Merge pull request #12866 from mburke5678/enterprise-4.0

New assembly and modules for About EFK Logging

Author: mburke5678

_topic_map.yml

@@ -70,3 +70,34 @@ Topics:
   File: osdk-getting-started
 - Name: Migrating to Operator SDK v0.1.0
   File: migrating-to-osdk-v0-1-0
+---
+Name: Aggregated EFK Logging
+Dir: logging
+Distros: openshift-*
+Topics:
+- Name: About EFK logging
+  File: efk-logging
+- Name: Deploying EFK stack
+  File: efk-logging-deploy
+- Name: Uninstalling the EFK stack
+  File: efk-logging-uninstall
+- Name: Troubleshooting Kubernetes
+  File: efk-logging-troubleshooting
+- Name: Working with Elasticsearch
+  File: efk-logging-elasticsearch
+- Name: Working with Fluentd
+  File: efk-logging-fluentd
+- Name: Working with Kibana
+  File: efk-logging-kibana
+- Name: Working with Curator
+  File: efk-logging-curator
+- Name: Sending logs to external devices
+  File: efk-logging-external
+- Name: Setting the EFK logging driver
+  File: efk-logging-driver
+- Name: Manually rolling out Elasticsearch
+  File: efk-logging-manual-rollout
+- Name: Configuring systemd-journald and rsyslog
+  File: efk-logging-systemd
+- Name: Exported fields
+  File: efk-logging-exported-fields

logging/efk-logging-curator.adoc

@@ -0,0 +1,54 @@
+// For example:
+// * file name: assembly_my-assembly-a.adoc
+// * ID: [id='assembly_my-assembly-a_{context}']
+// * Title: = My assembly A
+//
+// The ID is used as an anchor for linking to the module.
+// Avoid changing it after the module has been published
+// to ensure existing links are not broken.
+//
+// In order for  the assembly to be reusable in other assemblies in a guide,
+// include {context} in the ID: [id='a-collection-of-modules_{context}'].
+//
+// If the assembly covers a task, start the title with a verb in the gerund
+// form, such as Creating or Configuring.
+// The `context` attribute enables module reuse. Every module's ID
+// includes {context}, which ensures that the module has a unique ID even if
+// it is reused multiple times in a guide.
+ifdef::context[:parent-context: {context}]
+:context: efk-logging-curator
+[id='efk-logging-curator_{context}']
+= Working with Elasticsearch Curator in {product-title}
+{product-author}
+{product-version}
+ifdef::openshift-enterprise[]
+:latest-tag: v3.11.16
+endif::[]
+ifdef::openshift-origin[]
+:latest-tag: v3.11.16
+endif::[]
+:data-uri:
+:icons:
+:experimental:
+:toc: macro
+:toc-title:
+:prewrap!:
+
+toc::[]
+
+As an administrator, you can use the built-in Elasticsearch Curator tool to configure scheduled Elasticsearch maintenance operations 
+to be performed automatically on a per-project basis.
+
+// The following include statements pull in the module files that comprise
+// the assembly. Include any combination of concept, procedure, or reference
+// modules required to cover the user story. You can also include other
+// assemblies.
+
+include::modules/efk-logging-curator-configure.adoc[leveloffset=+2]
+
+include::modules/efk-logging-curator-actions.adoc[leveloffset=+2]
+
+include::modules/efk-logging-curator-configuration.adoc[leveloffset=+2]
+
+ifdef::parent-context[:context: {parent-context}]
+ifndef::parent-context[:!context:]

logging/efk-logging-deploy.adoc

@@ -0,0 +1,75 @@
+// For example:
+// * file name: assembly_my-assembly-a.adoc
+// * ID: [id='assembly_my-assembly-a_{context}']
+// * Title: = My assembly A
+//
+// The ID is used as an anchor for linking to the module.
+// Avoid changing it after the module has been published
+// to ensure existing links are not broken.
+//
+// In order for  the assembly to be reusable in other assemblies in a guide,
+// include {context} in the ID: [id='a-collection-of-modules_{context}'].
+//
+// If the assembly covers a task, start the title with a verb in the gerund
+// form, such as Creating or Configuring.
+// The `context` attribute enables module reuse. Every module's ID
+// includes {context}, which ensures that the module has a unique ID even if
+// it is reused multiple times in a guide.
+ifdef::context[:parent-context: {context}]
+:context: efk-logging-deploy
+[id='efk-logging-deploy_{context}']
+= Deploying EFK logging
+{product-author}
+{product-version}
+ifdef::openshift-enterprise[]
+:latest-tag: v3.11.16
+endif::[]
+ifdef::openshift-origin[]
+:latest-tag: v3.11.16
+endif::[]
+:data-uri:
+:icons:
+:experimental:
+:toc: macro
+:toc-title:
+:prewrap!:
+
+toc::[]
+
+The process for deploying the EFK into {prouct-title} involves:
+
+* Preparing yourself and your environment;
+
+* Editing the Ansible inventory file for your environment;
+
+* Optionally, configure the inventory file to deploy the Ops Cluster;
+
+* Optionally, configure the inventory file to deploy the eventrouter;
+
+* Running the logging installer Ansible playbook.
+
+// The following include statements pull in the module files that comprise
+// the assembly. Include any combination of concept, procedure, or reference
+// modules required to cover the user story. You can also include other
+// assemblies.
+
+include::modules/efk-logging-deploy-pre.adoc[leveloffset=+2]
+
+include::modules/efk-logging-storage-considerations.adoc[leveloffset=+2]
+
+include::modules/efk-logging-deploy-variables.adoc[leveloffset=+2]
+
+include::modules/efk-logging-deploy-ops-cluster.adoc[leveloffset=+2]
+
+include::modules/efk-logging-deploy-eventrouter.adoc[leveloffset=+2]
+
+include::modules/efk-logging-deploy-memory.adoc[leveloffset=+2]
+
+include::modules/efk-logging-deploy-certificates.adoc[leveloffset=+2]
+
+include::modules/efk-logging-deploy-playbook.adoc[leveloffset=+2]
+
+include::modules/efk-logging-deploy-label.adoc[leveloffset=+2]
+
+ifdef::parent-context[:context: {parent-context}]
+ifndef::parent-context[:!context:]

logging/efk-logging-driver.adoc

@@ -0,0 +1,54 @@
+// For example:
+// * file name: assembly_my-assembly-a.adoc
+// * ID: [id='assembly_my-assembly-a_{context}']
+// * Title: = My assembly A
+//
+// The ID is used as an anchor for linking to the module.
+// Avoid changing it after the module has been published
+// to ensure existing links are not broken.
+//
+// In order for  the assembly to be reusable in other assemblies in a guide,
+// include {context} in the ID: [id='a-collection-of-modules_{context}'].
+//
+// If the assembly covers a task, start the title with a verb in the gerund
+// form, such as Creating or Configuring.
+// The `context` attribute enables module reuse. Every module's ID
+// includes {context}, which ensures that the module has a unique ID even if
+// it is reused multiple times in a guide.
+ifdef::context[:parent-context: {context}]
+:context: efk-logging-driver
+[id='efk-logging-driver_{context}']
+= Setting the EFK logging driver
+{product-author}
+{product-version}
+ifdef::openshift-enterprise[]
+:latest-tag: v3.11.16
+endif::[]
+ifdef::openshift-origin[]
+:latest-tag: v3.11.16
+endif::[]
+:data-uri:
+:icons:
+:experimental:
+:toc: macro
+:toc-title:
+:prewrap!:
+
+toc::[]
+
+By default, the *json-file* log driver is used by default for Docker in {product-title} as of {product-title} 3.9.
+However, if you have upgraded from {product-title} 3.7, your cluster might be configured to use the *journald* log driver configuration. 
+
+If you are using EFK logging, you should use the *json-file* log driver.
+
+// The following include statements pull in the module files that comprise
+// the assembly. Include any combination of concept, procedure, or reference
+// modules required to cover the user story. You can also include other
+// assemblies.
+
+include::modules/efk-logging-driver-viewing.adoc[leveloffset=+2]
+
+include::modules/efk-logging-driver-changing.adoc[leveloffset=+2]
+
+ifdef::parent-context[:context: {parent-context}]
+ifndef::parent-context[:!context:]

logging/efk-logging-elasticsearch.adoc

@@ -0,0 +1,55 @@
+// For example:
+// * file name: assembly_my-assembly-a.adoc
+// * ID: [id='assembly_my-assembly-a_{context}']
+// * Title: = My assembly A
+//
+// The ID is used as an anchor for linking to the module.
+// Avoid changing it after the module has been published
+// to ensure existing links are not broken.
+//
+// In order for  the assembly to be reusable in other assemblies in a guide,
+// include {context} in the ID: [id='a-collection-of-modules_{context}'].
+//
+// If the assembly covers a task, start the title with a verb in the gerund
+// form, such as Creating or Configuring.
+// The `context` attribute enables module reuse. Every module's ID
+// includes {context}, which ensures that the module has a unique ID even if
+// it is reused multiple times in a guide.
+ifdef::context[:parent-context: {context}]
+:context: efk-logging-elasticseearch
+[id='efk-logging-elasticsearch_{context}']
+= Working with Elasticsearch in {product-title}
+{product-author}
+{product-version}
+ifdef::openshift-enterprise[]
+:latest-tag: v3.11.16
+endif::[]
+ifdef::openshift-origin[]
+:latest-tag: v3.11.16
+endif::[]
+:data-uri:
+:icons:
+:experimental:
+:toc: macro
+:toc-title:
+:prewrap!:
+
+toc::[]
+
+{product-title} uses Elasticsearch (ES) to organize the log data from Fleutnd into datastores, or _indices_.
+
+// The following include statements pull in the module files that comprise
+// the assembly. Include any combination of concept, procedure, or reference
+// modules required to cover the user story. You can also include other
+// assemblies.
+
+include::modules/efk-logging-elasticsearch-ha.adoc[leveloffset=+2]
+
+include::modules/efk-logging-elasticsearch-persistent-storage.adoc[leveloffset=+2]
+
+include::modules/efk-logging-elasticsearch-scaling.adoc[leveloffset=+2]
+
+include::modules/efk-logging-elasticsearch-exposing.adoc[leveloffset=+2]
+
+ifdef::parent-context[:context: {parent-context}]
+ifndef::parent-context[:!context:]

logging/efk-logging-exported-fields.adoc

@@ -0,0 +1,82 @@
+// For example:
+// * file name: assembly_my-assembly-a.adoc
+// * ID: [id='assembly_my-assembly-a_{context}']
+// * Title: = My assembly A
+//
+// The ID is used as an anchor for linking to the module.
+// Avoid changing it after the module has been published
+// to ensure existing links are not broken.
+//
+// In order for  the assembly to be reusable in other assemblies in a guide,
+// include {context} in the ID: [id='a-collection-of-modules_{context}'].
+//
+// If the assembly covers a task, start the title with a verb in the gerund
+// form, such as Creating or Configuring.
+// The `context` attribute enables module reuse. Every module's ID
+// includes {context}, which ensures that the module has a unique ID even if
+// it is reused multiple times in a guide.
+ifdef::context[:parent-context: {context}]
+:context: efk-logging-exported-fields
+[id='efk-logging-exported-fields_{context}']
+= Exported fields
+{product-author}
+{product-version}
+ifdef::openshift-enterprise[]
+:latest-tag: v3.11.16
+endif::[]
+ifdef::openshift-origin[]
+:latest-tag: v3.11.16
+endif::[]
+:data-uri:
+:icons:
+:experimental:
+:toc: macro
+:toc-title:
+:prewrap!:
+
+toc::[]
+
+
+
+These are the fields exported by the logging system and available for searching
+from Elasticsearch and Kibana. Use the full, dotted field name when searching.
+For example, for an Elasticsearch */_search URL*, to look for a Kubernetes pod name,
+use `/_search/q=kubernetes.pod_name:name-of-my-pod`.
+
+The following sections describe fields that may not be present in your logging store.
+Not all of these fields are present in every record.
+The fields are grouped in the following categories:
+
+* `exported-fields-Default`
+* `exported-fields-rsyslog`
+* `exported-fields-systemd`
+* `exported-fields-kubernetes`
+* `exported-fields-docker`
+* `exported-fields-pipeline_metadata`
+* `exported-fields-ovirt`
+* `exported-fields-aushape`
+* `exported-fields-tlog`
+
+// The following include statements pull in the module files that comprise
+// the assembly. Include any combination of concept, procedure, or reference
+// modules required to cover the user story. You can also include other
+// assemblies.
+
+include::modules/efk-logging-exported-fields-default.adoc[leveloffset=+2]
+
+include::modules/efk-logging-exported-fields-rsyslog.adoc[leveloffset=+2]
+
+include::modules/efk-logging-exported-fields-systemd.adoc[leveloffset=+2]
+
+include::modules/efk-logging-exported-fields-kubernetes.adoc[leveloffset=+2]
+
+include::modules/efk-logging-exported-fields-docker.adoc[leveloffset=+2]
+
+include::modules/efk-logging-exported-fields-ovirt.adoc[leveloffset=+2]
+
+include::modules/efk-logging-exported-fields-aushape.adoc[leveloffset=+2]
+
+include::modules/efk-logging-exported-fields-tlog.adoc[leveloffset=+2]
+
+ifdef::parent-context[:context: {parent-context}]
+ifndef::parent-context[:!context:]