Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 4. Quick start

Prerequisites

  • You have access to an OpenShift Container Platform cluster with cluster-admin permissions.
  • You installed the OpenShift CLI (oc).
  • You have access to a supported object store. For example, AWS S3, Google Cloud Storage, Azure, Swift, Minio, or OpenShift Data Foundation.

Procedure

  1. Install the Red Hat OpenShift Logging Operator, Loki Operator, and Cluster Observability Operator (COO) from OperatorHub.

  2. Create a secret to access an existing object storage bucket:

    Example command for AWS

    $ oc create secret generic logging-loki-s3 \
  --from-literal=bucketnames="<bucket_name>" \
  --from-literal=endpoint="<aws_bucket_endpoint>" \
  --from-literal=access_key_id="<aws_access_key_id>" \
  --from-literal=access_key_secret="<aws_access_key_secret>" \
  --from-literal=region="<aws_region_of_your_bucket>" \
  -n openshift-logging
    Copy to Clipboard Toggle word wrap

  3. Create a LokiStack custom resource (CR) in the openshift-logging namespace: 

    apiVersion: loki.grafana.com/v1
kind: LokiStack
metadata:
  name: logging-loki
  namespace: openshift-logging
spec:
  managementState: Managed
  size: 1x.extra-small
  storage:
    schemas:
    - effectiveDate: '2022-06-01'
      version: v13
    secret:
      name: logging-loki-s3
      type: s3
  storageClassName: gp3-csi
  tenants:
    mode: openshift-logging
    Copy to Clipboard Toggle word wrap

  4. Create a service account for the collector: 

    $ oc create sa collector -n openshift-logging
    Copy to Clipboard Toggle word wrap

  5. Bind the ClusterRole to the service account: 

    $ oc adm policy add-cluster-role-to-user logging-collector-logs-writer -z collector -n openshift-logging
    Copy to Clipboard Toggle word wrap

  6. Create a UIPlugin to enable the Log section in the Observe tab: 

    apiVersion: observability.openshift.io/v1alpha1
kind: UIPlugin
metadata:
  name: logging
spec:
  type: Logging
  logging:
    lokiStack:
      name: logging-loki
    Copy to Clipboard Toggle word wrap

  7. Add additional roles to the collector service account: 

    $ oc adm policy add-cluster-role-to-user collect-application-logs -z collector -n openshift-logging
    Copy to Clipboard Toggle word wrap 
    $ oc adm policy add-cluster-role-to-user collect-audit-logs -z collector -n openshift-logging
    Copy to Clipboard Toggle word wrap 
    $ oc adm policy add-cluster-role-to-user collect-infrastructure-logs -z collector -n openshift-logging
    Copy to Clipboard Toggle word wrap

  8. Create a ClusterLogForwarder CR to configure log forwarding: 

    apiVersion: observability.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: collector
  namespace: openshift-logging
spec:
  serviceAccount:
    name: collector
  outputs:
  - name: default-lokistack
    type: lokiStack
    lokiStack:
      target:
        name: logging-loki
        namespace: openshift-logging
      authentication:
        token:
          from: serviceAccount
    tls:
      ca:
        key: service-ca.crt
        configMapName: openshift-service-ca.crt
  pipelines:
  - name: default-logstore
    inputRefs:
    - application
    - infrastructure
    outputRefs:
    - default-lokistack
    Copy to Clipboard Toggle word wrap

Verification

  • Verify that logs are visible in the Log section of the Observe tab in the OpenShift Container Platform web console.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat