Red Hat Summit Red Hat Summit지원콘솔개발자평가판 시작연락처

11.4.

11.4.1.
링크 복사

apiVersion: "logging.openshift.io/v1"
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
1 

  namespace: <log_forwarder_namespace>
2 

spec:
  serviceAccountName: <service_account_name>
3 

  outputs:
   - name: elasticsearch-secure
4 

     type: "elasticsearch"
     url: https://elasticsearch.secure.com:9200
     secret:
        name: elasticsearch
   - name: elasticsearch-insecure
5 

     type: "elasticsearch"
     url: http://elasticsearch.insecure.com:9200
   - name: kafka-app
6 

     type: "kafka"
     url: tls://kafka.secure.com:9093/app-topic
  inputs:
7 

   - name: my-app-logs
     application:
        namespaces:
        - my-project
  pipelines:
   - name: audit-logs
8 

     inputRefs:
      - audit
     outputRefs:
      - elasticsearch-secure
      - default
     labels:
       secure: "true"
9 

       datacenter: "east"
   - name: infrastructure-logs
10 

     inputRefs:
      - infrastructure
     outputRefs:
      - elasticsearch-insecure
     labels:
       datacenter: "west"
   - name: my-app
11 

     inputRefs:
      - my-app-logs
     outputRefs:
      - default
   - inputRefs:
12 

      - application
     outputRefs:
      - kafka-app
     labels:
       datacenter: "south"
Copy to Clipboard Toggle word wrap

1
2
3
4
5
6
7
8
9
10
11
12

11.4.1.1.
링크 복사

$ oc create secret generic -n <namespace> <secret_name> \
  --from-file=ca-bundle.crt=<your_bundle_file> \
  --from-literal=username=<your_username> \
  --from-literal=password=<your_password>
Copy to Clipboard Toggle word wrap
참고

11.4.2.
링크 복사

중요

apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
1 

  namespace: <log_forwarder_namespace>
2 

spec:
  serviceAccountName: <service_account_name>
3 

  pipelines:
   - inputRefs:
     - <log_type>
4 

     outputRefs:
     - <output_name>
5 

  outputs:
  - name: <output_name>
6 

    type: <output_type>
7 

    url: <log_output_url>
8 

# ...
Copy to Clipboard Toggle word wrap

1
2
3
4
5 7
참고

6
8

11.4.3.
링크 복사

중요

apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
# ...
spec:
  tuning:
    delivery: AtLeastOnce
1 

    compression: none
2 

    maxWrite: <integer>
3 

    minRetryDuration: 1s
4 

    maxRetryDuration: 1s
5 

# ...
Copy to Clipboard Toggle word wrap

1
2
3
4
5
Expand
표 11.9.
          

 

   

 

 

   

 

  

   

 

  

   

    

    

11.4.4.
링크 복사

주의

java.lang.NullPointerException: Cannot invoke "String.toString()" because "<param1>" is null
    at testjava.Main.handle(Main.java:47)
    at testjava.Main.printMe(Main.java:19)
    at testjava.Main.main(Main.java:10)
Copy to Clipboard Toggle word wrap 

apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: instance
  namespace: openshift-logging
spec:
  pipelines:
    - name: my-app-logs
      inputRefs:
        - application
      outputRefs:
        - default
      detectMultilineErrors: true
Copy to Clipboard Toggle word wrap

11.4.4.1.
링크 복사

Expand
표 11.10.
   

11.4.4.2.
링크 복사

[transforms.detect_exceptions_app-logs]
 type = "detect_exceptions"
 inputs = ["application"]
 languages = ["All"]
 group_by = ["kubernetes.namespace_name","kubernetes.pod_name","kubernetes.container_name"]
 expire_after_ms = 2000
 multiline_flush_interval_ms = 1000
Copy to Clipboard Toggle word wrap 

<label @MULTILINE_APP_LOGS>
  <match kubernetes.**>
    @type detect_exceptions
    remove_tag_prefix 'kubernetes'
    message message
    force_line_breaks true
    multiline_flush_interval .2
  </match>
</label>
Copy to Clipboard Toggle word wrap

11.4.5.
링크 복사

참고

  1. $ oc -n openshift-logging create secret generic gcp-secret --from-file google-application-credentials.json=<your_service_account_key_file.json>
    Copy to Clipboard Toggle word wrap 

  2. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
    - name: gcp-1
      type: googleCloudLogging
      secret:
        name: gcp-secret
      googleCloudLogging:
        projectId : "openshift-gce-devel"
    4 
    
        logId : "app-gcp"
    5 
    
  pipelines:
    - name: test-app
      inputRefs:
    6 
    
        - application
      outputRefs:
        - gcp-1
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6

11.4.6.
링크 복사

참고

  1. $ oc -n openshift-logging create secret generic vector-splunk-secret --from-literal hecToken=<HEC_Token>
    Copy to Clipboard Toggle word wrap 

  2. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
    - name: splunk-receiver
    4 
    
      secret:
        name: vector-splunk-secret
    5 
    
      type: splunk
    6 
    
      url: <http://your.splunk.hec.url:8088>
    7 
    
  pipelines:
    8 
    
    - inputRefs:
        - application
        - infrastructure
      name:
    9 
    
      outputRefs:
        - splunk-receiver
    10
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10

11.4.7.
링크 복사

  • apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
    - name: httpout-app
      type: http
      url:
    4 
    
      http:
        headers:
    5 
    
          h1: v1
          h2: v2
        method: POST
      secret:
        name:
    6 
    
      tls:
        insecureSkipVerify:
    7 
    
  pipelines:
    - name:
      inputRefs:
        - application
      outputRefs:
        - httpout-app
    8
    Copy to Clipboard Toggle word wrap

    1
    2
    3
    4
    5
    6
    7
    8

11.4.8.
링크 복사

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
  namespace: openshift-logging
type: Opaque
data:
  shared_key: <your_shared_key>
1
Copy to Clipboard Toggle word wrap
1 

Get-AzOperationalInsightsWorkspaceSharedKey -ResourceGroupName "<resource_name>" -Name "<workspace_name>”
Copy to Clipboard Toggle word wrap 

apiVersion: "logging.openshift.io/v1"
kind: "ClusterLogForwarder"
metadata:
  name: instance
  namespace: openshift-logging
spec:
  outputs:
  - name: azure-monitor
    type: azureMonitor
    azureMonitor:
      customerId: my-customer-id
1 

      logType: my_log_type
2 

    secret:
       name: my-secret
  pipelines:
  - name: app-pipeline
    inputRefs:
    - application
    outputRefs:
    - azure-monitor
Copy to Clipboard Toggle word wrap

1
2 

apiVersion: "logging.openshift.io/v1"
kind: "ClusterLogForwarder"
metadata:
  name: instance
  namespace: openshift-logging
spec:
  outputs:
  - name: azure-monitor-app
    type: azureMonitor
    azureMonitor:
      customerId: my-customer-id
      logType: application_log
1 

    secret:
      name: my-secret
  - name: azure-monitor-infra
    type: azureMonitor
    azureMonitor:
      customerId: my-customer-id
      logType: infra_log #
    secret:
      name: my-secret
  pipelines:
    - name: app-pipeline
      inputRefs:
      - application
      outputRefs:
      - azure-monitor-app
    - name: infra-pipeline
      inputRefs:
      - infrastructure
      outputRefs:
      - azure-monitor-infra
Copy to Clipboard Toggle word wrap

1 

apiVersion: "logging.openshift.io/v1"
kind: "ClusterLogForwarder"
metadata:
  name: instance
  namespace: openshift-logging
spec:
  outputs:
  - name: azure-monitor
    type: azureMonitor
    azureMonitor:
      customerId: my-customer-id
      logType: my_log_type
      azureResourceId: "/subscriptions/111111111"
1 

      host: "ods.opinsights.azure.com"
2 

    secret:
       name: my-secret
  pipelines:
  - name: app-pipeline
    inputRefs:
    - application
    outputRefs:
    - azure-monitor
Copy to Clipboard Toggle word wrap

1
2

11.4.9.
링크 복사

  1. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: instance
    1 
    
  namespace: openshift-logging
    2 
    
spec:
  outputs:
   - name: fluentd-server-secure
    3 
    
     type: fluentdForward
    4 
    
     url: 'tls://fluentdserver.security.example.com:24224'
    5 
    
     secret:
    6 
    
        name: fluentd-secret
   - name: fluentd-server-insecure
     type: fluentdForward
     url: 'tcp://fluentdserver.home.example.com:24224'
  inputs:
    7 
    
   - name: my-app-logs
     application:
        namespaces:
        - my-project
    8 
    
  pipelines:
   - name: forward-to-fluentd-insecure
    9 
    
     inputRefs:
    10 
    
     - my-app-logs
     outputRefs:
    11 
    
     - fluentd-server-insecure
     labels:
       project: "my-project"
    12 
    
   - name: forward-to-fluentd-secure
    13 
    
     inputRefs:
     - application
    14 
    
     - audit
     - infrastructure
     outputRefs:
     - fluentd-server-secure
     - default
     labels:
       clusterId: "C1234"
    Copy to Clipboard Toggle word wrap

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14 

  2. $ oc apply -f <filename>.yaml
    Copy to Clipboard Toggle word wrap

11.4.10.
링크 복사

  1. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  pipelines:
    - inputRefs: [ myAppLogData ]
    3 
    
      outputRefs: [ default ]
    4 
    
  inputs:
    5 
    
    - name: myAppLogData
      application:
        selector:
          matchLabels:
    6 
    
            environment: production
            app: nginx
        namespaces:
    7 
    
        - app1
        - app2
  outputs:
    8 
    
    - <output_name>
    ...
    Copy to Clipboard Toggle word wrap

    1
    2
    3
    4
    5
    6
    7
    8 

    3. - inputRefs: [ myAppLogData, myOtherAppLogData ]
      Copy to Clipboard Toggle word wrap 

  4. $ oc create -f <file-name>.yaml
    Copy to Clipboard Toggle word wrap

11.4.11.
링크 복사

참고

참고

apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: instance
  namespace: openshift-logging
spec:
  pipelines:
    - name: my-pipeline
      inputRefs: audit
1 

      filterRefs: my-policy
2 

      outputRefs: default
  filters:
    - name: my-policy
      type: kubeAPIAudit
      kubeAPIAudit:
        # Don't generate audit events for all requests in RequestReceived stage.
        omitStages:
          - "RequestReceived"

        rules:
          # Log pod changes at RequestResponse level
          - level: RequestResponse
            resources:
            - group: ""
              resources: ["pods"]

          # Log "pods/log", "pods/status" at Metadata level
          - level: Metadata
            resources:
            - group: ""
              resources: ["pods/log", "pods/status"]

          # Don't log requests to a configmap called "controller-leader"
          - level: None
            resources:
            - group: ""
              resources: ["configmaps"]
              resourceNames: ["controller-leader"]

          # Don't log watch requests by the "system:kube-proxy" on endpoints or services
          - level: None
            users: ["system:kube-proxy"]
            verbs: ["watch"]
            resources:
            - group: "" # core API group
              resources: ["endpoints", "services"]

          # Don't log authenticated requests to certain non-resource URL paths.
          - level: None
            userGroups: ["system:authenticated"]
            nonResourceURLs:
            - "/api*" # Wildcard matching.
            - "/version"

          # Log the request body of configmap changes in kube-system.
          - level: Request
            resources:
            - group: "" # core API group
              resources: ["configmaps"]
            # This rule only applies to resources in the "kube-system" namespace.
            # The empty string "" can be used to select non-namespaced resources.
            namespaces: ["kube-system"]

          # Log configmap and secret changes in all other namespaces at the Metadata level.
          - level: Metadata
            resources:
            - group: "" # core API group
              resources: ["secrets", "configmaps"]

          # Log all other resources in core and extensions at the Request level.
          - level: Request
            resources:
            - group: "" # core API group
            - group: "extensions" # Version of group should NOT be included.

          # A catch-all rule to log all other requests at the Metadata level.
          - level: Metadata
Copy to Clipboard Toggle word wrap

1
2

11.4.12.
링크 복사

  1. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
  - name: loki-insecure
    4 
    
    type: "loki"
    5 
    
    url: http://loki.insecure.com:3100
    6 
    
    loki:
      tenantKey: kubernetes.namespace_name
      labelKeys:
      - kubernetes.labels.foo
  - name: loki-secure
    7 
    
    type: "loki"
    url: https://loki.secure.com:3100
    secret:
      name: loki-secret
    8 
    
    loki:
      tenantKey: kubernetes.namespace_name
    9 
    
      labelKeys:
      - kubernetes.labels.foo
    10 
    
  pipelines:
  - name: application-logs
    11 
    
    inputRefs:
    12 
    
    - application
    - audit
    outputRefs:
    13 
    
    - loki-secure
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    참고

  2. $ oc apply -f <filename>.yaml
    Copy to Clipboard Toggle word wrap

11.4.13.
링크 복사

참고

  1. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
   - name: elasticsearch-example
    4 
    
     type: elasticsearch
    5 
    
     elasticsearch:
       version: 8
    6 
    
     url: http://elasticsearch.example.com:9200
    7 
    
     secret:
       name: es-secret
    8 
    
  pipelines:
   - name: application-logs
    9 
    
     inputRefs:
    10 
    
     - application
     - audit
     outputRefs:
     - elasticsearch-example
    11 
    
     - default
    12 
    
     labels:
       myLabel: "myValue"
    13 
    
# ...
    Copy to Clipboard Toggle word wrap

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13 

  2. $ oc apply -f <filename>.yaml
    Copy to Clipboard Toggle word wrap 

  1. apiVersion: v1
kind: Secret
metadata:
  name: openshift-test-secret
data:
  username: <username>
  password: <password>
# ...
    Copy to Clipboard Toggle word wrap 

  2. $ oc create secret -n openshift-logging openshift-test-secret.yaml
    Copy to Clipboard Toggle word wrap 

  3. kind: ClusterLogForwarder
metadata:
  name: instance
  namespace: openshift-logging
spec:
  outputs:
   - name: elasticsearch
     type: "elasticsearch"
     url: https://elasticsearch.secure.com:9200
     secret:
        name: openshift-test-secret
# ...
    Copy to Clipboard Toggle word wrap
    참고

  4. $ oc apply -f <filename>.yaml
    Copy to Clipboard Toggle word wrap

11.4.14.
링크 복사

  1. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: instance
    1 
    
  namespace: openshift-logging
    2 
    
spec:
  outputs:
   - name: fluentd-server-secure
    3 
    
     type: fluentdForward
    4 
    
     url: 'tls://fluentdserver.security.example.com:24224'
    5 
    
     secret:
    6 
    
        name: fluentd-secret
   - name: fluentd-server-insecure
     type: fluentdForward
     url: 'tcp://fluentdserver.home.example.com:24224'
  pipelines:
   - name: forward-to-fluentd-secure
    7 
    
     inputRefs:
    8 
    
     - application
     - audit
     outputRefs:
     - fluentd-server-secure
    9 
    
     - default
    10 
    
     labels:
       clusterId: "C1234"
    11 
    
   - name: forward-to-fluentd-insecure
    12 
    
     inputRefs:
     - infrastructure
     outputRefs:
     - fluentd-server-insecure
     labels:
       clusterId: "C1234"
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12 

  2. $ oc create -f <file-name>.yaml
    Copy to Clipboard Toggle word wrap

11.4.14.1.
링크 복사

input { tcp { codec => fluent { nanosecond_precision => true } port => 24114 } }
filter { }
output { stdout { codec => rubydebug } }
Copy to Clipboard Toggle word wrap

11.4.15.
링크 복사

  1. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
   - name: rsyslog-east
    4 
    
     type: syslog
    5 
    
     syslog:
    6 
    
       facility: local0
       rfc: RFC3164
       payloadKey: message
       severity: informational
     url: 'tls://rsyslogserver.east.example.com:514'
    7 
    
     secret:
    8 
    
        name: syslog-secret
   - name: rsyslog-west
     type: syslog
     syslog:
      appName: myapp
      facility: user
      msgID: mymsg
      procID: myproc
      rfc: RFC5424
      severity: debug
     url: 'tcp://rsyslogserver.west.example.com:514'
  pipelines:
   - name: syslog-east
    9 
    
     inputRefs:
    10 
    
     - audit
     - application
     outputRefs:
    11 
    
     - rsyslog-east
     - default
    12 
    
     labels:
       secure: "true"
    13 
    
       syslog: "east"
   - name: syslog-west
    14 
    
     inputRefs:
     - infrastructure
     outputRefs:
     - rsyslog-west
     - default
     labels:
       syslog: "west"
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14 

  2. $ oc create -f <filename>.yaml
    Copy to Clipboard Toggle word wrap

11.4.15.1.
링크 복사

  spec:
    outputs:
    - name: syslogout
      syslog:
        addLogSource: true
        facility: user
        payloadKey: message
        rfc: RFC3164
        severity: debug
        tag: mytag
      type: syslog
      url: tls://syslog-receiver.openshift-logging.svc:24224
    pipelines:
    - inputRefs:
      - application
      name: test-app
      outputRefs:
      - syslogout
Copy to Clipboard Toggle word wrap
참고

<15>1 2020-11-15T17:06:14+00:00 fluentd-9hkb4 mytag - - -  {"msgcontent"=>"Message Contents", "timestamp"=>"2020-11-15 17:06:09", "tag_key"=>"rec_tag", "index"=>56}
Copy to Clipboard Toggle word wrap 

<15>1 2020-11-16T10:49:37+00:00 crc-j55b9-master-0 mytag - - -  namespace_name=clo-test-6327,pod_name=log-generator-ff9746c49-qxm7l,container_name=log-generator,message={"msgcontent":"My life is my message", "timestamp":"2020-11-16 10:49:36", "tag_key":"rec_tag", "index":76}
Copy to Clipboard Toggle word wrap

11.4.15.2.
링크 복사

  • 참고

11.4.15.3.
링크 복사

11.4.16.
링크 복사

  1. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
   - name: app-logs
    4 
    
     type: kafka
    5 
    
     url: tls://kafka.example.devlab.com:9093/app-topic
    6 
    
     secret:
       name: kafka-secret
    7 
    
   - name: infra-logs
     type: kafka
     url: tcp://kafka.devlab2.example.com:9093/infra-topic
    8 
    
   - name: audit-logs
     type: kafka
     url: tls://kafka.qelab.example.com:9093/audit-topic
     secret:
        name: kafka-secret-qe
  pipelines:
   - name: app-topic
    9 
    
     inputRefs:
    10 
    
     - application
     outputRefs:
    11 
    
     - app-logs
     labels:
       logType: "application"
    12 
    
   - name: infra-topic
    13 
    
     inputRefs:
     - infrastructure
     outputRefs:
     - infra-logs
     labels:
       logType: "infra"
   - name: audit-topic
     inputRefs:
     - audit
     outputRefs:
     - audit-logs
     labels:
       logType: "audit"
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13 

  2. # ...
spec:
  outputs:
  - name: app-logs
    type: kafka
    secret:
      name: kafka-secret-dev
    kafka:
    1 
    
      brokers:
    2 
    
        - tls://kafka-broker1.example.com:9093/
        - tls://kafka-broker2.example.com:9093/
      topic: app-topic
    3 
    
# ...
    Copy to Clipboard Toggle word wrap
    1
    2
    3 

  3. $ oc apply -f <filename>.yaml
    Copy to Clipboard Toggle word wrap

11.4.17.
링크 복사

  1. apiVersion: v1
kind: Secret
metadata:
  name: cw-secret
  namespace: openshift-logging
data:
  aws_access_key_id: QUtJQUlPU0ZPRE5ON0VYQU1QTEUK
  aws_secret_access_key: d0phbHJYVXRuRkVNSS9LN01ERU5HL2JQeFJmaUNZRVhBTVBMRUtFWQo=
    Copy to Clipboard Toggle word wrap 

  2. $ oc apply -f cw-secret.yaml
    Copy to Clipboard Toggle word wrap 

  3. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: <service_account_name>
    3 
    
  outputs:
   - name: cw
    4 
    
     type: cloudwatch
    5 
    
     cloudwatch:
       groupBy: logType
    6 
    
       groupPrefix: <group prefix>
    7 
    
       region: us-east-2
    8 
    
     secret:
        name: cw-secret
    9 
    
  pipelines:
    - name: infra-logs
    10 
    
      inputRefs:
    11 
    
        - infrastructure
        - audit
        - application
      outputRefs:
        - cw
    12
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12 

  4. $ oc create -f <file-name>.yaml
    Copy to Clipboard Toggle word wrap 

$ oc get Infrastructure/cluster -ojson | jq .status.infrastructureName
"mycluster-7977k"
Copy to Clipboard Toggle word wrap 

$ oc run busybox --image=busybox -- sh -c 'while true; do echo "My life is my message"; sleep 3; done'
$ oc logs -f busybox
My life is my message
My life is my message
My life is my message
...
Copy to Clipboard Toggle word wrap 

$ oc get ns/app -ojson | jq .metadata.uid
"794e1e1a-b9f5-4958-a190-e76a9b53d7bf"
Copy to Clipboard Toggle word wrap 

apiVersion: "logging.openshift.io/v1"
kind: ClusterLogForwarder
metadata:
  name: instance
  namespace: openshift-logging
spec:
  outputs:
   - name: cw
     type: cloudwatch
     cloudwatch:
       groupBy: logType
       region: us-east-2
     secret:
        name: cw-secret
  pipelines:
    - name: all-logs
      inputRefs:
        - infrastructure
        - audit
        - application
      outputRefs:
        - cw
Copy to Clipboard Toggle word wrap 

$ aws --output json logs describe-log-groups | jq .logGroups[].logGroupName
"mycluster-7977k.application"
"mycluster-7977k.audit"
"mycluster-7977k.infrastructure"
Copy to Clipboard Toggle word wrap 

$ aws --output json logs describe-log-streams --log-group-name mycluster-7977k.application | jq .logStreams[].logStreamName
"kubernetes.var.log.containers.busybox_app_busybox-da085893053e20beddd6747acdbaf98e77c37718f85a7f6a4facf09ca195ad76.log"
Copy to Clipboard Toggle word wrap 
$ aws --output json logs describe-log-streams --log-group-name mycluster-7977k.audit | jq .logStreams[].logStreamName
"ip-10-0-131-228.us-east-2.compute.internal.k8s-audit.log"
"ip-10-0-131-228.us-east-2.compute.internal.linux-audit.log"
"ip-10-0-131-228.us-east-2.compute.internal.openshift-audit.log"
...
Copy to Clipboard Toggle word wrap 
$ aws --output json logs describe-log-streams --log-group-name mycluster-7977k.infrastructure | jq .logStreams[].logStreamName
"ip-10-0-131-228.us-east-2.compute.internal.kubernetes.var.log.containers.apiserver-69f9fd9b58-zqzw5_openshift-oauth-apiserver_oauth-apiserver-453c5c4ee026fe20a6139ba6b1cdd1bed25989c905bf5ac5ca211b7cbb5c3d7b.log"
"ip-10-0-131-228.us-east-2.compute.internal.kubernetes.var.log.containers.apiserver-797774f7c5-lftrx_openshift-apiserver_openshift-apiserver-ce51532df7d4e4d5f21c4f4be05f6575b93196336be0027067fd7d93d70f66a4.log"
"ip-10-0-131-228.us-east-2.compute.internal.kubernetes.var.log.containers.apiserver-797774f7c5-lftrx_openshift-apiserver_openshift-apiserver-check-endpoints-82a9096b5931b5c3b1d6dc4b66113252da4a6472c9fff48623baee761911a9ef.log"
...
Copy to Clipboard Toggle word wrap 

$ aws logs get-log-events --log-group-name mycluster-7977k.application --log-stream-name kubernetes.var.log.containers.busybox_app_busybox-da085893053e20beddd6747acdbaf98e77c37718f85a7f6a4facf09ca195ad76.log
{
    "events": [
        {
            "timestamp": 1629422704178,
            "message": "{\"docker\":{\"container_id\":\"da085893053e20beddd6747acdbaf98e77c37718f85a7f6a4facf09ca195ad76\"},\"kubernetes\":{\"container_name\":\"busybox\",\"namespace_name\":\"app\",\"pod_name\":\"busybox\",\"container_image\":\"docker.io/library/busybox:latest\",\"container_image_id\":\"docker.io/library/busybox@sha256:0f354ec1728d9ff32edcd7d1b8bbdfc798277ad36120dc3dc683be44524c8b60\",\"pod_id\":\"870be234-90a3-4258-b73f-4f4d6e2777c7\",\"host\":\"ip-10-0-216-3.us-east-2.compute.internal\",\"labels\":{\"run\":\"busybox\"},\"master_url\":\"https://kubernetes.default.svc\",\"namespace_id\":\"794e1e1a-b9f5-4958-a190-e76a9b53d7bf\",\"namespace_labels\":{\"kubernetes_io/metadata_name\":\"app\"}},\"message\":\"My life is my message\",\"level\":\"unknown\",\"hostname\":\"ip-10-0-216-3.us-east-2.compute.internal\",\"pipeline_metadata\":{\"collector\":{\"ipaddr4\":\"10.0.216.3\",\"inputname\":\"fluent-plugin-systemd\",\"name\":\"fluentd\",\"received_at\":\"2021-08-20T01:25:08.085760+00:00\",\"version\":\"1.7.4 1.6.0\"}},\"@timestamp\":\"2021-08-20T01:25:04.178986+00:00\",\"viaq_index_name\":\"app-write\",\"viaq_msg_id\":\"NWRjZmUyMWQtZjgzNC00MjI4LTk3MjMtNTk3NmY3ZjU4NDk1\",\"log_type\":\"application\",\"time\":\"2021-08-20T01:25:04+00:00\"}",
            "ingestionTime": 1629422744016
        },
...
Copy to Clipboard Toggle word wrap 

cloudwatch:
    groupBy: logType
    groupPrefix: demo-group-prefix
    region: us-east-2
Copy to Clipboard Toggle word wrap 

$ aws --output json logs describe-log-groups | jq .logGroups[].logGroupName
"demo-group-prefix.application"
"demo-group-prefix.audit"
"demo-group-prefix.infrastructure"
Copy to Clipboard Toggle word wrap 

cloudwatch:
    groupBy: namespaceName
    region: us-east-2
Copy to Clipboard Toggle word wrap 

$ aws --output json logs describe-log-groups | jq .logGroups[].logGroupName
"mycluster-7977k.app"
"mycluster-7977k.audit"
"mycluster-7977k.infrastructure"
Copy to Clipboard Toggle word wrap 

cloudwatch:
    groupBy: namespaceUUID
    region: us-east-2
Copy to Clipboard Toggle word wrap 

$ aws --output json logs describe-log-groups | jq .logGroups[].logGroupName
"mycluster-7977k.794e1e1a-b9f5-4958-a190-e76a9b53d7bf" // uid of the "app" namespace
"mycluster-7977k.audit"
"mycluster-7977k.infrastructure"
Copy to Clipboard Toggle word wrap

11.4.18.
링크 복사

  • $ oc create secret generic cw-sts-secret -n openshift-logging --from-literal=role_arn=arn:aws:iam::123456789012:role/my-role_with-permissions
    Copy to Clipboard Toggle word wrap 

    apiVersion: v1
kind: Secret
metadata:
  namespace: openshift-logging
  name: my-secret-name
stringData:
  role_arn: arn:aws:iam::123456789012:role/my-role_with-permissions
    Copy to Clipboard Toggle word wrap

11.4.19.
링크 복사

  1. apiVersion: cloudcredential.openshift.io/v1
kind: CredentialsRequest
metadata:
  name: <your_role_name>-credrequest
  namespace: openshift-cloud-credential-operator
spec:
  providerSpec:
    apiVersion: cloudcredential.openshift.io/v1
    kind: AWSProviderSpec
    statementEntries:
      - action:
          - logs:PutLogEvents
          - logs:CreateLogGroup
          - logs:PutRetentionPolicy
          - logs:CreateLogStream
          - logs:DescribeLogGroups
          - logs:DescribeLogStreams
        effect: Allow
        resource: arn:aws:logs:*:*:*
  secretRef:
    name: <your_role_name>
    namespace: openshift-logging
  serviceAccountNames:
    - logcollector
    Copy to Clipboard Toggle word wrap 

  2. $ ccoctl aws create-iam-roles \
--name=<name> \
--region=<aws_region> \
--credentials-requests-dir=<path_to_directory_with_list_of_credentials_requests>/credrequests \
--identity-provider-arn=arn:aws:iam::<aws_account_id>:oidc-provider/<name>-oidc.s3.<aws_region>.amazonaws.com
    1
    Copy to Clipboard Toggle word wrap
    1 

  3. $ oc apply -f output/manifests/openshift-logging-<your_role_name>-credentials.yaml
    Copy to Clipboard Toggle word wrap 

  4. apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: <log_forwarder_name>
    1 
    
  namespace: <log_forwarder_namespace>
    2 
    
spec:
  serviceAccountName: clf-collector
    3 
    
  outputs:
   - name: cw
    4 
    
     type: cloudwatch
    5 
    
     cloudwatch:
       groupBy: logType
    6 
    
       groupPrefix: <group prefix>
    7 
    
       region: us-east-2
    8 
    
     secret:
        name: <your_secret_name>
    9 
    
  pipelines:
    - name: to-cloudwatch
    10 
    
      inputRefs:
    11 
    
        - infrastructure
        - audit
        - application
      outputRefs:
        - cw
    12
    Copy to Clipboard Toggle word wrap
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
맨 위로 이동
Red Hat logoGithubredditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다. 최신 업데이트를 확인하세요.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

Theme

© 2025 Red Hat