Red Hat SummitQuesto contenuto non è disponibile nella lingua selezionata.
Chapter 9. Viewing logs and audit records
As a cluster administrator, you can use the OpenShift AI Operator logger to monitor and troubleshoot issues. You can also use OpenShift audit records to review a history of changes made to the OpenShift AI Operator configuration.
9.1. Configuring the OpenShift AI Operator logger
You can change the log level for OpenShift AI Operator components by setting the .spec.devFlags.logmode flag for the DSC Initialization/DSCI custom resource during runtime. If you do not set a logmode value, the logger uses the INFO log level by default.
The log level that you set with .spec.devFlags.logmode applies to all components, not just those in a Managed state.
The following table shows the available log levels:
| Log level | Stacktrace level | Verbosity | Output | Timestamp type |
|---|---|---|---|---|
|
| WARN | INFO | Console | Epoch timestamps |
|
| ERROR | INFO | JSON | Human-readable timestamps |
|
| ERROR | INFO | JSON | Human-readable timestamps |
Logs that are set to devel or development generate in a plain text console format. Logs that are set to prod, production, or which do not have a level set generate in a JSON format.
Prerequisites
-
You have administrator access to the
DSCInitializationresources in the OpenShift cluster. You have installed the OpenShift CLI (
oc) as described in the appropriate documentation for your cluster:- Installing the OpenShift CLI for OpenShift Container Platform
- Installing the OpenShift CLI for Red Hat OpenShift Service on AWS
Procedure
- Log in to the OpenShift as a cluster administrator.
-
Click Operators
Installed Operators and then click the Red Hat OpenShift AI Operator. - Click the DSC Initialization tab.
- Click the default-dsci object.
- Click the YAML tab.
In the
specsection, update the.spec.devFlags.logmodeflag with the log level that you want to set.apiVersion: dscinitialization.opendatahub.io/v2 kind: DSCInitialization metadata: name: default-dsci spec: devFlags: logmode: development- Click Save.
You can also configure the log level from the OpenShift CLI (oc) by using the following command with the logmode value set to the log level that you want.
oc patch dsci default-dsci -p '{"spec":{"devFlags":{"logmode":"development"}}}' --type=mergeVerification
-
If you set the component log level to
develordevelopment, logs generate more frequently and include logs atWARNlevel and above. -
If you set the component log level to
prodorproduction, or do not set a log level, logs generate less frequently and include logs atERRORlevel or above.
9.1.1. Viewing the OpenShift AI Operator logs
-
Log in to the OpenShift CLI (
oc). Run the following command to stream logs from all Operator pods:
for pod in $(oc get pods -l name=rhods-operator -n redhat-ods-operator -o name); do oc logs -f "$pod" -n redhat-ods-operator & doneThe Operator pod logs open in your terminal.
TipPress
Ctrl+Cto stop viewing. To fully stop all log streams, runkill $(jobs -p).
You can also view each Operator pod log in the OpenShift console by navigating to Workloads redhat-ods-operator project, clicking a pod name, and then clicking the Logs tab.
9.2. Viewing audit records
Cluster administrators can use OpenShift auditing to see changes made to the OpenShift AI Operator configuration by reviewing modifications to the DataScienceCluster (DSC) and DSCInitialization (DSCI) custom resources. Audit logging is enabled by default in standard OpenShift cluster configurations. For more information, see Viewing audit logs in the OpenShift documentation.
In Red Hat OpenShift Service on AWS, audit logging is disabled by default because the Elasticsearch log store does not provide secure storage for audit logs. To configure log forwarding, see Logging in the Red Hat OpenShift Service on AWS documentation.
The following example shows how to use the OpenShift audit logs to see the history of changes made (by users) to the DSC and DSCI custom resources.
Prerequisites
- You have cluster administrator privileges for your OpenShift cluster.
You have installed the OpenShift CLI (
oc) as described in the appropriate documentation for your cluster:- Installing the OpenShift CLI for OpenShift Container Platform
- Installing the OpenShift CLI for Red Hat OpenShift Service on AWS
Procedure
In a terminal window, if you are not already logged in to your OpenShift cluster as a cluster administrator, log in to the OpenShift CLI as shown in the following example:
$ oc login <openshift_cluster_url> -u <admin_username> -p <password>-
To access the full content of the changed custom resources, set the OpenShift audit log policy to
WriteRequestBodiesor a more comprehensive profile. For more information, see Configuring the audit log policy. Fetch the audit log files that are available for the relevant control plane nodes. For example:
oc adm node-logs --role=master --path=kube-apiserver/ \ | awk '{ print $1 }' | sort -u \ | while read node ; do oc adm node-logs $node --path=kube-apiserver/audit.log < /dev/null done \ | grep opendatahub > /tmp/kube-apiserver-audit-opendatahub.logSearch the files for the DSC and DSCI custom resources. For example:
jq 'select((.objectRef.apiGroup == "dscinitialization.opendatahub.io" or .objectRef.apiGroup == "datasciencecluster.opendatahub.io") and .user.username != "system:serviceaccount:redhat-ods-operator:redhat-ods-operator-controller-manager" and .verb != "get" and .verb != "watch" and .verb != "list")' < /tmp/kube-apiserver-audit-opendatahub.log
Verification
- The commands return relevant log entries.
To configure the log retention time, see the Logging section in the OpenShift documentation.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}