From 6455927464d7028ef9ab24fe1626c92cade698d4 Mon Sep 17 00:00:00 2001 From: GTPE Student Date: Thu, 4 Jun 2020 23:09:03 +0000 Subject: [PATCH 1/6] initial commit for efk bootstrapping --- .../0-namespaces/openshift-logging.yaml | 14 ++++++++ .../openshift-operators-redhat.yaml | 14 ++++++++ .../1-operators/cluster-logging-operator.yaml | 33 +++++++++++++++++++ .../1-operators/elasticsearch-operator.yaml | 33 +++++++++++++++++++ .../2-rbac/cluster-admins-rolebinding.yaml | 19 +++++++++++ .../3-customresources/clusterlogging.yaml | 31 +++++++++++++++++ logging-bootstrap/README.md | 23 +++++++++++++ 7 files changed, 167 insertions(+) create mode 100644 logging-bootstrap/0-namespaces/openshift-logging.yaml create mode 100644 logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml create mode 100644 logging-bootstrap/1-operators/cluster-logging-operator.yaml create mode 100644 logging-bootstrap/1-operators/elasticsearch-operator.yaml create mode 100644 logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml create mode 100644 logging-bootstrap/3-customresources/clusterlogging.yaml create mode 100644 logging-bootstrap/README.md diff --git a/logging-bootstrap/0-namespaces/openshift-logging.yaml b/logging-bootstrap/0-namespaces/openshift-logging.yaml new file mode 100644 index 0000000..5a6a7dc --- /dev/null +++ b/logging-bootstrap/0-namespaces/openshift-logging.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + openshift.io/node-selector: "" + labels: + example.com/project: logging-bootstrap + example.com/component: namespaces + openshift.io/cluster-monitoring: "true" + name: openshift-logging +spec: diff --git a/logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml b/logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml new file mode 100644 index 0000000..c760397 --- /dev/null +++ b/logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + openshift.io/node-selector: "" + labels: + example.com/project: logging-bootstrap + example.com/component: namespaces + openshift.io/cluster-monitoring: "true" + name: openshift-operators-redhat +spec: diff --git a/logging-bootstrap/1-operators/cluster-logging-operator.yaml b/logging-bootstrap/1-operators/cluster-logging-operator.yaml new file mode 100644 index 0000000..e3c47e1 --- /dev/null +++ b/logging-bootstrap/1-operators/cluster-logging-operator.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/project: logging-bootstrap + example.com/component: operators + name: openshift-logging + namespace: openshift-logging +spec: + targetNamespaces: + - openshift-logging +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/project: logging-bootstrap + example.com/component: operators + name: cluster-logging + namespace: openshift-logging +spec: + channel: "4.2" + name: "cluster-logging" + source: "redhat-operators" + sourceNamespace: openshift-marketplace +## startingCSV: left out in docs diff --git a/logging-bootstrap/1-operators/elasticsearch-operator.yaml b/logging-bootstrap/1-operators/elasticsearch-operator.yaml new file mode 100644 index 0000000..797e9d6 --- /dev/null +++ b/logging-bootstrap/1-operators/elasticsearch-operator.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/project: logging-bootstrap + example.com/component: operators + name: openshift-operators-redhat + namespace: openshift-operators-redhat +spec: {} +##TODO: Include target namespace?? the doc doesn't do it +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/project: logging-bootstrap + example.com/component: operators + name: elasticsearch-operator + namespace: openshift-operators-redhat +spec: + channel: "4.2" + installPlanApproval: "Automatic" + name: "elasticsearch-operator" + source: "redhat-operators" + sourceNamespace: openshift-marketplace +## startingCSV: left out in docs diff --git a/logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml b/logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml new file mode 100644 index 0000000..9589ef2 --- /dev/null +++ b/logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/project: simple-bootstrap + example.com/component: rbac + name: cluster-administrators +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: Group + name: administrators diff --git a/logging-bootstrap/3-customresources/clusterlogging.yaml b/logging-bootstrap/3-customresources/clusterlogging.yaml new file mode 100644 index 0000000..4113944 --- /dev/null +++ b/logging-bootstrap/3-customresources/clusterlogging.yaml @@ -0,0 +1,31 @@ +apiVersion: "logging.openshift.io/v1" +kind: "ClusterLogging" +metadata: + name: "instance" + namespace: "openshift-logging" + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/component: operators + example.com/project: logging-bootstrap +spec: + managementState: "Managed" + logStore: + type: "elasticsearch" + elasticsearch: + nodeCount: 3 + redundancyPolicy: "SingleRedundancy" + storage: {} + visualization: + type: "kibana" + kibana: + replicas: 3 + curation: + type: "curator" + curator: + schedule: "30 3 * * *" + collection: + logs: + type: "fluentd" + fluentd: {} diff --git a/logging-bootstrap/README.md b/logging-bootstrap/README.md new file mode 100644 index 0000000..61cfb03 --- /dev/null +++ b/logging-bootstrap/README.md @@ -0,0 +1,23 @@ +# Declarative OpenShift + +## 1 Bootstrapping logging onto a cluster + +The logging bootstrapping example shows how cluster administrators might begin deploying an EFK stack onto an OpenShift cluster using just `oc apply`. Each resource in this example carries a common label (`example.com/project: logging-bootstrap`) that associates it with this `project`. In doing this, we can manage the full lifecycle of our resources with a single command. + +``` +oc apply -Rf ../logging-bootstrap/ --prune -l example.com/project=logging-bootstrap +``` + +The `apply` command idempotently ensures that the live configuration is in sync with our configuration files, while the `--prune` flag allows us to also manage the deletion of live objects by simply deleting the associated file in this repository. + +As an example, let's bootstrap logging onto our cluster for the first time: + +``` +$ oc apply -Rf ../logging-bootstrap/ --prune -l example.com/project=logging-bootstrap +##TODO add output +Note that the creation of the clusterlogging object may fail. This is because its CRD did not exist quite yet. If you rerun the command, then it should succeed +``` + +## Phase one stops here (note this was a 4.2 install) + +## TODO Try deploying 4.4 operator with base install with new tech-preview CR's From 8ba876e8fbcd4c0a73af39b13774d77052487aa9 Mon Sep 17 00:00:00 2001 From: GTPE Student Date: Thu, 4 Jun 2020 23:15:52 +0000 Subject: [PATCH 2/6] fix README comment formatting --- logging-bootstrap/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/logging-bootstrap/README.md b/logging-bootstrap/README.md index 61cfb03..a788d10 100644 --- a/logging-bootstrap/README.md +++ b/logging-bootstrap/README.md @@ -18,6 +18,6 @@ $ oc apply -Rf ../logging-bootstrap/ --prune -l example.com/project=logging-boot Note that the creation of the clusterlogging object may fail. This is because its CRD did not exist quite yet. If you rerun the command, then it should succeed ``` -## Phase one stops here (note this was a 4.2 install) +##Phase one stops here (note this was a 4.2 install) -## TODO Try deploying 4.4 operator with base install with new tech-preview CR's +##TODO Try deploying 4.4 operator with base install with new tech-preview CR's From 23282ce7e62d6c9a0e9f195f7c96f87dda0e86dc Mon Sep 17 00:00:00 2001 From: gnekic Date: Fri, 19 Jun 2020 18:26:31 +0000 Subject: [PATCH 3/6] start standing up audit logging stack --- .../0-namespaces/audit-logging.yaml | 13 ++++++ .../1-operators/cluster-logging-operator.yaml | 2 +- .../1-operators/elasticsearch-operator.yaml | 2 +- .../audit-elasticsearch.yaml | 39 ++++++++++++++++++ .../3-customresources/audit-kibana.yaml | 41 +++++++++++++++++++ .../3-customresources/logforwarding.yaml | 37 +++++++++++++++++ 6 files changed, 132 insertions(+), 2 deletions(-) create mode 100644 logging-bootstrap/0-namespaces/audit-logging.yaml create mode 100644 logging-bootstrap/3-customresources/audit-elasticsearch.yaml create mode 100644 logging-bootstrap/3-customresources/audit-kibana.yaml create mode 100644 logging-bootstrap/3-customresources/logforwarding.yaml diff --git a/logging-bootstrap/0-namespaces/audit-logging.yaml b/logging-bootstrap/0-namespaces/audit-logging.yaml new file mode 100644 index 0000000..c1adbfc --- /dev/null +++ b/logging-bootstrap/0-namespaces/audit-logging.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/project: logging-bootstrap + example.com/component: namespaces + openshift.io/cluster-monitoring: "true" + name: audit-logging +spec: diff --git a/logging-bootstrap/1-operators/cluster-logging-operator.yaml b/logging-bootstrap/1-operators/cluster-logging-operator.yaml index e3c47e1..663cd79 100644 --- a/logging-bootstrap/1-operators/cluster-logging-operator.yaml +++ b/logging-bootstrap/1-operators/cluster-logging-operator.yaml @@ -26,7 +26,7 @@ metadata: name: cluster-logging namespace: openshift-logging spec: - channel: "4.2" + channel: "4.4" name: "cluster-logging" source: "redhat-operators" sourceNamespace: openshift-marketplace diff --git a/logging-bootstrap/1-operators/elasticsearch-operator.yaml b/logging-bootstrap/1-operators/elasticsearch-operator.yaml index 797e9d6..6eb4544 100644 --- a/logging-bootstrap/1-operators/elasticsearch-operator.yaml +++ b/logging-bootstrap/1-operators/elasticsearch-operator.yaml @@ -25,7 +25,7 @@ metadata: name: elasticsearch-operator namespace: openshift-operators-redhat spec: - channel: "4.2" + channel: "4.4" installPlanApproval: "Automatic" name: "elasticsearch-operator" source: "redhat-operators" diff --git a/logging-bootstrap/3-customresources/audit-elasticsearch.yaml b/logging-bootstrap/3-customresources/audit-elasticsearch.yaml new file mode 100644 index 0000000..753845e --- /dev/null +++ b/logging-bootstrap/3-customresources/audit-elasticsearch.yaml @@ -0,0 +1,39 @@ +--- +apiVersion: elasticsearch.k8s.elastic.co/v1 +kind: Elasticsearch +metadata: + name: audit-elasticsearch + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/component: operators + example.com/project: logging-bootstrap +spec: + version: 7.8.0 + nodeSets: + - name: default + count: 1 + config: + node.master: true + node.data: true + node.ingest: true + node.store.allow_mmap: false +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: audit-elasticsearch + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/component: operators + example.com/project: logging-bootstrap +spec: + tls: + termination: passthrough # Elasticsearch is the TLS endpoint + insecureEdgeTerminationPolicy: Redirect + to: + kind: Service + name: audit-elasticsearch-es-http diff --git a/logging-bootstrap/3-customresources/audit-kibana.yaml b/logging-bootstrap/3-customresources/audit-kibana.yaml new file mode 100644 index 0000000..afc518b --- /dev/null +++ b/logging-bootstrap/3-customresources/audit-kibana.yaml @@ -0,0 +1,41 @@ +apiVersion: kibana.k8s.elastic.co/v1 +kind: Kibana +metadata: + name: audit-kibana + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/component: operators + example.com/project: logging-bootstrap +spec: + version: 7.8.0 + count: 1 + elasticsearchRef: + name: "audit-elasticsearch" + podTemplate: + spec: + containers: + - name: kibana + resources: + limits: + memory: 1Gi + cpu: 1 +--- +apiVersion: v1 +kind: Route +metadata: + name: audit-kibana + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/component: operators + example.com/project: logging-bootstrap +spec: + tls: + termination: passthrough # Kibana is the TLS endpoint + insecureEdgeTerminationPolicy: Redirect + to: + kind: Service + name: audit-kibana-kb-http diff --git a/logging-bootstrap/3-customresources/logforwarding.yaml b/logging-bootstrap/3-customresources/logforwarding.yaml new file mode 100644 index 0000000..e72ebd9 --- /dev/null +++ b/logging-bootstrap/3-customresources/logforwarding.yaml @@ -0,0 +1,37 @@ +apiVersion: "logging.openshift.io/v1alpha1" +kind: "LogForwarding" +metadata: + name: instance + namespace: openshift-logging + annotations: + example.com/managed-by: gitops + example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + labels: + example.com/component: operators + example.com/project: logging-bootstrap +spec: + disableDefaultForwarding: true + outputs: + - name: elasticsearch + type: "elasticsearch" + endpoint: elasticsearch.openshift-logging.svc:9200 + secret: + name: fluentd + - name: elasticsearch-audit + type: "elasticsearch" + endpoint: quickstart-es-http.elastic-system.svc:9200 + insecure: true + pipelines: + - name: container-logs + inputSource: logs.app + outputRefs: + - elasticsearch + - name: infra-logs + inputSource: logs.infra + outputRefs: + - elasticsearch + - name: audit-logs + inputSource: logs.audit + outputRefs: + - elasticsearch + - elasticsearch-audit From 9980e4b99dfef9ed15941bbe9f3fb19c903e8f41 Mon Sep 17 00:00:00 2001 From: Garrett Nekic Date: Wed, 19 Aug 2020 08:52:20 -0500 Subject: [PATCH 4/6] rebase off master fixing README conflicts --- README.md | 11 +++++ .../0-namespaces/audit-logging.yaml | 13 ------ .../0-namespaces/openshift-logging.yaml | 14 ------- .../openshift-operators-redhat.yaml | 14 ------- .../2-rbac/cluster-admins-rolebinding.yaml | 19 --------- .../audit-elasticsearch.yaml | 39 ------------------ .../3-customresources/audit-kibana.yaml | 41 ------------------- .../3-customresources/logforwarding.yaml | 37 ----------------- .../0-namespaces/openshift-logging.yaml | 14 +++++++ .../openshift-operators-redhat.yaml | 14 +++++++ .../1-operators/cluster-logging-operator.yaml | 16 ++++---- .../1-operators/elasticsearch-operator.yaml | 17 ++++---- .../3-operator-configs}/clusterlogging.yaml | 8 ++-- 13 files changed, 59 insertions(+), 198 deletions(-) delete mode 100644 logging-bootstrap/0-namespaces/audit-logging.yaml delete mode 100644 logging-bootstrap/0-namespaces/openshift-logging.yaml delete mode 100644 logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml delete mode 100644 logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml delete mode 100644 logging-bootstrap/3-customresources/audit-elasticsearch.yaml delete mode 100644 logging-bootstrap/3-customresources/audit-kibana.yaml delete mode 100644 logging-bootstrap/3-customresources/logforwarding.yaml create mode 100644 simple-bootstrap/0-namespaces/openshift-logging.yaml create mode 100644 simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml rename {logging-bootstrap => simple-bootstrap}/1-operators/cluster-logging-operator.yaml (54%) rename {logging-bootstrap => simple-bootstrap}/1-operators/elasticsearch-operator.yaml (55%) rename {logging-bootstrap/3-customresources => simple-bootstrap/3-operator-configs}/clusterlogging.yaml (70%) diff --git a/README.md b/README.md index 6bbc285..44649a4 100644 --- a/README.md +++ b/README.md @@ -239,3 +239,14 @@ status: phase: Active ``` +### Bootstrapping the EFK Stack + +The following components were deployed in the previous sections to deploy a basic EFK stack. + +* A _Namespace_ called `openshift-logging` +* A _Namespace_ called `openshift-operators-redhat` +* An _OperatorGroup_ for the cluster-logging-operator +* A _Subscription_ that subscribes the `openshift-logging` namespace with the OLM for the cluster-logging-operator +* An _OperatorGroup_ for the elasticsearch-operator +* A _Subscription_ that subscribes the `openshift-opeartors-redhat` namespace with the OLM for the elasticsearch operator +* A _ClusterLogging_ called instance that deploys an ephemeral EFK stack consisting of an elasticsearch cluster, fluentd forwarders, and a kibana deployment diff --git a/logging-bootstrap/0-namespaces/audit-logging.yaml b/logging-bootstrap/0-namespaces/audit-logging.yaml deleted file mode 100644 index c1adbfc..0000000 --- a/logging-bootstrap/0-namespaces/audit-logging.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - labels: - example.com/project: logging-bootstrap - example.com/component: namespaces - openshift.io/cluster-monitoring: "true" - name: audit-logging -spec: diff --git a/logging-bootstrap/0-namespaces/openshift-logging.yaml b/logging-bootstrap/0-namespaces/openshift-logging.yaml deleted file mode 100644 index 5a6a7dc..0000000 --- a/logging-bootstrap/0-namespaces/openshift-logging.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - openshift.io/node-selector: "" - labels: - example.com/project: logging-bootstrap - example.com/component: namespaces - openshift.io/cluster-monitoring: "true" - name: openshift-logging -spec: diff --git a/logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml b/logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml deleted file mode 100644 index c760397..0000000 --- a/logging-bootstrap/0-namespaces/openshift-operators-redhat.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - openshift.io/node-selector: "" - labels: - example.com/project: logging-bootstrap - example.com/component: namespaces - openshift.io/cluster-monitoring: "true" - name: openshift-operators-redhat -spec: diff --git a/logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml b/logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml deleted file mode 100644 index 9589ef2..0000000 --- a/logging-bootstrap/2-rbac/cluster-admins-rolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - labels: - example.com/project: simple-bootstrap - example.com/component: rbac - name: cluster-administrators -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- apiGroup: rbac.authorization.k8s.io - kind: Group - name: administrators diff --git a/logging-bootstrap/3-customresources/audit-elasticsearch.yaml b/logging-bootstrap/3-customresources/audit-elasticsearch.yaml deleted file mode 100644 index 753845e..0000000 --- a/logging-bootstrap/3-customresources/audit-elasticsearch.yaml +++ /dev/null @@ -1,39 +0,0 @@ ---- -apiVersion: elasticsearch.k8s.elastic.co/v1 -kind: Elasticsearch -metadata: - name: audit-elasticsearch - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - labels: - example.com/component: operators - example.com/project: logging-bootstrap -spec: - version: 7.8.0 - nodeSets: - - name: default - count: 1 - config: - node.master: true - node.data: true - node.ingest: true - node.store.allow_mmap: false ---- -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - name: audit-elasticsearch - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - labels: - example.com/component: operators - example.com/project: logging-bootstrap -spec: - tls: - termination: passthrough # Elasticsearch is the TLS endpoint - insecureEdgeTerminationPolicy: Redirect - to: - kind: Service - name: audit-elasticsearch-es-http diff --git a/logging-bootstrap/3-customresources/audit-kibana.yaml b/logging-bootstrap/3-customresources/audit-kibana.yaml deleted file mode 100644 index afc518b..0000000 --- a/logging-bootstrap/3-customresources/audit-kibana.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: kibana.k8s.elastic.co/v1 -kind: Kibana -metadata: - name: audit-kibana - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - labels: - example.com/component: operators - example.com/project: logging-bootstrap -spec: - version: 7.8.0 - count: 1 - elasticsearchRef: - name: "audit-elasticsearch" - podTemplate: - spec: - containers: - - name: kibana - resources: - limits: - memory: 1Gi - cpu: 1 ---- -apiVersion: v1 -kind: Route -metadata: - name: audit-kibana - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - labels: - example.com/component: operators - example.com/project: logging-bootstrap -spec: - tls: - termination: passthrough # Kibana is the TLS endpoint - insecureEdgeTerminationPolicy: Redirect - to: - kind: Service - name: audit-kibana-kb-http diff --git a/logging-bootstrap/3-customresources/logforwarding.yaml b/logging-bootstrap/3-customresources/logforwarding.yaml deleted file mode 100644 index e72ebd9..0000000 --- a/logging-bootstrap/3-customresources/logforwarding.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: "logging.openshift.io/v1alpha1" -kind: "LogForwarding" -metadata: - name: instance - namespace: openshift-logging - annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git - labels: - example.com/component: operators - example.com/project: logging-bootstrap -spec: - disableDefaultForwarding: true - outputs: - - name: elasticsearch - type: "elasticsearch" - endpoint: elasticsearch.openshift-logging.svc:9200 - secret: - name: fluentd - - name: elasticsearch-audit - type: "elasticsearch" - endpoint: quickstart-es-http.elastic-system.svc:9200 - insecure: true - pipelines: - - name: container-logs - inputSource: logs.app - outputRefs: - - elasticsearch - - name: infra-logs - inputSource: logs.infra - outputRefs: - - elasticsearch - - name: audit-logs - inputSource: logs.audit - outputRefs: - - elasticsearch - - elasticsearch-audit diff --git a/simple-bootstrap/0-namespaces/openshift-logging.yaml b/simple-bootstrap/0-namespaces/openshift-logging.yaml new file mode 100644 index 0000000..3e693c8 --- /dev/null +++ b/simple-bootstrap/0-namespaces/openshift-logging.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + config.example.com/managed-by: gitops + config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + openshift.io/node-selector: "" + labels: + config.example.com/name: simple-bootstrap + config.example.com/component: namespaces + openshift.io/cluster-monitoring: "true" + name: openshift-logging +spec: diff --git a/simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml b/simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml new file mode 100644 index 0000000..660befd --- /dev/null +++ b/simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + config.example.com/managed-by: gitops + config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + openshift.io/node-selector: "" + labels: + config.example.com/name: logging-bootstrap + config.example.com/component: namespaces + openshift.io/cluster-monitoring: "true" + name: openshift-operators-redhat +spec: diff --git a/logging-bootstrap/1-operators/cluster-logging-operator.yaml b/simple-bootstrap/1-operators/cluster-logging-operator.yaml similarity index 54% rename from logging-bootstrap/1-operators/cluster-logging-operator.yaml rename to simple-bootstrap/1-operators/cluster-logging-operator.yaml index 663cd79..f961e27 100644 --- a/logging-bootstrap/1-operators/cluster-logging-operator.yaml +++ b/simple-bootstrap/1-operators/cluster-logging-operator.yaml @@ -3,11 +3,11 @@ apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + config.example.com/managed-by: gitops + config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git labels: - example.com/project: logging-bootstrap - example.com/component: operators + config.example.com/name: simple-bootstrap + config.example.com/component: operators name: openshift-logging namespace: openshift-logging spec: @@ -18,11 +18,11 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + config.example.com/managed-by: gitops + config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git labels: - example.com/project: logging-bootstrap - example.com/component: operators + config.example.com/name: simple-bootstrap + config.example.com/component: operators name: cluster-logging namespace: openshift-logging spec: diff --git a/logging-bootstrap/1-operators/elasticsearch-operator.yaml b/simple-bootstrap/1-operators/elasticsearch-operator.yaml similarity index 55% rename from logging-bootstrap/1-operators/elasticsearch-operator.yaml rename to simple-bootstrap/1-operators/elasticsearch-operator.yaml index 6eb4544..47a397f 100644 --- a/logging-bootstrap/1-operators/elasticsearch-operator.yaml +++ b/simple-bootstrap/1-operators/elasticsearch-operator.yaml @@ -3,25 +3,24 @@ apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + config.example.com/managed-by: gitops + config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git labels: - example.com/project: logging-bootstrap - example.com/component: operators + config.example.com/name: simple-bootstrap + config.example.com/component: operators name: openshift-operators-redhat namespace: openshift-operators-redhat spec: {} -##TODO: Include target namespace?? the doc doesn't do it --- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + config.example.com/managed-by: gitops + config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git labels: - example.com/project: logging-bootstrap - example.com/component: operators + config.example.com/name: simple-bootstrap + config.example.com/component: operators name: elasticsearch-operator namespace: openshift-operators-redhat spec: diff --git a/logging-bootstrap/3-customresources/clusterlogging.yaml b/simple-bootstrap/3-operator-configs/clusterlogging.yaml similarity index 70% rename from logging-bootstrap/3-customresources/clusterlogging.yaml rename to simple-bootstrap/3-operator-configs/clusterlogging.yaml index 4113944..7133f00 100644 --- a/logging-bootstrap/3-customresources/clusterlogging.yaml +++ b/simple-bootstrap/3-operator-configs/clusterlogging.yaml @@ -4,11 +4,11 @@ metadata: name: "instance" namespace: "openshift-logging" annotations: - example.com/managed-by: gitops - example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git + config.example.com/managed-by: gitops + config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git labels: - example.com/component: operators - example.com/project: logging-bootstrap + config.example.com/component: operator-configs + config.example.com/name: simple-bootstrap spec: managementState: "Managed" logStore: From 32e203e9349fa8da7a2d17a9f8efd3122970ec69 Mon Sep 17 00:00:00 2001 From: Garrett Nekic Date: Thu, 25 Jun 2020 13:14:58 -0500 Subject: [PATCH 5/6] remove logging-bootstrap README cuz now obsolete --- logging-bootstrap/README.md | 23 ----------------------- 1 file changed, 23 deletions(-) delete mode 100644 logging-bootstrap/README.md diff --git a/logging-bootstrap/README.md b/logging-bootstrap/README.md deleted file mode 100644 index a788d10..0000000 --- a/logging-bootstrap/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# Declarative OpenShift - -## 1 Bootstrapping logging onto a cluster - -The logging bootstrapping example shows how cluster administrators might begin deploying an EFK stack onto an OpenShift cluster using just `oc apply`. Each resource in this example carries a common label (`example.com/project: logging-bootstrap`) that associates it with this `project`. In doing this, we can manage the full lifecycle of our resources with a single command. - -``` -oc apply -Rf ../logging-bootstrap/ --prune -l example.com/project=logging-bootstrap -``` - -The `apply` command idempotently ensures that the live configuration is in sync with our configuration files, while the `--prune` flag allows us to also manage the deletion of live objects by simply deleting the associated file in this repository. - -As an example, let's bootstrap logging onto our cluster for the first time: - -``` -$ oc apply -Rf ../logging-bootstrap/ --prune -l example.com/project=logging-bootstrap -##TODO add output -Note that the creation of the clusterlogging object may fail. This is because its CRD did not exist quite yet. If you rerun the command, then it should succeed -``` - -##Phase one stops here (note this was a 4.2 install) - -##TODO Try deploying 4.4 operator with base install with new tech-preview CR's From c2da41fedccaab8c783ea696ddc4fea2862754f3 Mon Sep 17 00:00:00 2001 From: Garrett Nekic Date: Thu, 25 Jun 2020 13:58:11 -0500 Subject: [PATCH 6/6] fix logging title in readme and fix label in openshift-operators-redhat namespace --- README.md | 2 +- simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 44649a4..b6b4741 100644 --- a/README.md +++ b/README.md @@ -239,7 +239,7 @@ status: phase: Active ``` -### Bootstrapping the EFK Stack +## Bootstrapping the EFK Stack The following components were deployed in the previous sections to deploy a basic EFK stack. diff --git a/simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml b/simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml index 660befd..1db31fc 100644 --- a/simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml +++ b/simple-bootstrap/0-namespaces/openshift-operators-redhat.yaml @@ -7,7 +7,7 @@ metadata: config.example.com/scm-url: git@github.com:redhat-cop/declarative-openshift.git openshift.io/node-selector: "" labels: - config.example.com/name: logging-bootstrap + config.example.com/name: simple-bootstrap config.example.com/component: namespaces openshift.io/cluster-monitoring: "true" name: openshift-operators-redhat