< img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3131724&fmt=gif" />
🚀 KubeSphere v4.1.2 with Enhancements and Bug Fixes is available now. Read the release notes for v4.1.2 → close
  • English
    • English
    • 简体中文
    1. 1.Create a KubeSphere Cloud account and log in to the platform.
    2. 2.In the upper-right corner, click Console, and then click Lite Cluster on the left.
    3. 3.Create a K8s cluster with KubeSphere installed.
    4. 4.Access KubeSphere with the default account and password (admin/P@88w0rd).
  •  Star
  1. Docs / 
  2. Documentation / 
  3. Cluster Administration / 
  4. Cluster Settings / 
  5. Log Receivers / 
  6. Add OpenSearch as a Log Receiver

Documentation

Last updated:
    Edit

    Add OpenSearch as a Log Receiver

    OpenSearch is a distributed, community-driven, and 100% open-source search and analytics suite licensed under Apache 2.0. It can be used for real-time application monitoring, log analysis, website search, and more.

    OpenSearch is backed by the Apache Lucene search library and supports a range of search and analysis features such as k-Nearest Neighbors (KNN) search, SQL, anomaly detection, Machine Learning Commons, Trace Analytics, full-text search, and more.

    OpenSearch provides a highly scalable system, allowing users to explore their data easily through integrated visualization tools.

    Starting from KubeSphere v3.4.0, OpenSearch v1 and v2 are integrated into it and set as the default backend storage for the logging, events, and auditing components.

    Prerequisites

    • You need a user with cluster management permissions. For example, you can log in to the console directly with the admin user or create a role with cluster management permissions and assign it to a user.

    • Before adding a log receiver, you need to enable the logging, events, or auditing components. For more information, see Enable Pluggable Components. This tutorial enables logging as an example.

    Use OpenSearch as a Log Receiver

    In KubeSphere v3.4.0 and later, OpenSearch is the default backend storage for logging, events, or auditing components. Configure as follows:

    $ kubectl edit cc -n kubesphere-system ks-installer

apiVersion: installer.kubesphere.io/v1alpha1
kind: ClusterConfiguration
metadata:
  name: ks-installer
  namespace: kubesphere-system
spec:
  common:
    opensearch:   # Storage backend for logging, events, and auditing.
      enabled: true
      logMaxAge: 7             # Log retention time in built-in Opensearch. It is 7 days by default.
      opensearchPrefix: whizard      # The string making up index names. The index name will be formatted as ks-<opensearchPrefix>-logging.

    For KubeSphere versions below v3.4.0, please upgrade first.

    Enable Logging via the Console and Use OpenSearch as the Backend Storage

    1. Log in to the console as the admin user, click Platform in the upper left corner, and select Cluster Management.

    2. Click CRDs, enter clusterconfiguration in the search bar, and click the search result to view its detailed page.

    1. Under Custom Resources, click the three dots on the right side of ks-installer, select Edit YAML.

    1. In the YAML file, search for logging, change the enabled from false to true. After that, click OK in the lower-right corner to save the configuration.
    common:
  opensearch:
    enabled: true
    
logging:
  enabled: true

    Change Log Storage to External OpenSearch and Disable Internal OpenSearch

    If you are using KubeSphere's internal OpenSearch and want to change it to your external OpenSearch, follow these steps:

    1. Run the following command to update the cluster configuration:
    kubectl edit cc -n kubesphere-system ks-installer
    1. Set opensearch:externalOpensearchHost to the address of your external OpenSearch and set opensearch:externalOpensearchPort to its port. Comment or delete the status:logging field. Here is an example:
    apiVersion: installer.kubesphere.io/v1alpha1
kind: ClusterConfiguration
metadata:
  name: ks-installer
  namespace: kubesphere-system
spec:
  common:
    opensearch:
      enabled: true
      externalOpensearchHost: ""
      externalOpensearchPort: ""
      dashboard:
        enabled: false
status:
   # logging:
     #  enabledTime: 2023-08-21T21:05:13UTC
     #  status: enabled

    If you want to use the visualization tools of OpenSearch, set opensearch.dashboard.enabled to true.

    1. Run the following command to restart ks-installer.
    kubectl rollout restart deploy -n kubesphere-system ks-installer
    1. Run the following command to delete the internal OpenSearch. Make sure you have backed up the data in it.
    helm uninstall opensearch-master -n kubesphere-logging-system && helm uninstall opensearch-data -n kubesphere-logging-system && helm uninstall opensearch-logging-curator -n kubesphere-logging-system

    Query Logs in KubeSphere

    1. All users can use the log query feature. Log in with an account, hover over the icon in the lower right corner, and select Log Query from the pop-up menu.

    1. In the pop-up window, you can see the time histogram of the number of logs, the cluster dropdown list, and the log search bar.

    1. Click on the search bar and search for logs by message, workspace, project, resource type, resource name, reason, category, or time range (e.g., enter the time range: last 10 minutes to search for logs in the last 10 minutes). Alternatively, click on the bar in the time histogram, and KubeSphere will show logs in the time range of that bar.

    Receive the latest news, articles and updates from KubeSphere


    Thanks for the feedback. If you have a specific question about how to use KubeSphere, ask it on Slack. Open an issue in the GitHub repo if you want to report a problem or suggest an improvement.

    Previous : Add Fluentd as a Receiver
    What’s on this Page