Deploy Elasticsearch, Fluentd, and Kibana on OpenShift 4.14/4.15.
- OpenShift/OKD 4.14-4.18
ocCLI with cluster-admin access- Dedalus Operators catalog configured
- Local clone of the repo
| File | Description |
|---|---|
manifests/operators/cluster-logging-operator.yml |
Namespace, OperatorGroup, Subscription for Cluster Logging |
manifests/operators/elasticsearch-operator.yml |
Subscription for Elasticsearch |
manifests/logging/clusterlogging.template.yml |
OpenShift template for ClusterLogging CR |
manifests/logging/clusterlogforwarder.yml |
ClusterLogForwarder CR |
manifests/logging/infra-node-placement.patch.yml |
Patch to schedule logging on infra nodes |
manifests/logging/params/single-node.example.params |
Parameters for single-node ES |
manifests/logging/params/multi-node.example.params |
Parameters for multi-node (3 nodes) |
manifests/logging/params/README.md |
Parameter documentation and usage |
manifests/kibana/kibana-externallink.template.yml |
Kibana link in OpenShift console |
manifests/elasticsearch/index_explicit_mapping_template.sh |
Script to apply custom index template |
manifests/elasticsearch/dedalus_template.json |
Custom Elasticsearch index template definition |
oc apply -f manifests/operators/elasticsearch-operator.ymlCheck:
oc get subscription -n openshift-loggingoc apply -f manifests/operators/cluster-logging-operator.ymlCheck:
oc get subscription -n openshift-loggingEx. Single-node (1 ES node, zero redundancy):
oc process -f manifests/logging/clusterlogging.template.yml \
--param-file=manifests/logging/params/single-node.example.params \
| oc apply -n openshift-logging -f -oc apply -f manifests/logging/clusterlogforwarder.ymloc process -f manifests/kibana/kibana-externallink.template.yml \
-p KIBANA_ROUTE=$(oc get route kibana -n openshift-logging -o jsonpath='{.spec.host}') \
| oc apply -n openshift-logging -f -. manifests/elasticsearch/index_explicit_mapping_template.shExpected output: {"acknowledged":true}
Schedule Elasticsearch and Kibana on infrastructure nodes:
oc patch ClusterLogging instance -n openshift-logging --type=merge --patch-file=manifests/logging/infra-node-placement.patch.ymlSee manifests/logging/README.md for prerequisites.
Get an Elasticsearch pod:
es_pod=$(oc get pods -l component=elasticsearch -n openshift-logging --no-headers | head -1 | awk '{print $1}')Get index template:
oc exec -n openshift-logging -c elasticsearch $es_pod -- es_util --query=_template/dedalus_es_templateDelete index template:
oc exec -n openshift-logging -c elasticsearch $es_pod -- es_util --query=_template/dedalus_es_template -XDELETEList all templates:
oc exec -n openshift-logging -c elasticsearch $es_pod -- es_util --query=_template | jqCheck pod status:
oc get pods -n openshift-loggingCheck operator subscriptions:
oc get subscription -n openshift-loggingCheck ClusterLogging status:
oc get ClusterLogging instance -n openshift-logging -o yamlCheck all logging components by label:
oc get all -l app=dedalus-logging -n openshift-loggingoc delete ClusterLogForwarder instance -n openshift-logging
oc delete ClusterLogging instance -n openshift-logging
oc delete -f manifests/operators/cluster-logging-operator.yml
oc delete -f manifests/operators/elasticsearch-operator.yml