Skip to content

maci0/openshift-rsyslog

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 

Repository files navigation

openshift-rsyslog

Setup Project

# oadm new-project rsyslog --node-selector=""
$ oc project rsyslog

Set SCC

The rsyslog pods need to run privileged in order to access certain system resources.

  • /etc/machine-id - read

  • /etc/hostname - read

  • /etc/localtime - read

  • /var/log - read/write

  • /run/log - read/write

As system:admin do the following:

# oadm policy add-scc-to-user privileged system:serviceaccount:rsyslog:default

Grant DaemonSet ClusterRole (Optional)

If you are using a different user than admin, you have to grant a daemonset clusterrole.

As Admin, create a dedicated cluster role:

cat <<EOF | oc create -f -
apiVersion: v1
kind: ClusterRole
metadata:
  name: system:daemonset-admin
rules:
- resources:
  - daemonsets
  apiGroups:
  - extensions
  verbs:
  - create
  - get
  - list
  - watch
  - delete
  - update
EOF

Grant the daemonset cluster role to your user in the right namespace

# oadm policy add-role-to-user system:daemonset-admin [email protected] -n rsyslog

Create DaemonSet

$ oc create -f ds-rsyslog.yaml

Create ConfigMap

The config map contains an additional configuration file that will be placed in /etc/rsyslog.d/. This file contains the remote logging server address.

$ oc create -f cm-rsyslog.yaml

Example

root@master:~$ oadm new-project rsyslog --node-selector=""
Created project rsyslog

root@master:~$ oc project rsyslog
Already on project "rsyslog" on server "https://master.manage.bm.chmouel.com:8443".

root@master:~$ oadm policy add-scc-to-user privileged system:serviceaccount:rsyslog:default

root@master:~$ oc create -f ds-rsyslog.yaml
daemonset "rsyslog" created

root@master:~$ oc create -f cm-rsyslog.yaml
configmap "rsyslog-config-cm" created

root@master:~$ oc get po
NAME            READY     STATUS    RESTARTS   AGE
rsyslog-acuhj   1/1       Running   0          1m
rsyslog-mvqkc   1/1       Running   0          1m
rsyslog-o2fmf   1/1       Running   0          1m

root@master:~$ oc rsh rsyslog-acuhj ls -la /etc/rsyslog.d
total 4
drwxrwxrwx.  3 root root   78 Sep 14 08:13 .
drwxr-xr-x. 49 root root 4096 Sep 14 08:13 ..
drwxr-xr-x.  2 root root   27 Sep 14 08:13 ..9989_14_09_08_13_25.009400751
lrwxrwxrwx.  1 root root   31 Sep 14 08:13 ..data -> ..9989_14_09_08_13_25.009400751
lrwxrwxrwx.  1 root root   21 Sep 14 08:13 container.conf -> ..data/container.conf

root@master:~$ oc rsh rsyslog-acuhj cat /etc/rsyslog.d/container.conf
*.* @remote-log-host.example.org

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published