Kibana and OpenShift

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

External

Internal

Configuration

The external URL of the Kibana can be configured in the master configuration file, so it is made accessible from the console.

Components

OAuth2 Proxy

The Kibana OAuth2 Proxy for the Kibana console must share a secret with the master host's OAuth2 server - if the secrets are not identical on both nodes, the user will experience a login loop.

Kibana

Operations

Logging

Access Logging

oc logs -f <kibana-pod-name> -c kibana-proxy
oc logs -f logging-kibana-1-d4bw2 -c kibana-proxy

Main Kibana Process Logging

oc logs -f <kibana-pod-name> -c kibana
oc logs -f logging-kibana-1-d4bw2 -c kibana

Scale Up

oc scale dc/logging-kibana --replicas=2

To make sure the scale persists across multiple executions of the logging playbook, update the 'openshift_logging_kibana_replica_count' in the inventory file.

Troubleshooting

Login loop troubleshooting:

Connect into the kibana container and attempt to establish a connection to ElasticSearch:

curl https://logging-es:9200/ --capath /etc/kibana/keys --key /etc/kibana/keys/key