Skip to content

Add the mTLS syslog drain feature to the documentation #464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Dec 20, 2022
Merged

Add the mTLS syslog drain feature to the documentation #464

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
34d3423
doc: Add the mTLS syslog drain feature to the documentation
ZPascal Nov 18, 2022
3bc9a85
doc: Fix typos and restructure the documentation
ZPascal Nov 22, 2022
79267eb
doc: Restructure the documentation layout
ZPascal Nov 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion services/log-management.html.md.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ Cloud Foundry aggregates logs for all instances of your apps as well as for requ

If you want to persist more than the limited amount of logging information that Cloud Foundry can buffer, drain these logs to a log management service.

<b>Feature:</b> Since [CAPI release 1.141.0](https://github.com/cloudfoundry/capi-release/releases/tag/1.141.0) you can use mTLS inside your syslog drain. Please, follow the described process inside <a href="#step2">Step 2: Create and Bind a User-Provided Service Instance</a> to handle it. Please inject the corresponding credentials as <em>PEM</em> encoded <em>X.509</em> certificate.

For more information about the systems responsible for log aggregation and streaming in Cloud Foundry, see [App Logging in Cloud Foundry](../deploy-apps/streaming-logs.html).


Expand Down Expand Up @@ -58,12 +60,17 @@ To set up a communication channel between the log management service and your Cl

You can create a syslog drain service and bind apps to it using Cloud Foundry Command Line Interface (cf CLI) commands.

1. To create the service instance, run `cf create-user-provided-service` (or `cf cups`) with the `-l` flag, filling in values as follows:
1. To create the service instance, run `cf create-user-provided-service` (or `cf cups`) with the `-l`.
- DRAIN-NAME: A name to use for your syslog drain service instance.
- SYSLOG-DRAIN-URL: The syslog URL from [Step 1: Configure the Log Management Service](#step1).
<pre class="terminal">
$ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL
</pre>
In case of the usage of the mTLS feature delivered in [CAPI release 1.141.0](https://github.com/cloudfoundry/capi-release/releases/tag/1.141.0), you can use `-p` flag to define the credentials, filling in values as follows.
<pre class="terminal">
$ cf create-user-provided-service DRAIN-NAME -l SYSLOG-URL -p {"cert":"-----BEGIN CERTIFICATE-----\nMIIH...-----END CERTIFICATE-----","key":"-----BEGIN PRIVATE KEY-----\nMIIE...-----END PRIVATE KEY-----"}
</pre>

For more information, see [User-Provided Service Instances](./user-provided.html).

1. To bind an app to the service instance, do one of the following:
Expand Down