An operator to support OKD aggregated cluster logging. Cluster logging configuration information is found in the configuration documentation.
The CLO (Cluster Logging Operator) provides a set of APIs to control collection and forwarding of logs from all pods and nodes in a cluster. This includes application logs (from regular pods), infrastructure logs (from system pods and node logs), and audit logs (special node logs with legal/security implications)
The CLO does not collect or forward logs itself: it starts, configures, monitors and manages the components that do the work.
CLO currently uses:
-
Vector as collector/forwarder
-
Loki as store
-
Openshift console for visualization.
(Still supports fluentd, elasticsearch and kibana for compatibility)
The goal is to encapsulate those technologies behind APIs so that:
-
The user has less to learn, and has a simpler experience to control logging.
-
These technologies can be replaced in the future without affecting the user experience.
The CLO can also forward logs over multiple protocols, to multiple types of log stores, on- or off-cluster
The CLO owns the following APIs:
-
ClusterLogging: Top level control of cluster-wide logging resources
-
ClusterLogForwarder: Configure forwarding of logs to external sources
To install a released version of cluster logging see the Openshift Documentation, (e.g., OCP v4.5)
To experiment or contribute to the development of cluster logging, see the hacking and review documentation
To debug the cluster logging stack, see README.md
To find currently known Cluster Logging Operator issues with work-arounds, see the Troubleshooting guide.