This section describes how to install the logging add-on and Amazon Web Services (AWS) CloudWatch log forwarding add-on services on Red Hat OpenShift Service on AWS (ROSA).

The AWS CloudWatch log forwarding service on ROSA has the following approximate log throughput rates. Message rates greater than these can result in dropped log messages.

Table 1. Approximate log throughput rates
Message size (bytes) Maximum expected rate (messages/second/node)

512

1,000

1,024

650

2,048

450

Install the logging add-on service

Red Hat OpenShift Service on AWS (ROSA) provides logging through the cluster-logging-operator add-on. This add-on service offers an optional application log forwarding solution based on AWS CloudWatch. This logging solution can be installed after the ROSA cluster is provisioned.

Procedure
  1. Enter the following command:

    $ rosa install addon cluster-logging-operator --cluster=<cluster_name> --interactive

    For <cluster_name>, enter the name of your cluster.

  2. When prompted, accept the default yes to install the cluster-logging-operator.

  3. When prompted, accept the default yes to install the optional Amazon CloudWatch log forwarding add-on or enter no to decline the installation of this add-on.

    It is not necessary to install the AWS CloudWatch service when you install the cluster-logging-operator. You can install the AWS CloudWatch service at any time through the OpenShift Cluster Manager (OCM) console from the cluster’s Add-ons tab.

  4. For the collection of applications, infrastructure, and audit logs, accept the default values or change them as needed:

    • Applications logs: Lets the Operator collect application logs, which includes everything that is not deployed in the openshift-, kube-, and default namespaces. Default: yes

    • Infrastructure logs: Lets the Operator collect logs from OpenShift Container Platform, Kubernetes, and some nodes. Default: yes

    • Audit logs: Type yes to let the Operator collect node logs related to security audits. By default, Red Hat stores audit logs outside the cluster through a separate mechanism that does not rely on the Cluster Logging Operator. For more information about default audit logging, see the ROSA Service Definition. Default: no

  5. For the Amazon CloudWatch region, use the default cluster region, leave the Cloudwatch region value empty.

    Example output
    ? Are you sure you want to install add-on 'cluster-logging-operator' on cluster '<cluster_name>'? Yes
    ? Use AWS CloudWatch (optional): Yes
    ? Collect Applications logs (optional): Yes
    ? Collect Infrastructure logs (optional): Yes
    ? Collect Audit logs (optional): No
    ? CloudWatch region (optional):
    I: Add-on 'cluster-logging-operator' is now installing. To check the status run 'rosa list addons --cluster=<cluster_name>'

The installation can take approximately 10 minutes to complete.

Verification steps
  1. To verify the logging installation status, enter the following command:

    $ rosa list addons --cluster=<cluster_name>
  2. To verify which pods are deployed by cluster-logging-operator and their state of readiness:

    1. Log in to the oc CLI using cluster-admin credentials:

      $ oc login https://api.mycluster.abwp.s1.example.org:6443 \
         --username cluster-admin
         --password <password>
    2. Enter the following command to get information about the pods for the default project. Alternatively, you can specify a different project.

      $ oc get pods -n openshift-logging
      Example output
      NAME                                        READY         STATUS      RESTARTS   AGE
      cluster-logging-operator-<pod_ID  >         2/2           Running     0          7m1s
      fluentd-4mnwp                               1/1           Running     0          6m3s
      fluentd-6xt25                               1/1           Running     0          6m3s
      fluentd-fqjhv                               1/1           Running     0          6m3s
      fluentd-gcvrg                               1/1           Running     0          6m3s
      fluentd-vpwrt                               1/1           Running     0          6m3s
  3. Optional: To get information about the clusterlogging instance, enter the following command:

    $ oc get clusterlogging -n openshift-logging
  4. Optional: To get information about clusterlogforwarders instances, enter the following command:

    $ oc get clusterlogforwarders -n openshift-logging

Additional resources