14.2.4 ConfigMapの作成

次のステップを実行して、ELKのKubernetes ConfigMapを作成します:

1. elk.crtファイルを$WORKDIR/kubernetes/elasticsearch-and-kibanaディレクトリにコピーします。
2. $WORKDIR/kubernetes/elasticsearch-and-kibanaディレクトリに移動し、次を実行します:

   kubectl create configmap elk-cert --from-file=elk.crt -n <namespace>
   

   例:

   kubectl create configmap elk-cert --from-file=elk.crt -n oamns
   

   出力は次のようになります:

   configmap/elk-cert created
   

3. 次のように、logstash_cm.yamlファイルを$WORKDIR/kubernetes/elasticsearch-and-kibanaディレクトリに作成します:

   apiVersion: v1
   kind: ConfigMap
   metadata:
     name: oam-logstash-configmap
     namespace: <ELKNS>
   data:
     logstash.yml: |
     #http.host: "0.0.0.0"
     logstash-config.conf: |
       input {
        file {
           path => "<Log Home>/**/logs/AdminServer*.log"
           tags => "Adminserver_log"
           start_position => beginning
         }
         file {
           path => "<Log Home>/**/logs/oam_policy_mgr*.log"
           tags => "Policymanager_log"
           start_position => beginning
         }
         file {
           path => "<Log Home>/**/logs/oam_server*.log"
           tags => "Oamserver_log"
           start_position => beginning
         }
         file {
           path => "<Domain Home>/servers/AdminServer/logs/AdminServer-diagnostic.log"
           tags => "Adminserver_diagnostic"
           start_position => beginning
         }
         file {
           path => "<Domain Home>/servers/**/logs/oam_policy_mgr*-diagnostic.log"
           tags => "Policy_diagnostic"
           start_position => beginning
         }
         file {
         path => "<Domain Home>/servers/AdminServer/logs/auditlogs/OAM/audit.log"
         tags => "Audit_logs"
         start_position => beginning
         }
       }
       filter {
         grok {
           match => [ "message", "<%{DATA:log_timestamp}> <%{WORD:log_level}> <%{WORD:thread}> <%{HOSTNAME:hostname}> <%{HOSTNAME:servername}> <%{DATA:timer}> <<%{DATA:kernel}>> <> <%{DATA:uuid}> <%{NUMBER:timestamp}> <%{DATA:misc}> <%{DATA:log_number}> <%{DATA:log_message}>" ]
         }
       if "_grokparsefailure" in [tags] {
           mutate {
               remove_tag => [ "_grokparsefailure" ]
           }
       }
       }
       output {
         elasticsearch {
       hosts => ["<ELK_HOSTS>"]
       cacert => '/usr/share/logstash/config/certs/elk.crt'
       index => "oamlogs-000001"
       ssl => true
       ssl_certificate_verification => false
       user => "<ELK_USER>"
       password => "${ELASTICSEARCH_PASSWORD}"
       api_key => "${ELASTICSEARCH_PASSWORD}"
         }
       }
   

   前述のファイルの値を次のように変更します:
   • <ELKNS>、<ELK_HOSTS>、<ELK_SSL>および<ELK_USER>を、「この項で使用する変数」の値と一致するように変更します。
   • <Log Home>および<Domain Home>を、「必要なドメイン詳細の検索」で返されたLog HomeおよびDomain Homeと一致するように変更します。
   • ELK認証にAPI KEYを使用する場合は、user行とpassword行を削除します。
   • ELK認証にパスワードを使用する場合は、api_key行を削除します。
   • ELKに認証を使用しない場合は、user行、password行およびapi_key行を削除します。
   例:

   apiVersion: v1
   kind: ConfigMap
   metadata:
     name: oam-logstash-configmap
     namespace: oamns
   data:
     logstash.yml: |
     #http.host: "0.0.0.0"
     logstash-config.conf: |
       input {
        file {
           path => "/u01/oracle/user_projects/domains/logs/accessdomain/**/logs/AdminServer*.log"
           tags => "Adminserver_log"
           start_position => beginning
         }
         file {
           path => "/u01/oracle/user_projects/domains/logs/accessdomain/**/logs/oam_policy_mgr*.log"
           tags => "Policymanager_log"
           start_position => beginning
         }
         file {
           path => "/u01/oracle/user_projects/domains/logs/accessdomain/**/logs/oam_server*.log"
           tags => "Oamserver_log"
           start_position => beginning
         }
         file {
           path => "/u01/oracle/user_projects/domains/accessdomain/servers/AdminServer/logs/AdminServer-diagnostic.log"
           tags => "Adminserver_diagnostic"
           start_position => beginning
         }
         file {
           path => "/u01/oracle/user_projects/domains/accessdomain/servers/**/logs/oam_policy_mgr*-diagnostic.log"
           tags => "Policy_diagnostic"
           start_position => beginning
         }
         file {
         path => "/u01/oracle/user_projects/domains/accessdomain/servers/AdminServer/logs/auditlogs/OAM/audit.log"
         tags => "Audit_logs"
         start_position => beginning
         }
       }
       filter {
         grok {
           match => [ "message", "<%{DATA:log_timestamp}> <%{WORD:log_level}> <%{WORD:thread}> <%{HOSTNAME:hostname}> <%{HOSTNAME:servername}> <%{DATA:timer}> <<%{DATA:kernel}>> <> <%{DATA:uuid}> <%{NUMBER:timestamp}> <%{DATA:misc}> <%{DATA:log_number}> <%{DATA:log_message}>" ]
         }
       if "_grokparsefailure" in [tags] {
           mutate {
               remove_tag => [ "_grokparsefailure" ]
           }
       }
       }
       output {
         elasticsearch {
       hosts => ["https://elasticsearch.example.com:9200"]
       cacert => '/usr/share/logstash/config/certs/elk.crt'
       index => "oamlogs-000001"
       ssl => true
       ssl_certificate_verification => false
       user => "logstash_internal"
       password => "${ELASTICSEARCH_PASSWORD}"
         }
       }
   

4. 次のコマンドを実行して、ConfigMapを作成します:

    kubectl apply -f logstash_cm.yaml
   

   出力は次のようになります:

   configmap/oam-logstash-configmap created