  Notes:
  - When you install Red Hat Advanced Cluster Management, the PostgreSQL database is configured to save the PostgreSQL data in an empty directory (emptyDir) volume.
  - When a persistent volume claim is not configured, the SearchPVCNotPresent alert is displayed in the Status pane.
3. To persist your search data, select a storage class from your Red Hat Advanced Cluster Management hub cluster.
4. For example, create a persistent volume claim if you select the gp2 storageclass and mount the claim to the search-postgres pod. Your configuration might resemble the following example:
```
apiVersion: search.open-cluster-management.io/v1alpha1
kind: Search
metadata:
  name: search-v2-operator
  namespace: open-cluster-management
  labels:
    cluster.open-cluster-management.io/backup: ""
spec:
  dbStorage:
    size: 10Gi
    storageClassName: gp2
```
```
apiVersion: search.open-cluster-management.io/v1alpha1
kind: Search
metadata:
  name: search-v2-operator
  namespace: open-cluster-management
  labels:
    cluster.open-cluster-management.io/backup: ""
spec:
  dbStorage:
    size: 10Gi
    storageClassName: gp2
```
Copy to Clipboard Toggle word wrap
1. Modify the storage size if you need to. By default, the storage size is 10Gi. For example, 20Gi might be sufficient for about 200 managed clusters.

Optimize cost by tuning the pod memory or CPU requirements, replica count, and update log levels for any of the four search pods: indexer, database, queryapi, or collector.

Update the deployment section of the search-v2-operator custom resource. There are four deployments managed by the search-v2-operator, which can be updated individually.
Apply resources for the indexer, database, queryapi, or collector pod.
Add multiple environment variables in the envVar section to specify a value for each variable that you name.
Specify a value for each variable that you name by adding multiple environment variables in the envVar specification.
Add the - -v=3 argument for the queryapi specification to control the log level verbosity for any of the four pods. Your search-v2-operator custom resource might resemble the following file:

apiVersion: search.open-cluster-management.io/v1alpha1
kind: Search
metadata:
  name: search-v2-operator
  namespace: open-cluster-management
spec:
  deployments:
    collector:
      resources:
        limits:
          cpu: 500m
          memory: 128Mi
        requests:
          cpu: 250m
          memory: 64Mi
    indexer:
      replicaCount: 3
    database:
        envVar:
          - name: POSTGRESQL_EFFECTIVE_CACHE_SIZE
            value: 1024MB
          - name: POSTGRESQL_SHARED_BUFFERS
            value: 512MB
          - name: WORK_MEM
            value: 128MB
    queryapi:
      arguments:
      - -v=3

apiVersion: search.open-cluster-management.io/v1alpha1
kind: Search
metadata:
  name: search-v2-operator
  namespace: open-cluster-management
spec:
  deployments:
    collector:
      resources:
        limits:
          cpu: 500m
          memory: 128Mi
        requests:
          cpu: 250m
          memory: 64Mi
    indexer:
      replicaCount: 3
    database:
        envVar:
          - name: POSTGRESQL_EFFECTIVE_CACHE_SIZE
            value: 1024MB
          - name: POSTGRESQL_SHARED_BUFFERS
            value: 512MB
          - name: WORK_MEM
            value: 128MB
    queryapi:
      arguments:
      - -v=3

Copy to Clipboard

Toggle word wrap

Apply memory resources for the indexer pod. See the following example:

    indexer:
      resources:
        limits:
          memory: 5Gi
        requests:
          memory: 1Gi

    indexer:
      resources:
        limits:
          memory: 5Gi
        requests:
          memory: 1Gi

Copy to Clipboard

Toggle word wrap

Define the node placement for search pods.

Update the Placement resource of search pods by using the nodeSelector parameter, or the tolerations parameter. View the following example configuration:

spec:
 dbStorage:
  size: 10Gi
 deployments:
  collector: {}
  database: {}
  indexer: {}
  queryapi: {}
 nodeSelector:
  node-role.kubernetes.io/infra: ""
 tolerations:
 - effect: NoSchedule
  key: node-role.kubernetes.io/infra
  operator: Exists

spec:
 dbStorage:
  size: 10Gi
 deployments:
  collector: {}
  database: {}
  indexer: {}
  queryapi: {}
 nodeSelector:
  node-role.kubernetes.io/infra: ""
 tolerations:
 - effect: NoSchedule
  key: node-role.kubernetes.io/infra
  operator: Exists

Copy to Clipboard

Toggle word wrap

1.4. Customizing the console for Search
Copy link

Customize your console for Search to specify how you want data and search results to be displayed.

Required access: Cluster administrator

Prerequisites

You must have access to the open-cluster-management namespace.

Procedure

Complete the following tasks to perform the customization:

Customize the search result limit from the OpenShift Container Platform console.
1. Update the console-mce-config in the multicluster-engine namespace. These settings apply to all users and might affect performance. View the following performance parameter descriptions:
  - SAVED_SEARCH_LIMIT - The maximum amount of saved searches for each user. By default, there is a limit of ten saved searches for each user. The default value is 10. To update the limit, add the following key value to the console-config config map: SAVED_SEARCH_LIMIT: x.
  - SEARCH_RESULT_LIMIT - The maximum amount of search results displayed in the console. Default value is 1000. To remove this limit set to -1.
  - SEARCH_AUTOCOMPLETE_LIMIT - The maximum number of suggestions retrieved for the search bar typeahead. Default value is 10,000. To remove this limit set to -1.
2. Change the search result to 100 items by running the following patch command from the OpenShift Container Platform console:
```
oc patch configmap console-mce-config -n multicluster-engine --type merge -p '{"data":{"SEARCH_RESULT_LIMIT":"100"}}'
```
```
oc patch configmap console-mce-config -n multicluster-engine --type merge -p '{"data":{"SEARCH_RESULT_LIMIT":"100"}}'
```
Copy to Clipboard Toggle word wrap

To add, edit, or remove suggested searches, create a config map named console-search-config and configure the suggestedSearches section. Suggested searches that are listed are also displayed from the console. It is required to have an id, name, and searchText for each search object.

Add the namespace where search is enabled. View the following config map example:

kind: ConfigMap
apiVersion: v1
metadata:
  name: console-search-config
  namespace: <acm-namespace>
data:
  suggestedSearches: |-
    [
      {
        "id": "search.suggested.workloads.name",
        "name": "Workloads",
        "description": "Show workloads running on your fleet",
        "searchText": "kind:DaemonSet,Deployment,Job,StatefulSet,ReplicaSet"
      },
      {
        "id": "search.suggested.unhealthy.name",
        "name": "Unhealthy pods",
        "description": "Show pods with unhealthy status",
        "searchText": "kind:Pod status:Pending,Error,Failed,Terminating,ImagePullBackOff,CrashLoopBackOff,RunContainerError,ContainerCreating"
      },
      {
        "id": "search.suggested.createdLastHour.name",
        "name": "Created last hour",
        "description": "Show resources created within the last hour",
        "searchText": "created:hour"
      },
      {
        "id": "search.suggested.virtualmachines.name",
        "name": "Virtual Machines",
        "description": "Show virtual machine resources",
        "searchText": "kind:VirtualMachine"
      }
    ]

kind: ConfigMap
apiVersion: v1
metadata:
  name: console-search-config
  namespace: <acm-namespace>
data:
  suggestedSearches: |-
    [
      {
        "id": "search.suggested.workloads.name",
        "name": "Workloads",
        "description": "Show workloads running on your fleet",
        "searchText": "kind:DaemonSet,Deployment,Job,StatefulSet,ReplicaSet"
      },
      {
        "id": "search.suggested.unhealthy.name",
        "name": "Unhealthy pods",
        "description": "Show pods with unhealthy status",
        "searchText": "kind:Pod status:Pending,Error,Failed,Terminating,ImagePullBackOff,CrashLoopBackOff,RunContainerError,ContainerCreating"
      },
      {
        "id": "search.suggested.createdLastHour.name",
        "name": "Created last hour",
        "description": "Show resources created within the last hour",
        "searchText": "created:hour"
      },
      {
        "id": "search.suggested.virtualmachines.name",
        "name": "Virtual Machines",
        "description": "Show virtual machine resources",
        "searchText": "kind:VirtualMachine"
      }
    ]

Copy to Clipboard

Toggle word wrap

1.4.1. Querying in the console
Copy link

You can type any text value in the Search box and results include anything with that value from any property, such as a name or namespace. Queries that contain an empty space are not supported.

As you search for resources, you receive other resources that are related to your original search result, which help you visualize how the resources interact with other resources in the system.

Required access: Cluster administrator

For more specific search results, include the property selector in your search. You can combine related values for the property for a more precise scope of your search. For example, search for cluster:dev red to receive results that match the string "red" in the dev cluster.

Procedure

Search returns and lists each cluster with the resource that you search. For resources in the hub cluster, the cluster name is displayed as local-cluster.

You can change the local-cluster name if the enabled field is set to false. You must use 34 or fewer characters for the <your-local-cluster-name> value. The local-cluster cannot be renamed if it is set as enabled: true.

Note: If you change the default name of your local-cluster to another value, the results appear within the changed local cluster name.

Your search results are grouped by kind, and each resource kind is grouped in a table. Search options depend on your cluster objects. Refine your results with specific labels.

Complete the following steps to make queries with search:

Click Search in the navigation menu.
Type a word in the Search box, then Search finds your resources that contain that value.
Note: Search is case-sensitive when you query labels.
See the following examples that you can select for filtering: name, namespace, status, and other resource fields. Auto-complete provides suggestions to refine your search. See the following example:
- Search for a single field, such as kind:pod to find all pod resources.
- Search for multiple fields, such as kind:pod namespace:default to find the pods in the default namespace.
  Notes:
- When you search for more than one property selector with multiple values, the search returns either of the values that were queried. View the following examples:
- When you search for kind:Pod name:a, any pod named a is returned.
- When you search for kind:Pod name:a,b, any pod named a or b are returned.
- Search for kind:pod status:!Running to find all pod resources where the status is not Running.
- Search for kind:pod restarts:>1 to find all pods that restarted at least twice.
Specify your search query by selecting the Advanced search drop-down button to filter the Column, Operator, and Value options or add a search constraint.
If you want to save your search, click the Save search icon.
To download your search results, select the Export as CSV button.

1.5. Updating klusterlet-addon-search deployments
Copy link

To collect the Kubernetes objects from the managed clusters, the klusterlet-addon-search pod is run on all the managed clusters where search is enabled. This deployment is run in the open-cluster-management-agent-addon namespace. A managed cluster with a high number of resources might require more memory for the klusterlet-addon-search deployment to function.

Required access: Cluster administrator

Resource requirements for the klusterlet-addon-search pod in a managed cluster can be specified in the ManagedClusterAddon custom resource in your Red Hat Advanced Cluster Management hub cluster. There is a namespace for each managed cluster with the managed cluster name. Complete the following steps:

Edit the ManagedClusterAddon custom resource from the namespace matching the managed cluster name. Run the following command to update the resource requirement in xyz managed cluster:
```
oc edit managedclusteraddon search-collector -n xyz
```
```
oc edit managedclusteraddon search-collector -n xyz
```
Copy to Clipboard Toggle word wrap

Append the resource requirements as annotations. View the following example:

apiVersion: addon.open-cluster-management.io/v1alpha1
kind: ManagedClusterAddOn
metadata:
  annotations: addon.open-cluster-management.io/search_memory_limit: 2048Mi
  addon.open-cluster-management.io/search_memory_request: 512Mi

apiVersion: addon.open-cluster-management.io/v1alpha1
kind: ManagedClusterAddOn
metadata:
  annotations: addon.open-cluster-management.io/search_memory_limit: 2048Mi
  addon.open-cluster-management.io/search_memory_request: 512Mi

Copy to Clipboard

Toggle word wrap

The annotation overrides the resource requirements on the managed clusters and automatically restarts the pod with new resource requirements.

Note: You can discover all resources defined in your managed cluster by using the API Explorer in the console. Alternatively, you can discover all resources by running the following command: oc api-resources

1.1. Search service
Copy link

1.1.1. Search components
Copy link

1.1.2. Search operations and data types
Copy link

1.1.3. Additional resources
Copy link

1.2. Creating search configurable collection
Copy link

1.3. Customizing the Search service
Copy link

1.4. Customizing the console for Search
Copy link

1.4.1. Querying in the console
Copy link

1.5. Updating klusterlet-addon-search deployments
Copy link

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

Making open source more inclusive

About Red Hat

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

Chapter 1. Search

1.1. Search serviceCopy linkLink copied to clipboard!

1.1.1. Search componentsCopy linkLink copied to clipboard!

1.1.2. Search operations and data typesCopy linkLink copied to clipboard!

1.1.3. Additional resourcesCopy linkLink copied to clipboard!

1.2. Creating search configurable collectionCopy linkLink copied to clipboard!

1.3. Customizing the Search serviceCopy linkLink copied to clipboard!

1.4. Customizing the console for SearchCopy linkLink copied to clipboard!

1.4.1. Querying in the consoleCopy linkLink copied to clipboard!

1.5. Updating klusterlet-addon-search deploymentsCopy linkLink copied to clipboard!

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

Making open source more inclusive

About Red Hat

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

1.1. Search service
Copy link

1.1.1. Search components
Copy link

1.1.2. Search operations and data types
Copy link

1.1.3. Additional resources
Copy link

1.2. Creating search configurable collection
Copy link

1.3. Customizing the Search service
Copy link

1.4. Customizing the console for Search
Copy link

1.4.1. Querying in the console
Copy link

1.5. Updating klusterlet-addon-search deployments
Copy link