logging
Install this demo on an existing Kubernetes cluster:
$ stackablectl demo install logging
System requirements
To run this demo, your system needs at least:
-
6.5 cpu units (core/hyperthread)
-
5GiB memory
-
27GiB disk storage
OpenSearch prerequisites
MacOS and Windows
If you use MacOS or Windows and use Docker to run Kubernetes, set the RAM to at least 4 GB in Preferences > Resources.
Linux
OpenSearch uses a mmapfs directory by default to store its indices. The default operating system limits on mmap counts
are likely too low - usually 65530, which may result in out-of-memory exceptions. So, the Linux setting
vm.max_map_count
on the host machine where the containers are running must be set to at least 262144.
This is automatically set by default in this demo (via the setSysctlMaxMapCount
Stack parameter).
OpenSearch has more information about this setting in their documentation.
Overview
This demo will
-
Install the required Stackable operators.
-
Spin up the following data products:
-
Apache ZooKeeper: A centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. This demo makes its log data observable in OpenSearch Dashboards.
-
Vector: A tool for building observability pipelines. This demo uses Vector as a log agent to gather and transform the logs and as an aggregator to forward the collected logs to OpenSearch.
-
OpenSearch: A data store and search engine. This demo uses it to store and index the log data.
-
OpenSearch Dashboards: A visualization and user interface. This demo uses it to make the log data easily accessible to the user.
-
-
Create a view in OpenSearch Dashboards to conveniently browse the log data.
You can see the deployed products and their relationship in the following diagram:
List the deployed Stackable services
To list the installed Stackable services run the following command:
$ stackablectl stacklet list
┌───────────────────────┬───────────────────────┬───────────┬───────────────────────────────┬─────────────────────────────────┐
│ PRODUCT ┆ NAME ┆ NAMESPACE ┆ ENDPOINTS ┆ CONDITIONS │
╞═══════════════════════╪═══════════════════════╪═══════════╪═══════════════════════════════╪═════════════════════════════════╡
│ zookeeper ┆ simple-zk ┆ default ┆ ┆ Available, Reconciling, Running │
├╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌┼╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌┼╌╌╌╌╌╌╌╌╌╌╌┼╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌┼╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌┤
│ opensearch-dashboards ┆ opensearch-dashboards ┆ default ┆ http http://172.18.0.2:30595 ┆ │
└───────────────────────┴───────────────────────┴───────────┴───────────────────────────────┴─────────────────────────────────┘
When a product instance has not finished starting yet, the service will have no endpoint. Depending on your internet connectivity, creating all the product instances might take considerable time. A warning might be shown if the product is not ready yet. |
Inspect the log data
You can have a look at the log data within the OpenSearch Dashboards web interface by running
stackablectl stacklet list
and opening the URL in the opensearch-dashboard entry’s info column. In this case, it is
http://172.18.0.2:30595.
Log in with the username admin
and password adminadmin
.
On first login, you will be presented with some options. Feel free to bypass them to get to the logs. |
Select the Global
tenant to have access to the pre-configured vector-*
index pattern.
Click Discover in the menu on the left to view the recent logs. If you do not see anything, increase the search window to greater than Last 15 minutes.
From here you can inspect the logs. You can select fields on the left side to limit the view to interesting information.