Member-only story

OpenShift Series: Aggregate OpenShift logs into enterprise logging system

Jaydeep Ayachit
11 min readJun 21, 2021

--

Updated 14-Jan-2025 for OpenShift 4.15

Introduction

Red Hat OpenShift is an enterprise-ready Kubernetes container platform with full-stack automated operations to manage hybrid cloud, multi-cloud, and edge deployments. Red Hat OpenShift is optimized to improve developer productivity and promote innovation.

The OpenShift Logging instance is optimized and tested for short term storage, approximately seven days. If you want to retain your logs over a longer term, it is recommended you move the data to a third-party storage system. Secondly, for many organizations, enterprise log collection solutions may already be in place. They will have a need to make available logs from OpenShift and workloads running on OpenShift in the same enterprise log collection system for monitoring, correlation and analytics.

In this article we will look at OpenShift out of the box support to integrate with external log collection systems. We will also look at various enterprise log collection systems that you can use to collect logs from OpenShift.

Source: https://docs.openshift.com/container-platform/4.15/observability/logging/cluster-logging.html

If you are interested to know more about centralized monitoring for your OpenShift clusters, take a look at Centralized monitoring for your OpenShift clusters | by Jaydeep Ayachit | Jul, 2021 | Medium

Red Hat OpenShift Logging

The OpenShift Logging components include a collector deployed to each node in the OpenShift cluster that collects all node and container logs and writes them to a log store.

The major components of OpenShift Logging are:

  • Collector — The collector is a daemonset that deploys pods to each OpenShift Container Platform node. It collects log data from each node, transforms the data, and forwards it to configured outputs. You can use the Vector collector or the legacy Fluentd collector. Note: Fluentd is deprecated and is planned to be removed in a future release.
  • Log store — The log store stores log data for analysis and is the default output for the log forwarder. You can use the default LokiStack log store, the legacy Elasticsearch log store, or forward logs to additional external log stores.
  • Visualization — UI component to…

--

--

No responses yet

Write a response