openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-06 06:46:26 +01:00
Code Issues Releases Activity
Files
eb21424e97d48118fd1ff8c8b4dff94de2dd3b1c
openshift-docs/modules/querying-cluster-node-journal-logs.adoc
Paul Needle 33376b8489 Separating command and output for Support book
2020-08-07 12:03:33 +01:00

54 lines
2.3 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * support/gathering-cluster-data.adoc
// * support/troubleshooting/verifying-node-health.adoc
[id="querying-cluster-node-journal-logs_{context}"]
= Querying cluster node journal logs
You can gather `journald` unit logs and other logs within `/var/log` on individual cluster nodes.
.Prerequisites
* You have access to the cluster as a user with the `cluster-admin` role.
* Your API service is still functional.
* You have installed the OpenShift CLI (`oc`).
* You have SSH access to your hosts.
.Procedure
. Query `kubelet` `journald` unit logs from {product-title} cluster nodes. The following example queries master nodes only:
+
[source,terminal]
----
$ oc adm node-logs --role=master -u kubelet <1>
----
<1> Replace `kubelet` as appropriate to query other unit logs.
. Collect logs from specific subdirectories under `/var/log/` on cluster nodes.
.. Retrieve a list of logs contained within a `/var/log/` subdirectory. The following example lists files in `/var/log/openshift-apiserver/` on all master nodes:
+
[source,terminal]
----
$ oc adm node-logs --role=master --path=openshift-apiserver
----
+
.. Inspect a specific log within a `/var/log/` subdirectory. The following example outputs `/var/log/openshift-apiserver/audit.log` contents from all master nodes:
+
[source,terminal]
----
$ oc adm node-logs --role=master --path=openshift-apiserver/audit.log
----
+
.. If the API is not functional, review the logs on each node using SSH instead. The following example tails `/var/log/openshift-apiserver/audit.log`:
+
[source,terminal]
----
$ ssh core@<master-node>.<cluster_name>.<base_domain> sudo tail -f /var/log/openshift-apiserver/audit.log
----
+
[NOTE]
====
{product-title} {product-version} cluster nodes running {op-system-first} are immutable and rely on Operators to apply cluster changes. Accessing cluster nodes using SSH is not recommended and nodes will be tainted as _accessed_. Before attempting to collect diagnostic data over SSH, review whether the data collected by running `oc adm must gather` and other `oc` commands is sufficient instead. However, if the {product-title} API is not available, or the kubelet is not properly functioning on the target node, `oc` operations will be impacted. In such situations, it is possible to access nodes using `ssh core@<node>.<cluster_name>.<base_domain>`.
====
View Git Blame Copy Permalink