This repo primary contains only the image definitions for the logstore components of the OpenShift Logging stack for releases 4.x and later. These components images, abbreviated as the "EFK" stack, include: Elasticsearch, Fluentd, Kibana. Please refer to the cluster-logging-operator and elasticsearch-operator for information regarding the operators which deploy these images.
The primary features this integration provides:
- Multitenant support to isolate logs from various project namespaces
- OpenShift OAuth2 integration
- Log Forwarding
- Historical log discovery and visualization
- Log aggregation of pod and node logs
Information to build the images from github source using an OKD deployment is found here. See the quickstart guide to deploy cluster logging.
Please check the release notes for deprecated features or breaking changes .
The cluster logging subsystem consists of multiple components commonly abbreviated as the "ELK" stack (though modified here to be the "EFK" stack).
Elasticsearch is a Lucene-based indexing object store into which logs are fed. Logs for node services and all containers in the cluster are fed into one deployed cluster. The Elasticsearch cluster should be deployed with redundancy and persistent storage for scale and high availability.
Fluentd is responsible for gathering log entries from nodes, enriching them with metadata, and forwarding them to the default logstore or other destinations defined by administrators. The content for this component has moved to https://github.com/viaq/logging-fluentd
Kibana presents a web UI for browsing and visualizing logs in Elasticsearch.
The cluster-logging-operator orchestrates the deployment of the cluster logging stack including: resource definitions, key/cert generation, component start and stop order.
Any issues can be filed at Red Hat JIRA. Please include as many details as possible in order to assist in issue resolution along with attaching a must gather output.
To contribute to the development of origin-aggregated-logging, see REVIEW.md