Slides from my talk on the 11th Elastic Meetup in Zurich. Contains background information about central logging service in OpenShift 3 and therefore APPUiO.
aka tobru • VSHNeer since the beginning of VSHN • Open Source fan • Blog: https://tobrunet.ch • Twitter: @tobruzh • Interested in OpenShift: – http://sysadvent.blogspot.ch/2015/12/day-13-introduct ion-to-openshift-3.html – https://speakerdeck.com/tobru/opensource-paas
| • Owner-operated Swiss company • 15 employees at the head office in Zurich • Service provider for DevOps, software delivery automation and configuration management • Partner for operations/hosting of web applications • Further specialty fields: Consulting, System Engineering, Continuous Delivery, Monitoring, Backup, 24/7 Support
Container Platform • Built on top of Docker and Kubernetes • Completely overhauled in version 3, released in 2015 • Three flavours: – Origin: Open Source, Community supported – Container Platform (formerly Enterprise): Commercial, supported by Red Hat – Online 3: Public Service – Currently in Dev Preview • APPUiO – Swiss Container Platform
3 • EFK Stack: – Elasticsearch (indexing) – Fluentd (shipping) – Kibana (displaying) • Runs as part of the Kubernetes Cluster • Currently runs Elasticsearch 1.5.2 – Upgrade plans to 2.3.x • Integrated in OpenShift Web Console • Completely automated setup and configuration with logging deployer
3 • Collects logs from applications and optionally from system components into two ES clusters: – Application logs (Main) – System logs (Ops) • Each node runs a fluentd agent – Enriches logs with metadata – Ships logs to Elasticsearch – Fluentd knows Kubernetes Metadata
3 • Elasticsearch Plugins: – Floragunn Search Guard – Fabric8 Elasticsearch OpenShift Plugin • Dynamically update the SearchGuard ACL based on a user's name • Transform kibana index requests to support multitenant deployments • Seed the Searchguard index config, roles, rolesmapping, and actiongroups types – Fabric8 Kubernetes Cloud Plugin • The Kubernetes Cloud plugin allows to use Kubernetes API for the unicast discovery mechanism
shipped by TLS secure connection – Authentication with certificate • Per OpenShift project access – Index per project: {project_name}.{project_uuid}.YYYY.MM.DD – Index security: Floragunn Search Guard
using a custom OAuth2 proxy • Two containers in the Kibana Pod: – kibana-proxy – kibana • Accessed and secured through the OpenShift router • Access only to logs of pods with access rights
– Part of the deployment – Retention policy per project • Scaling – One deployment controller per ES instance – Manual intervention needed – Automatic cluster formation
Application logs written to STDOUT are captured by fluentd • Structure your application logs in fields with JSON – Automatically discovered by fluentd • Makes custom fields available in Kibana
of existing tools • Well thought • Still open challenges in terms of automatic scaling Central Logging done right – Using Elasticsearch, Fluentd and Kibana Join the Beta under https://appuio.ch
tobru
databricksjapan
foursue
kyohmizu
colopl
fujiwara3
eventhub
meow_noisy
kniino
ohbarye
tomu28
biwakonbu
judeeeee
bcantrill
tammyeverts
bkeepers
phodgson
zakiyama
chrislema
hannesfritz
kastner
mraible
robhawkes
mza
