Logstash
Install Elasticsearch and Kibana
To install Elasticsearch and Kibana, run the following command:
$ cd ${WORKDIR}/elasticsearch-and-kibana
$ kubectl create -f elasticsearch_and_kibana.yaml
Publish to Elasticsearch
The diagnostics or other logs can be pushed to Elasticsearch server using logstash pod. The logstash pod should have access to the shared domain home or the log location. In case of the Oracle WebCenter Portal domain, the persistent volume of the domain home can be used in the logstash pod. The steps to create the logstash pod are,
-
Get domain home persistence volume claim details of the Oracle WebCenter Portal domain. The following command will list the persistent volume claim details in the namespace -
wcpns. In the example below the persistent volume claim iswcp-domain-domain-pvc.$ kubectl get pv -n wcpns NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE wcp-domain-domain-pv 10Gi RWX Retain Bound wcpns/wcp-domain-domain-pvc wcp-domain-domain-storage-class 175d -
Create logstash configuration file
logstash.conf. Below is a sample Logstash configuration file is located at${WORKDIR}/logging-services/logstash. Below configuration pushes diagnostic and all domains logs.input { file { path => "/u01/oracle/user_projects/domains/wcp-domain/servers/**/logs/*-diagnostic.log" start_position => beginning } file { path => "/u01/oracle/user_projects/domains/logs/wcp-domain/*.log" start_position => beginning } } filter { grok { match => [ "message", "<%{DATA:log_timestamp}> <%{WORD:log_level}> <%{WORD:thread}> <%{HOSTNAME:hostname}> <%{HOSTNAME:servername}> <%{DATA:timer}> <<%{DATA:kernel}>> <> <%{DATA:uuid}> <%{NUMBER:timestamp}> <%{DATA:misc}> <%{DATA:log_number}> <%{DATA:log_message}>" ] } } output { elasticsearch { hosts => ["elasticsearch.default.svc.cluster.local:9200"] } } -
Copy the
logstash.confinto say/u01/oracle/user_projects/domainsso that it can be used for logstash deployment, using Administration Server pod ( For examplewcp-domain-adminserverpod in namespacewcpns):$ kubectl cp ${WORKDIR}/logging-services/logstash/logstash.conf wcpns/wcp-domain-adminserver:/u01/oracle/user_projects/domains -n wcpns -
Create deployment YAML
logstash.yamlfor logstash pod using the domain home persistence volume claim. Make sure to point the logstash configuration file to correct location ( For example: we copied logstash.conf to /u01/oracle/user_projects/domains/logstash.conf) and also correct domain home persistence volume claim. Sample Logstash deployment is located atkubernetes/samples/scripts/create-wcp-domain/utils/logstash/logstash.yaml:apiVersion: apps/v1 kind: Deployment metadata: name: logstash namespace: wcpns spec: selector: matchLabels: app: logstash template: metadata: labels: app: logstash spec: volumes: - name: domain-storage-volume persistentVolumeClaim: claimName: wcp-domain-domain-pvc - name: shared-logs emptyDir: {} containers: - name: logstash image: logstash:6.6.0 command: ["/bin/sh"] args: ["/usr/share/logstash/bin/logstash", "-f", "/u01/oracle/user_projects/domains/logstash.conf"] imagePullPolicy: IfNotPresent volumeMounts: - mountPath: /u01/oracle/user_projects/domains name: domain-storage-volume - name: shared-logs mountPath: /shared-logs ports: - containerPort: 5044 name: logstash -
Deploy logstash to start publish logs to Elasticsearch
$ kubectl create -f ${WORKDIR}/logging-services/logstash/logstash.yaml
Create an Index Pattern in Kibana
Create an index pattern logstash* in Kibana > Management. After the servers are started, you will see the log data in the Kibana dashboard:
