cluster-logging-eventrouter-deploy.adoc

Deploying and Configuring the Event Router

Use the following steps to deploy Event Router into your cluster.

The following Template object creates the Service Account, ClusterRole, and ClusterRoleBinding required for the Event Router.

Prerequisites

• You need proper permissions to create service accounts and update cluster role bindings. For example, you can run the following template with a user that has the cluster-admin role.

• Set TRANSFORM_EVENTS=true in order to process and store event router events in Elasticsearch.

  • Set cluster logging to the unmanaged state.

  • Enable the TRANSFORM_EVENTS feature.

    $ oc set env ds/fluentd TRANSFORM_EVENTS=true

Procedure

1. Create a template for the Event Router:

   kind: Template
   apiVersion: v1
   metadata:
     name: eventrouter-template
     annotations:
       description: "A pod forwarding kubernetes events to cluster logging stack."
       tags: "events,EFK,logging,cluster-logging"
   objects:
     - kind: ServiceAccount (1)
       apiVersion: v1
       metadata:
         name: eventrouter
         namespace: ${NAMESPACE}
     - kind: ClusterRole (2)
       apiVersion: v1
       metadata:
         name: event-reader
       rules:   (3)
       - apiGroups: [""]
         resources: ["events"]
         verbs: ["get", "watch", "list"]
     - kind: ClusterRoleBinding  (4)
       apiVersion: v1
       metadata:
         name: event-reader-binding
       subjects:
       - kind: ServiceAccount
         name: eventrouter
         namespace: ${NAMESPACE}
       roleRef:
         kind: ClusterRole
         name: event-reader
     - kind: ConfigMap
       apiVersion: v1
       metadata:
         name: eventrouter
         namespace: ${NAMESPACE}
       data:
         config.json: |-
           {
             "sink": "stdout"
           }
     - kind: Deployment
       apiVersion: apps/v1
       metadata:
         name: eventrouter
         namespace: ${NAMESPACE}
         labels:
           component: eventrouter
           logging-infra: eventrouter
           provider: openshift
       spec:
         selector:
           matchLabels:
             component: eventrouter
             logging-infra: eventrouter
             provider: openshift
         replicas: 1
         template:
           metadata:
             labels:
               component: eventrouter
               logging-infra: eventrouter
               provider: openshift
             name: eventrouter
           spec:
             serviceAccount: eventrouter
             containers:
               - name: kube-eventrouter
                 image: ${IMAGE}
                 imagePullPolicy: IfNotPresent
                 resources:
                   limits:
                     memory: ${MEMORY}
                   requests:
                     cpu: ${CPU}
                     memory: ${MEMORY}
                 volumeMounts:
                 - name: config-volume
                   mountPath: /etc/eventrouter
             volumes:
               - name: config-volume
                 configMap:
                   name: eventrouter
   parameters:
     - name: IMAGE (5)
       displayName: Image
       value: "registry.redhat.io/openshift4/ose-logging-eventrouter:latest"
     - name: MEMORY (6)
       displayName: Memory
       value: "128Mi"
     - name: CPU  (7)
       displayName: CPU
       value: "100m"
     - name: NAMESPACE  (8)
       displayName: Namespace
       value: "openshift-logging"

   1. Creates a Service Account for the Event Router.

   2. Creates a cluster role to monitor for events in the cluster.

   3. Allows the get, watch, and list permissions for the events resource.

   4. Creates a ClusterRoleBinding to bind the ClusterRole to the ServiceAccount.

   5. Specify the image version for the Event Router.

   6. Specify the memory limit for the Event Router pods. Defaults to '128Mi'.

   7. Specify the minimum amount of CPU to allocate to the Event Router. Defaults to '100m'.

   8. Specify the namespace where eventrouter is deployed. Defaults to openshift-logging. The value must be the same as specified for the ServiceAccount and ClusterRoleBinding. The project indicates where in Kibana you can locate events:

      • If the event router pod is deployed in a default project, such as kube-* and openshift-*, you can find the events under the .operation index.

      • If the event router pod is deployed in other projects, you can find the event under the index using the project namespace.

2. Use the following command to process and apply the template:

   $ oc process -f <templatefile> | oc apply -f -

   For example:

   $ oc process -f eventrouter.yaml | oc apply -f -
   
   serviceaccount/logging-eventrouter created
   clusterrole.authorization.openshift.io/event-reader created
   clusterrolebinding.authorization.openshift.io/event-reader-binding created
   configmap/logging-eventrouter created
   deployment.apps/logging-eventrouter created

3. Validate that the Event Router installed:

   $ oc get pods --selector  component=eventrouter -o name
   
   pod/logging-eventrouter-d649f97c8-qvv8r

   $ oc logs logging-eventrouter-d649f97c8-qvv8r
   
   {"verb":"ADDED","event":{"metadata":{"name":"elasticsearch-operator.v0.0.1.158f402e25397146","namespace":"openshift-operators","selfLink":"/api/v1/namespaces/openshift-operators/events/elasticsearch-operator.v0.0.1.158f402e25397146","uid":"37b7ff11-4f1a-11e9-a7ad-0271b2ca69f0","resourceVersion":"523264","creationTimestamp":"2019-03-25T16:22:43Z"},"involvedObject":{"kind":"ClusterServiceVersion","namespace":"openshift-operators","name":"elasticsearch-operator.v0.0.1","uid":"27b2ca6d-4f1a-11e9-8fba-0ea949ad61f6","apiVersion":"operators.coreos.com/v1alpha1","resourceVersion":"523096"},"reason":"InstallSucceeded","message":"waiting for install components to report healthy","source":{"component":"operator-lifecycle-manager"},"firstTimestamp":"2019-03-25T16:22:43Z","lastTimestamp":"2019-03-25T16:22:43Z","count":1,"type":"Normal"}}