- ã¯ã˜ã‚ã«
- Loki ã«ã¤ã„ã¦
- クエリã®ç¨®é¡ž
- OpenShift Logging ã¨ã—ã¦ã®æ§‹ç¯‰
- ç°¡å˜ãªã‚¢ã‚¯ã‚»ã‚¹ç¢ºèª
- ãŠã‚ã‚Šã«
ã¯ã˜ã‚ã«
Red Hat Advent Calendar 2023 ã® 12月14æ—¥ã®è¨˜äº‹ã§ã™ã€‚OpenShift Cluster Logging 㧠Loki ãŒåˆ©ç”¨ã§ãるよã†ã«ãªã£ã¦ã‹ã‚‰ã—ã°ã‚‰ã時間ãŒçµŒã¡ã€æ®µã€…ã¨åˆ©ç”¨ã•ã‚Œã¤ã¤ã‚ã‚‹ã®ã§ã¯ãªã„ã‹ã¨æ€ã„ã¾ã™ã€‚ 本記事ã§ã¯ã€OpenShift Cluster Logging (Loki) ã‚’ OpenShift Web Console ã‹ã‚‰ã§ã¯ãªãã€ã‚ãˆã¦ CLI 経由ã§ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã¿ã¾ã™ã€‚
Loki ã«ã¤ã„ã¦
Loki 㯠Grafana Loki ã¨ã„ã†å称ã§ã€Prometheus ã‹ã‚‰ã‚¤ãƒ³ã‚¹ãƒ‘イアã•ã‚ŒãŸã‚¹ã‚±ãƒ¼ãƒ©ãƒ“リティã€å¯ç”¨æ€§ã€ãƒžãƒ«ãƒãƒ†ãƒŠãƒ³ãƒˆã«å¯¾å¿œã—ãŸãƒã‚°åŽé›†ã‚·ã‚¹ãƒ†ãƒ ã§ã™ã€‚ ä»–ã®ãƒã‚°ã‚·ã‚¹ãƒ†ãƒ ã¨ç•°ãªã‚Šã€ãƒã‚°è‡ªèº«ã«ã¯ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã‚’æŒãŸãšã€ãƒ¡ã‚¿ãƒ‡ãƒ¼ã‚¿ã®ã¿ã‚’インデックス化ã—ã¦ç®¡ç†ã—ã¾ã™ã€‚ ãƒã‚°ã¯ãƒ¡ã‚¿ãƒ‡ãƒ¼ã‚¿ã¨ã—ã¦ãƒ©ãƒ™ãƒ«ã‚’æŒã¤ã“ã¨ã§ç®¡ç†ã•ã‚Œã¾ã™ã€‚åŒã˜ãƒ©ãƒ™ãƒ«ã‚’ã‚‚ã¤ãƒã‚°ã®ã‚»ãƒƒãƒˆã‚’ Log Stream ã¨å‘¼ã³ã¾ã™ã€‚
ãƒã‚°ãƒ‡ãƒ¼ã‚¿ã¯åœ§ç¸®ã•ã‚Œã€ã‚ªãƒ–ジェクトストレージã«æ ¼ç´ã•ã‚Œã‚‹ãŸã‚ãƒã‚°ãƒ‡ãƒ¼ã‚¿ã‚’効率よãä¿æŒã§ãる仕組ã¿ã¨ãªã£ã¦ã„ã¾ã™ã€‚
クエリã®ç¨®é¡ž
Loki ã®æ¤œç´¢ã¯ LogQL を利用ã—ã¾ã™ã€‚OpenShift ã® Web Console ã‹ã‚‰å‘¼ã³å‡ºã™ã¨ãã«ä½¿ã„ã¾ã™ã€‚æ ¼ç´ã•ã‚ŒãŸãƒã‚°ã‹ã‚‰ç‰¹å®šã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãªã©ã‚’絞り込んã§è¦‹ã‚‹éš›ã«åˆ©ç”¨ã—ã¾ã™ã€‚LogQL 㯠2ã¤ã®ç¨®é¡žãŒã‚ã‚Šã€ãã‚Œãžã‚Œ Log クエリ㨠Metric クエリã«åˆ¥ã‚Œã¾ã™ã€‚
Log クエリ
ãƒã‚°ãƒ‡ãƒ¼ã‚¿ã‚’è¿”å´ã—ã¾ã™ã€‚ãƒã‚°ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®çµžã‚Šè¾¼ã¿ãªã©ã§ç›®çš„ã®ã‚¨ãƒ©ãƒ¼æƒ…å ±ãªã©ã‚’検索ã™ã‚‹ã¨ãã«æ´»èºã—ã¾ã™
Metric クエリ
Log クエリã®æ‹¡å¼µç‰ˆã§ãƒã‚°ã®æ¤œç´¢çµæžœã‚’ベースã«æ¼”ç®—ã™ã‚‹ã“ã¨ãŒç›®çš„ã§ã™ã€‚
OpenShift Logging ã¨ã—ã¦ã®æ§‹ç¯‰
ã¾ãšã¯è£½å“ドã‚ュメントã«å¾“ã„ãªãŒã‚‰ã€Loki を利用ã—㟠Logging を構築ã—ã¦ã„ãã¾ã™ã€‚
ã¾ãšã¯ Operator ã®å°Žå…¥ã‹ã‚‰ã€‚Operator 㯠Loki Operator 㨠OpenShift Cluster Logging Operator ã® 2 ã¤ãŒå¿…è¦ã¨ãªã‚Šã¾ã™ã€‚ãã‚Œãžã‚Œã‚’インストールã—ã¾ã™ã€‚
Operator ã®å°Žå…¥
Loki Operator をインストールã™ã‚‹ Namespace ã®ä½œæˆ
$ cat << EOF | oc create -f -
apiVersion: v1
kind: Namespace
metadata:
name: openshift-operators-redhat
annotations:
openshift.io/node-selector: ""
labels:
openshift.io/cluster-monitoring: "true"
EOF
Cluster Logging Operator をインストールã™ã‚‹ Namespace ã®ä½œæˆ
$ cat <<EOF | oc create -f -
apiVersion: v1
kind: Namespace
metadata:
name: openshift-logging
annotations:
openshift.io/node-selector: ""
labels:
openshift.io/cluster-monitoring: "true"
EOF
OpenShift Cluster Logging 用㮠OperatorGroup 㨠Subscription を作æˆã™ã‚‹
OperatorGroup ã®ä½œæˆ
$ cat <<EOF | oc create -f - apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: cluster-logging namespace: openshift-logging spec: targetNamespaces: - openshift-logging EOF
続ã„ã¦ã€Subscription を作æˆã—ã¾ã™ã€‚
$ cat <<EOF | oc create -f - apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: cluster-logging namespace: openshift-logging spec: spec: channel: stable-5.8 installPlanApproval: Automatic name: cluster-logging source: redhat-operators sourceNamespace: openshift-marketplace startingCSV: cluster-logging.v5.8.0 EOF
次ã«ã€Loki Operator をインストールã—ã¾ã™ã€‚Cluster Logging Operator åŒæ§˜ã« Subscription を作æˆã—ã¾ã™ã€‚
$ cat << EOF | oc create -f - apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: loki-operator namespace: openshift-operators-redhat spec: channel: stable-5.8 installPlanApproval: Automatic name: loki-operator source: redhat-operators sourceNamespace: openshift-marketplace EOF
Loki ã®ãƒ‡ãƒ—ãƒã‚¤
Loki 㯠Object Storage ã‚’å¿…è¦ã¨ã—ã¾ã™ã€‚今回ã®æ§‹ç¯‰ç’°å¢ƒã¯ AWS を利用ã—ã¦ã„ã‚‹ã®ã§ã€é©å½“ã« AWS S3 ã®ãƒã‚±ãƒƒãƒˆã‚’作æˆã—ã¦åˆ©ç”¨ã—ã¾ã™ã€‚ Object Storage ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹æƒ…å ±ã¯ Secret を利用ã—ã¦æŒ‡å®šã™ã‚‹ãŸã‚ã€æŽ¥ç¶šæƒ…å ±ã‚’ä»¥ä¸‹ã®ã‚ˆã†ã«ç”¨æ„ã—ã¾ã™ã€‚
$ cat <<EOF | oc create -f - apiVersion: v1 kind: Secret metadata: name: logging-loki-s3 namespace: openshift-logging stringData: access_key_id: <ACCESS KEY> access_key_secret: <ACCESS_KEY_SECRET> bucketnames: <BUCKET_NAME> endpoint: https://s3.ap-southeast-2.amazonaws.com region: ap-southeast-2 EOF
次ã«ã€LokiStack Custom Resource を作æˆã—ã¾ã™ã€‚今回作æˆã™ã‚‹ LokiStack ã®ã‚µã‚¤ã‚ºã¯ 1x.small ã¨ã—ã¾ã™ã€‚
$ cat <<EOF | oc create -f -
apiVersion: loki.grafana.com/v1
kind: LokiStack
metadata:
name: logging-loki # 1
namespace: openshift-logging
spec:
size: 1x.small #2
storage:
schemas:
- version: v12
effectiveDate: '2022-06-01'
secret:
name: logging-loki-s3 #3
type: s3 #4
storageClassName: gp3-csi #5
tenants:
mode: openshift-logging
EOF
パラメタã®ç°¡å˜ãªèª¬æ˜Ž
- logging-loki ã¨ã„ã†åå‰ã‚’使用ã—ã¦ãã ã•ã„。
- Loki ã®å±•é–‹ã‚µã‚¤ã‚ºã‚’é¸æŠžã—ã¦ãã ã•ã„。
- ãƒã‚°ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã«ä½¿ç”¨ã™ã‚‹ã‚·ãƒ¼ã‚¯ãƒ¬ãƒƒãƒˆã‚’指定ã—ã¦ãã ã•ã„。
- 対応ã™ã‚‹ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã‚¿ã‚¤ãƒ—を指定ã—ã¦ãã ã•ã„。
- 一時的ãªã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã«æ—¢å˜ã®ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã‚¯ãƒ©ã‚¹ã®åå‰ã‚’入力ã—ã¦ãã ã•ã„。最é©ãªãƒ‘フォーマンスを得るãŸã‚ã«ã¯ã€ãƒ–ãƒãƒƒã‚¯ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã‚’割り当ã¦ã‚‹ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã‚¯ãƒ©ã‚¹ã‚’指定ã—ã¦ãã ã•ã„。クラスタã§åˆ©ç”¨å¯èƒ½ãªã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã‚¯ãƒ©ã‚¹ã¯ã€oc get storageclasses コマンドを使用ã—ã¦ãƒªã‚¹ãƒˆã‚¢ãƒƒãƒ—ã§ãã¾ã™ã€‚
Cluster Logging ã¨ã—ã¦åˆ©ç”¨ã™ã‚‹
デプãƒã‚¤ã—㟠Loki ã‚’ OpenShift Cluster Logging ã¨ã—ã¦åˆ©ç”¨ã—ã¾ã™ã€‚
$ cat << EOF | oc create -f -
apiVersion: logging.openshift.io/v1
kind: ClusterLogging
metadata:
name: instance
namespace: openshift-logging
spec:
logStore:
type: lokistack
lokistack:
name: logging-loki
collection:
type: vector
EOF
ç°¡å˜ãªã‚¢ã‚¯ã‚»ã‚¹ç¢ºèª
Web Console ã‹ã‚‰ã®ã‚¢ã‚¯ã‚»ã‚¹
ã“ã“ã¾ã§ã§ã€Loki ãŒåˆ©ç”¨ã§ãるよã†ã«ãªã£ã¦ã„ã‚‹ã¯ãšãªã®ã§ã€Web Console ã‹ã‚‰ã‚‚ç°¡å˜ã«ç¢ºèªã—ã¦ã¿ã¾ã™ã€‚ Web Console ã® Administrator ã®ç”»é¢ã‹ã‚‰ã€ Observe > Logs ã‚’é¸æŠžã™ã‚‹ã¨ç”»é¢ãŒè¡¨ç¤ºã•ã‚Œã¾ã™ã€‚
CLI ã‹ã‚‰ã®ã‚¢ã‚¯ã‚»ã‚¹
ã“ã“ã§æœ¬é¡Œã§ã™ã€‚今回 CLI アクセスを試ã™ãã£ã‹ã‘ã¨ãªã£ãŸã®ã¯ã€å®Ÿã¯ OpenShift Web Console ã‹ã‚‰ã¯ã¾ã Metric クエリを実行ã™ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“。ãã®ãŸã‚ã€Metric クエリを実行ã™ã‚‹ã«ã¯ã©ã†ã—ã¦ã‚‚ CLI 経由ã§ã®å‘¼ã³å‡ºã—ãŒå¿…è¦ã¨ãªã‚Šã¾ã™ã€‚
アクセス方法ã®ç¢ºèª
Loki ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã¯ Route 経由ã§è¡Œã„ã¾ã™ã€‚
$ oc get route -n openshift-logging NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD logging-loki logging-loki-openshift-logging.apps.samplecluster.sandboxABCDE.opentlc.com logging-loki-gateway-http public reencrypt None
呼ã³å‡ºã—方を確èªã™ã‚‹ãŸã‚ã€è©¦ã—ã« Route ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã¿ã¾ã™ã€‚Loki 㯠OpenShift ã«ã‚ˆã‚‹èªè¨¼ã‚’利用ã—ã¦ã„ã‚‹ãŸã‚ã€OpenShift ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ãƒˆãƒ¼ã‚¯ãƒ³ã‚’利用ã—ã¦ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã¿ã¾ã™ã€‚
$ curl -k -s -H 'Authorization: Bearer <TOKEN>' https://logging-loki-openshift-logging.apps.samplecluster.sandboxABCDE.opentlc.com
{
"paths": [
"/api/logs/v1/{tenant}/*"
]
}
{tenant} を指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šãã†ã§ã™ã€‚テナントã¨ã¯ä½•ã§ã—ょã†ã‹ã€‚実ã¯ã€OpenShift Cluster Logging ã§ã¯ Loki ã®ãƒžãƒ«ãƒãƒ†ãƒŠãƒ³ãƒˆæ©Ÿèƒ½ã‚’利用ã—ã¦ã€infrastracture ãƒã‚°ã€application ãƒã‚°ã€audit ãƒã‚°ã‚’分ã‘ã¦æ ¼ç´ã—ã¦ã„ã¾ã™ã€‚
ãã®ãŸã‚ã€ã“ã“ã§ã„ㆠ{tenant} 㯠infrastructureã€applicationã€audit ã¨ãªã‚Šã¾ã™ã€‚
Loki ã® API ã®ãƒ‘スã¯è£½å“ドã‚ュメントã«è¨˜è¼‰ãŒã‚り以下ã®ã‚ˆã†ã«ãªã£ã¦ã„ã¾ã™ã€‚パスã®æœ€å¾Œã«ã‚ã‚‹ query_range ã¯å‘¼ã³å‡ºã™APIã«ã‚ˆã‚Šä»£ã‚ã‚Šã¾ã™ãŒã€ä»Šå›žã¯ Metric クエリを呼ã³å‡ºã™ã®ã§ã“ã¡ã‚‰ã‚’利用ã—ã¾ã™ã€‚
GET /loki/api/v1/query_range
ã“れをåˆã‚ã›ã‚‹ã¨æ¬¡ã®ã‚ˆã†ãªURLを呼ã³å‡ºã™ã“ã¨ã§ã€curl ã§ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ã“ã¨ãŒã‚ã‹ã‚Šã¾ã™ã€‚
https://logging-loki-openshift-logging.apps.samplecluster.sandboxABCDE.opentlc.com/api/logs/v1/{tenant}/loki/api/v1/query_range
Metric クエリを呼ã³å‡ºã—ã¦ã¿ã‚‹
LogQL ã¯ç©ºç™½ã‚„シングルクォートãªã©ã‚‚å«ã‚€ãŸã‚ã€URLエンコードã—ãŸå½¢ã§æŒ‡å®šã—ã¾ã™ã€‚curl コマンドã§ã¯ãƒ‘ラメタ指定ã«ã‚ˆã‚ŠURLエンコードを行ã†ã“ã¨ã¯ã§ãã¾ã™ãŒã€äºˆã‚エンコードã—ã¦ãŠãã¾ã™ã€‚
今回テストã™ã‚‹ã®ã¯æ¬¡ã® Metric クエリã§ã™ã€‚ Namespace 毎㫠log_type=infrastructure ã®ãƒã‚°æ•°ã‚’カウントã™ã‚‹ã¨ã„ã†ã‚‚ã®ã§ã™ã€‚
sum by (kubernetes_namespace_name) (count_over_time({ log_type="infrastructure" } [5m]) )
curl コマンドã«ã™ã‚‹ã¨ä»¥ä¸‹ã®ã‚ˆã†ãªæ„Ÿã˜ã§ã™ã€‚
$ curl -G -k -s -H 'Authorization: Bearer sha256~_hJqP4Ksy5Opcs1_37s2fC2_XFXWigO6iXJEDBpM_nA' https://logging-loki-openshift-logging.apps.samplecluster.sandboxABCDE.opentlc.com/api/logs/v1/infrastructure/loki/api/v1/query_range --data 'query=sum%20by%20(kubernetes_namespace_name)%20(count_over_time(%7B%20log_type%3D%22infrastructure%22%20%7D%20%5B5m%5D)%20)' --data-urlencode step=2m --data-urlencode start=1702467769 --data-urlencode end=1702471369
呼ã³å‡ºã—çµæžœ
{
"status": "success",
"data": {
"resultType": "matrix",
"result": [
{
"metric": {
"kubernetes_namespace_name": "openshift-apiserver"
},
"values": [
[
1702469160,
"1"
],
[
1702469280,
"1"
],
[
1702469400,
"5"
],
[
1702469520,
"4"
],
[
1702469640,
"4"
],
[
...
ã†ã¾ãå–å¾—ã§ããŸã‚ˆã†ã§ã™ã€‚
LogCLI
次ã«ã€Loki ã® CLI LogCLI ã§ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’試ã—ã¾ã™ã€‚ コマンドã¯ã€ä»¥ä¸‹ã®ãƒšãƒ¼ã‚¸ã‚’å‚考ã«äºˆã‚準備ã—ã¦ãã ã•ã„。
環境変数ã§æŽ¥ç¶šå…ˆã¨èªè¨¼æƒ…å ±ã‚’è¨å®šã—ã¾ã™ã€‚呼ã³å‡ºã—ãŸã„テナント毎ã«å‘¼ã³å‡ºã—å…ˆã¯å¤‰ãˆã¦ãã ã•ã„。
$ export LOKI_BEARER_TOKEN="<TOKEN>" $ export LOKI_ADDR=https://logging-loki-openshift-logging.apps.samplecluster.sandboxABCDE.opentlc.com/api/logs/v1/infrastructure
コマンドを実行ã—ã¾ã™ã€‚OpenShift ã®è¨¼æ˜Žæ›¸ã¯è‡ªå·±ç½²å証明書を利用ã—ã¦ã„ã‚‹ãŸã‚ã€TLSã®ãƒã‚§ãƒƒã‚¯ã¯ã‚¹ã‚ップã™ã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚
$ logcli query --tls-skip-verify 'sum by (kubernetes_namespace_name) (count_over_time({ log_type="infrastructure" } [5m]) )'
出力çµæžœãŒå–å¾—ã§ãã¾ã—ãŸã€‚ curl ã§å–å¾—ã—ãŸã¨ãã¨ç•°ãªã‚Šã€result ãŒæŠ½å‡ºã•ã‚Œã¦ã¾ã™ã€‚
[
{
"metric": {
"kubernetes_namespace_name": "openshift-apiserver"
},
"values": [
[
1702470154,
"4"
],
[
1702470168,
"4"
],
[
1702470182,
"4"
],
[
1702470196,
"4"
],
[
1702470210,
...
ãŠã‚ã‚Šã«
今回ã¯ã€CLI を用ã„㦠Loki ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’ã—ã¦ã¿ã¾ã—ãŸã€‚ã“ã‚Œã«ã‚ˆã‚Šç¾åœ¨ã¯ Web Console ã‹ã‚‰åˆ©ç”¨ã§ããªã„ Metric クエリã®çµæžœã‚’å–å¾—ã§ãã‚‹ã“ã¨ãŒè©¦ã›ã¾ã—ãŸã€‚ ã¾ã 発展途上ã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã¯ã‚ã‚Šã¾ã™ãŒã€ã“ã†ã„ã£ãŸå½¢ã§ãƒã‚°ã®è§£æžãŒã§ãるよã†ã«ãªã£ã¦ã„ãã¨ãƒã‚°ã‚’利用ã—ãŸé‹ç”¨ã‚„調査ãªã©ãŒé€²ã¿ãã†ã§ã™ã€‚
