diff --git a/_topic_maps/_topic_map_rosa.yml b/_topic_maps/_topic_map_rosa.yml index e829cc8149..cec956ebb6 100644 --- a/_topic_maps/_topic_map_rosa.yml +++ b/_topic_maps/_topic_map_rosa.yml @@ -202,10 +202,12 @@ Topics: File: cloud-experts-deploying-application-storage - Name: ConfigMap, secrets, and environment variables File: cloud-experts-deploying-configmaps-secrets-env-var - - Name: Using Source-to-Image (S2I) webhooks for automated deployment - File: cloud-experts-deploying-s2i-webhook-cicd + - Name: Logging + File: cloud-experts-deploying-application-logging - Name: S2i deployments File: cloud-experts-deploying-application-s2i-deployments + - Name: Using Source-to-Image (S2I) webhooks for automated deployment + File: cloud-experts-deploying-s2i-webhook-cicd - Name: Scaling an application File: cloud-experts-deploying-application-scaling --- diff --git a/cloud_experts_tutorials/cloud-experts-deploying-application/cloud-experts-deploying-application-logging.adoc b/cloud_experts_tutorials/cloud-experts-deploying-application/cloud-experts-deploying-application-logging.adoc new file mode 100644 index 0000000000..c1c80a1e47 --- /dev/null +++ b/cloud_experts_tutorials/cloud-experts-deploying-application/cloud-experts-deploying-application-logging.adoc @@ -0,0 +1,177 @@ +:_mod-docs-content-type: ASSEMBLY +[id="cloud-experts-deploying-application-logging"] += Tutorial: Logging +include::_attributes/common-attributes.adoc[] +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: cloud-experts-deploying-application-logging + +toc::[] + +//rosaworkshop.io content metadata +//Brought into ROSA product docs 2024-05-01 + +There are various methods to view your logs in {product-rosa} (ROSA). Use the following procedures to forward the logs to AWS CloudWatch and view the logs directly through the pod by using `oc logs`. + +[NOTE] +==== +ROSA is not preconfigured with a logging solution. +==== + +.Prerequisites + +* Set up a logging solution before viewing your logs. See the xref:../../observability/logging/cluster-logging-deploying.adoc#cluster-logging-deploying[Installing logging] documentation for more information. + +[role="_additional-resources"] +.Additional resources +* xref:../../observability/logging/cluster-logging.adoc#cluster-logging[Cluster logging] + +== Forwarding logs to CloudWatch + +Install the logging add-on service to forward the logs to AWS CloudWatch. + +//These steps were adopted from the Managed OpenShift Black Belt Tutorial "Using the AWS CloudWatch agent to publish metrics to CloudWatch in ROSA". + +. Run the following script to configure your ROSA cluster to forward logs to CloudWatch: ++ +[source,terminal] +---- +$ curl https://raw.githubusercontent.com/openshift-cs/rosaworkshop/master/rosa-workshop/ostoy/resources/configure-cloudwatch.sh | bash +---- ++ +[NOTE] +==== +Configuring ROSA to send logs to CloudWatch goes beyond the scope of this tutorial. Integrating with AWS and enabling CloudWatch logging are important aspects of ROSA, so a script is included to simplify the configuration process. The script will automatically set up AWS CloudWatch. You can examine the script to understand the steps involved. +==== ++ +.Example output ++ +[source,terminal] +---- +Varaibles are set...ok. +Policy already exists...ok. +Created RosaCloudWatch-mycluster role. +Attached role policy. +Deploying the Red Hat OpenShift Logging Operator +namespace/openshift-logging configured +operatorgroup.operators.coreos.com/cluster-logging created +subscription.operators.coreos.com/cluster-logging created +Waiting for Red Hat OpenShift Logging Operator deployment to complete... +Red Hat OpenShift Logging Operator deployed. +secret/cloudwatch-credentials created +clusterlogforwarder.logging.openshift.io/instance created +clusterlogging.logging.openshift.io/instance created +Complete. +---- +. After a few minutes, you should begin to see log groups inside of AWS CloudWatch. Run the following command to see the log groups: ++ +[source,terminal] +---- +$ aws logs describe-log-groups --log-group-name-prefix rosa-mycluster +---- ++ +.Example output ++ +[source,terminal] +---- +{ + "logGroups": [ + { + "logGroupName": "rosa-mycluster.application", + "creationTime": 1724104537717, + "metricFilterCount": 0, + "arn": "arn:aws:logs:us-west-2:000000000000:log-group:rosa-mycluster.application:*", + "storedBytes": 0, + "logGroupClass": "STANDARD", + "logGroupArn": "arn:aws:logs:us-west-2:000000000000:log-group:rosa-mycluster.application" + }, + { + "logGroupName": "rosa-mycluster.audit", + "creationTime": 1724104152968, + "metricFilterCount": 0, + "arn": "arn:aws:logs:us-west-2:000000000000:log-group:rosa-mycluster.audit:*", + "storedBytes": 0, + "logGroupClass": "STANDARD", + "logGroupArn": "arn:aws:logs:us-west-2:000000000000:log-group:rosa-mycluster.audit" + }, +---- + +== Outputting the data to the streams and logs +. Output a message to `stdout`. +.. In the OSToy application, click *Home* and then click the message box for *Log Message (stdout)*. +.. Write a message to output to the `stdout` stream, for example "All is well!". +.. Click *Send Message*. ++ +image:cloud-experts-deploying-application-logging-ostoy-stdout.png[] ++ +. Output a message to `stderr`. +.. Click the message box for *Log Message (stderr)*. +.. Write a message to output to the `stderr` stream, for example "Oh no! Error!". +.. Click *Send Message*. ++ +image:cloud-experts-deploying-application-logging-ostoy-stderr.png[] + +== Viewing the application logs by using the `oc` command +. Enter the following command in the command line interface (CLI) to retrieve the name of your frontend pod: ++ +[source,terminal] +---- +$ oc get pods -o name +---- ++ +.Example output ++ +[source,terminal] +---- +pod/ostoy-frontend-679cb85695-5cn7x <1> +pod/ostoy-microservice-86b4c6f559-p594d +---- +<1> The pod name is `ostoy-frontend-679cb85695-5cn7x`. ++ +. Run the following command to see both the `stdout` and `stderr` messages: ++ +[source,terminal] +---- +$ oc logs +---- ++ +.Example output ++ +[source,terminal] +---- +$ oc logs ostoy-frontend-679cb85695-5cn7x +[...] +ostoy-frontend-679cb85695-5cn7x: server starting on port 8080 +Redirecting to /home +stdout: All is well! +stderr: Oh no! Error! +---- + +== Viewing the logs with CloudWatch +. Navigate to *CloudWatch* on the link:https://aws.amazon.com/free/?gclid=EAIaIQobChMIoq2X27fZhgMVaAutBh1Q2w1jEAAYASAAEgL5y_D_BwE&trk=7541ebd3-552d-4f98-9357-b542436aa66c&sc_channel=ps&ef_id=EAIaIQobChMIoq2X27fZhgMVaAutBh1Q2w1jEAAYASAAEgL5y_D_BwE:G:s&s_kwcid=AL!4422!3!651751058796!e!!g!!aws%20console!19852662149!145019243977&all-free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sort-order=asc&awsf.Free%20Tier%20Types=*all&awsf.Free%20Tier%20Categories=*all[AWS web console]. +. In the left menu, click *Logs* and then *Log groups* to see the different groups of logs. You should see 3 groups: + +** `rosa-.application` +** `rosa-.audit` +** `rosa-.infrastructure` ++ +image:cloud-experts-deploying-application-logging-cw.png[] ++ +. Click `rosa-.application`. +. Click the log stream for the frontend pod. ++ +image:cloud-experts-deploying-application-logging-logstream2.png[] ++ +. Filter for `stdout` and `stderr`. +. Expand the row to show the messages you entered earlier and other pertinent information. ++ +image:cloud-experts-deploying-application-logging-stderr.png[] ++ +. Return to the log streams and select the microservice. +. Enter "microservice" in the search bar to see other messages in your logs. +. Expand one of the entries to see the color the frontend pod received from microservice and which pod sent that color to the frontend pod. ++ +image:cloud-experts-deploying-application-logging-messages.png[] + +[role="_additional-resources"] +.Additional resources +* link:https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html[What is Amazon CloudWatch] \ No newline at end of file diff --git a/images/cloud-experts-deploying-application-logging-cw.png b/images/cloud-experts-deploying-application-logging-cw.png new file mode 100644 index 0000000000..a6af67c62e Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-cw.png differ diff --git a/images/cloud-experts-deploying-application-logging-erronly.png b/images/cloud-experts-deploying-application-logging-erronly.png new file mode 100644 index 0000000000..3f33aa6fa1 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-erronly.png differ diff --git a/images/cloud-experts-deploying-application-logging-filtererr.png b/images/cloud-experts-deploying-application-logging-filtererr.png new file mode 100644 index 0000000000..7c26b412a7 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-filtererr.png differ diff --git a/images/cloud-experts-deploying-application-logging-kibana.png b/images/cloud-experts-deploying-application-logging-kibana.png new file mode 100644 index 0000000000..d68dc9d555 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-kibana.png differ diff --git a/images/cloud-experts-deploying-application-logging-logdata.png b/images/cloud-experts-deploying-application-logging-logdata.png new file mode 100644 index 0000000000..bee9a38503 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-logdata.png differ diff --git a/images/cloud-experts-deploying-application-logging-logoutput.png b/images/cloud-experts-deploying-application-logging-logoutput.png new file mode 100644 index 0000000000..b5b45aca76 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-logoutput.png differ diff --git a/images/cloud-experts-deploying-application-logging-logstream2.png b/images/cloud-experts-deploying-application-logging-logstream2.png new file mode 100644 index 0000000000..97779314f5 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-logstream2.png differ diff --git a/images/cloud-experts-deploying-application-logging-messages.png b/images/cloud-experts-deploying-application-logging-messages.png new file mode 100644 index 0000000000..b11d60b346 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-messages.png differ diff --git a/images/cloud-experts-deploying-application-logging-ostoy-stderr.png b/images/cloud-experts-deploying-application-logging-ostoy-stderr.png new file mode 100644 index 0000000000..8e1d80facc Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-ostoy-stderr.png differ diff --git a/images/cloud-experts-deploying-application-logging-ostoy-stdout.png b/images/cloud-experts-deploying-application-logging-ostoy-stdout.png new file mode 100644 index 0000000000..e26cf2aa73 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-ostoy-stdout.png differ diff --git a/images/cloud-experts-deploying-application-logging-stderr.png b/images/cloud-experts-deploying-application-logging-stderr.png new file mode 100644 index 0000000000..d1fd636e71 Binary files /dev/null and b/images/cloud-experts-deploying-application-logging-stderr.png differ diff --git a/trust.json b/trust.json new file mode 100644 index 0000000000..36e924991b --- /dev/null +++ b/trust.json @@ -0,0 +1,17 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Federated": "arn:aws:iam::269733383066:oidc-provider/oidc.op1.openshiftapps.com/2bsd7fnevjg1k8e6b3t3jsforlhrrgoc" + }, + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "oidc.op1.openshiftapps.com/2bsd7fnevjg1k8e6b3t3jsforlhrrgoc:sub": "system:serviceaccount:ack-system:ack-s3-controller" + } + } + } + ] +}