I want to redirect OpenShift logs from several clusters to a central loki server (loki.example.com).
Important: A specific certificate authority (CA) is associated with the loki.example.com server https certificate.
With OCP 4.14 I had the following configuration:
apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
name: instance
namespace: openshift-logging
spec:
outputs:
- name: remoteloki
type: loki
url: 'https://loki.example.com:3100'
pipelines:
- inputRefs:
- application
- infrastructure
outputRefs:
- remoteloki
- defaultI migrated to OCP 4.16.
I created the collector service account and added the cluster roles (logging-collector-logs-writer, collect-application-logs, etc) to it.
However, the new equivalent configuration doesn't work:
kind: ClusterLogForwarder
apiVersion: observability.openshift.io/v1
metadata:
name: collector
namespace: openshift-logging
annotations:
observability.openshift.io/log-level: warn
spec:
serviceAccount:
name: collector
outputs:
- name: default-lokistack
type: lokiStack
lokiStack:
target:
name: logging-loki
namespace: openshift-logging
authentication:
token:
from: serviceAccount
tls:
ca:
key: service-ca.crt
configMapName: openshift-service-ca.crt
- name: remoteloki
type: loki
url: 'https://loki.example.com:3100'
pipelines:
- name: default-logstore
inputRefs:
- application
- infrastructure
outputRefs:
- remoteloki
- default-lokistackI get the following error message:
The ClusterLogForwarder "collector" is invalid: spec.outputs[1]: Invalid value: "object": Additional type specific spec is required for the output type
As there is no example of this kind of simple configuration anywhere, I'm asking you to help me.
Today, I'm stuck in 5.9.13 and can't upgrade to new versions without loosing features.
I want to redirect OpenShift logs from several clusters to a central loki server (loki.example.com).
Important: A specific certificate authority (CA) is associated with the loki.example.com server https certificate.
With OCP 4.14 I had the following configuration:
I migrated to OCP 4.16.
I created the collector service account and added the cluster roles (logging-collector-logs-writer, collect-application-logs, etc) to it.
However, the new equivalent configuration doesn't work:
I get the following error message:
The ClusterLogForwarder "collector" is invalid: spec.outputs[1]: Invalid value: "object": Additional type specific spec is required for the output type
As there is no example of this kind of simple configuration anywhere, I'm asking you to help me.
Today, I'm stuck in 5.9.13 and can't upgrade to new versions without loosing features.