diff --git a/.cruft.json b/.cruft.json index 12d154e..321f781 100644 --- a/.cruft.json +++ b/.cruft.json @@ -1,13 +1,13 @@ { "template": "https://github.com/projectsyn/commodore-component-template.git", - "commit": "8840f87d25d97ce0d4bfed75d40173caaf4100fc", + "commit": "ff9d5a839714344345b76be069ea23e39e580f38", "checkout": "main", "context": { "cookiecutter": { "name": "OpenShift4 Logging", "slug": "openshift4-logging", "parameter_key": "openshift4_logging", - "test_cases": "defaults master elasticsearch multilineerr forwardingonly legacy", + "test_cases": "defaults master multilineerr forwardingonly", "add_lib": "n", "add_pp": "n", "add_golden": "y", diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 647a541..9209929 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -33,12 +33,9 @@ jobs: matrix: instance: - defaults - - release-5.4 - master - - elasticsearch - multilineerr - forwardingonly - - legacy defaults: run: working-directory: ${{ env.COMPONENT_NAME }} @@ -55,10 +52,8 @@ jobs: instance: - defaults - master - - elasticsearch - multilineerr - forwardingonly - - legacy defaults: run: working-directory: ${{ env.COMPONENT_NAME }} diff --git a/Makefile.vars.mk b/Makefile.vars.mk index 538e4d0..1c67426 100644 --- a/Makefile.vars.mk +++ b/Makefile.vars.mk @@ -57,4 +57,4 @@ KUBENT_IMAGE ?= ghcr.io/doitintl/kube-no-trouble:latest KUBENT_DOCKER ?= $(DOCKER_CMD) $(DOCKER_ARGS) $(root_volume) --entrypoint=/app/kubent $(KUBENT_IMAGE) instance ?= defaults -test_instances = tests/defaults.yml tests/master.yml tests/elasticsearch.yml tests/multilineerr.yml tests/forwardingonly.yml tests/legacy.yml +test_instances = tests/defaults.yml tests/master.yml tests/multilineerr.yml tests/forwardingonly.yml diff --git a/tests/elasticsearch.yml b/tests/elasticsearch.yml deleted file mode 100644 index 8532afe..0000000 --- a/tests/elasticsearch.yml +++ /dev/null @@ -1,35 +0,0 @@ -applications: - - openshift4-operators as openshift-operators-redhat - - openshift4-monitoring - -parameters: - kapitan: - dependencies: - - type: https - source: https://raw.githubusercontent.com/appuio/component-openshift4-operators/v1.0.2/lib/openshift4-operators.libsonnet - output_path: vendor/lib/openshift4-operators.libsonnet - - type: https - source: https://raw.githubusercontent.com/appuio/component-openshift4-monitoring/v2.9.0/lib/openshift4-monitoring-alert-patching.libsonnet - output_path: vendor/lib/alert-patching.libsonnet - compile: - - input_type: jsonnet - input_paths: - - tests/console-patch.jsonnet - output_path: console-patching/ - - openshift4_operators: - defaultInstallPlanApproval: Automatic - defaultSource: openshift-operators-redhat - defaultSourceNamespace: openshift-operators-redhat - - openshift4_logging: - components: - lokistack: - enabled: false - elasticsearch: - enabled: true - clusterLogging: - collection: - type: fluentd - logStore: - type: elasticsearch diff --git a/tests/golden/elasticsearch/openshift4-logging/apps/openshift4-logging.yaml b/tests/golden/elasticsearch/openshift4-logging/apps/openshift4-logging.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/tests/golden/elasticsearch/openshift4-logging/console-patching/openshift4_console_params.yaml b/tests/golden/elasticsearch/openshift4-logging/console-patching/openshift4_console_params.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/00_namespace.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/00_namespace.yaml deleted file mode 100644 index 1b27cf9..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/00_namespace.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: - openshift.io/node-selector: '' - labels: - name: openshift-logging - openshift.io/cluster-monitoring: 'true' - name: openshift-logging diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/10_operator_group.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/10_operator_group.yaml deleted file mode 100644 index ff11675..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/10_operator_group.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - annotations: {} - labels: - name: cluster-logging - name: cluster-logging - namespace: openshift-logging -spec: - targetNamespaces: - - openshift-logging diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/20_subscriptions.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/20_subscriptions.yaml deleted file mode 100644 index f78b501..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/20_subscriptions.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: {} - labels: - name: cluster-logging - name: cluster-logging - namespace: openshift-logging -spec: - channel: stable-5.9 - config: - resources: - limits: - memory: 256Mi - requests: - cpu: 10m - memory: 128Mi - installPlanApproval: Automatic - name: cluster-logging - source: redhat-operators - sourceNamespace: openshift-operators-redhat ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: {} - labels: - name: elasticsearch-operator - name: elasticsearch-operator - namespace: openshift-operators-redhat -spec: - channel: stable-5.8 - config: - resources: - limits: - memory: 1.5Gi - requests: - cpu: 100m - memory: 1Gi - installPlanApproval: Automatic - name: elasticsearch-operator - source: openshift-operators-redhat - sourceNamespace: openshift-operators-redhat diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/30_cluster_logging.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/30_cluster_logging.yaml deleted file mode 100644 index 6481164..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/30_cluster_logging.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: logging.openshift.io/v1 -kind: ClusterLogging -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: instance - name: instance - namespace: openshift-logging -spec: - collection: - type: fluentd - logStore: - elasticsearch: - nodeCount: 3 - nodeSelector: - node-role.kubernetes.io/infra: '' - redundancyPolicy: SingleRedundancy - storage: - size: 200Gi - retentionPolicy: - application: - maxAge: 7d - pruneNamespacesInterval: 15m - audit: - maxAge: 30d - pruneNamespacesInterval: 15m - infra: - maxAge: 30d - pruneNamespacesInterval: 15m - type: elasticsearch - managementState: Managed - visualization: - kibana: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - type: kibana diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/40_es_machineconfig.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/40_es_machineconfig.yaml deleted file mode 100644 index fa0c76d..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/40_es_machineconfig.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - annotations: {} - labels: - machineconfiguration.openshift.io/role: master - name: 40-master-journald - name: 40-master-journald -spec: - config: - ignition: - version: 2.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,TWF4UmV0ZW50aW9uU2VjPTFtb250aApSYXRlTGltaXRCdXJzdD0xMDAwMApSYXRlTGltaXRJbnRlcnZhbD0xcwpTdG9yYWdlPXBlcnNpc3RlbnQKU3luY0ludGVydmFsU2VjPTFzCg== - filesystem: root - mode: 420 - path: /etc/systemd/journald.conf ---- -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - annotations: {} - labels: - machineconfiguration.openshift.io/role: worker - name: 40-worker-journald - name: 40-worker-journald -spec: - config: - ignition: - version: 2.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,TWF4UmV0ZW50aW9uU2VjPTFtb250aApSYXRlTGltaXRCdXJzdD0xMDAwMApSYXRlTGltaXRJbnRlcnZhbD0xcwpTdG9yYWdlPXBlcnNpc3RlbnQKU3luY0ludGVydmFsU2VjPTFzCg== - filesystem: root - mode: 420 - path: /etc/systemd/journald.conf diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/40_es_netpol.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/40_es_netpol.yaml deleted file mode 100644 index f96b35f..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/40_es_netpol.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - annotations: {} - labels: - name: allow-from-openshift-operators-redhat - name: allow-from-openshift-operators-redhat -spec: - ingress: - - from: - - namespaceSelector: - matchLabels: - name: openshift-operators-redhat - - podSelector: - matchLabels: - name: elasticsearch-operator - podSelector: {} - policyTypes: - - Ingress diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/60_collector_alerts.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/60_collector_alerts.yaml deleted file mode 100644 index 268663f..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/60_collector_alerts.yaml +++ /dev/null @@ -1,127 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - annotations: {} - labels: - name: syn-collector-rules - name: syn-collector-rules - namespace: openshift-logging -spec: - groups: - - name: logging_collector.alerts - rules: - - alert: SYN_CollectorNodeDown - annotations: - message: Prometheus could not scrape {{ $labels.namespace }}/{{ $labels.pod - }} collector component for more than 10m. - summary: Collector cannot be scraped - expr: | - up{app_kubernetes_io_component = "collector", app_kubernetes_io_part_of = "cluster-logging"} == 0 - for: 10m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_CollectorHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.001 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_CollectorVeryHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are very high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.05 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchDeprecation - annotations: - message: The OpenShift Elasticsearch Operator is deprecated and is planned - to be removed in a future release. Red Hat provides bug fixes and support - for this feature during the current release lifecycle, but this feature - no longer receives enhancements. As an alternative to using the OpenShift - Elasticsearch Operator to manage the default log storage, you can use - the Loki Operator. - summary: Detected Elasticsearch as the in-cluster storage which is deprecated - and will be removed in a future release. - expr: | - sum(kube_pod_labels{namespace="openshift-logging",label_component='elasticsearch'}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: storage - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_FluentdDeprecation - annotations: - message: Fluentd is deprecated and is planned to be removed in a future - release. Red Hat provides bug fixes and support for this feature during - the current release lifecycle, but this feature no longer receives enhancements. - As an alternative to Fluentd, you can use Vector instead. - summary: Detected Fluentd as the collector which is deprecated and will - be removed in a future release. - expr: | - sum(kube_pod_labels{namespace="openshift-logging", label_implementation='fluentd', label_app_kubernetes_io_managed_by="cluster-logging-operator"}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: collector - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_KibanaDeprecation - annotations: - message: The Kibana web console is now deprecated and is planned to be - removed in a future logging release. - summary: Detected Kibana as the visualization which is deprecated and - will be removed in a future release. - expr: | - sum(kube_pod_labels{namespace="openshift-logging",label_component='kibana'}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: visualization - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_DiskBufferUsage - annotations: - message: 'Collectors potentially consuming too much node disk, {{ $value - }}% ' - summary: Detected consuming too much node disk on $labels.hostname host - expr: "(label_replace(sum by(hostname) (vector_buffer_byte_size{component_kind='sink',\ - \ buffer_type='disk'}), 'instance', '$1', 'hostname', '(.*)') \n/ on(instance)\ - \ group_left() sum by(instance) (node_filesystem_size_bytes{mountpoint='/var'}))\ - \ * 100 > 15\n" - for: 5m - labels: - service: collector - severity: Warning - syn: 'true' - syn_component: openshift4-logging diff --git a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/60_elasticsearch_alerts.yaml b/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/60_elasticsearch_alerts.yaml deleted file mode 100644 index ab921b9..0000000 --- a/tests/golden/elasticsearch/openshift4-logging/openshift4-logging/60_elasticsearch_alerts.yaml +++ /dev/null @@ -1,204 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - annotations: {} - labels: - name: syn-elasticsearch-logging-rules - name: syn-elasticsearch-logging-rules - namespace: openshift-logging -spec: - groups: - - name: logging_elasticsearch.alerts - rules: - - alert: SYN_ElasticsearchClusterNotHealthy - annotations: - message: Cluster {{ $labels.cluster }} health status has been RED for - at least 7m. Cluster does not accept writes, shards may be missing or - master node hasn't been elected yet. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Cluster-Health-is-Red - summary: Cluster health status is RED - expr: | - sum by (cluster) (es_cluster_status == 2) - for: 7m - labels: - namespace: openshift-logging - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchClusterNotHealthy - annotations: - message: Cluster {{ $labels.cluster }} health status has been YELLOW for - at least 20m. Some shard replicas are not allocated. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Cluster-Health-is-Yellow - summary: Cluster health status is YELLOW - expr: | - sum by (cluster) (es_cluster_status == 1) - for: 20m - labels: - namespace: openshift-logging - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchWriteRequestsRejectionJumps - annotations: - message: High Write Rejection Ratio at {{ $labels.node }} node in {{ $labels.cluster - }} cluster. This node may not be keeping up with the indexing speed. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Write-Requests-Rejection-Jumps - summary: High Write Rejection Ratio - {{ $value }}% - expr: | - round( writing:reject_ratio:rate2m * 100, 0.001 ) > 5 - for: 10m - labels: - namespace: openshift-logging - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchNodeDiskWatermarkReached - annotations: - message: Disk High Watermark Reached at {{ $labels.pod }} pod. Some shards - will be re-allocated to different nodes if possible. Make sure more - disk space is added to the node or drop old indices allocated to this - node. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Node-Disk-High-Watermark-Reached - summary: Disk High Watermark Reached - disk saturation is {{ $value }}% - expr: | - sum by (instance, pod) ( - round( - (1 - ( - es_fs_path_available_bytes / - es_fs_path_total_bytes - ) - ) * 100, 0.001) - ) > on(instance, pod) es_cluster_routing_allocation_disk_watermark_high_pct - for: 5m - labels: - namespace: openshift-logging - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchNodeDiskWatermarkReached - annotations: - message: Disk Flood Stage Watermark Reached at {{ $labels.pod }}. Every - index having a shard allocated on this node is enforced a read-only - block. The index block must be released manually when the disk utilization - falls below the high watermark. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Node-Disk-Flood-Watermark-Reached - summary: Disk Flood Stage Watermark Reached - disk saturation is {{ $value - }}% - expr: | - sum by (instance, pod) ( - round( - (1 - ( - es_fs_path_available_bytes / - es_fs_path_total_bytes - ) - ) * 100, 0.001) - ) > on(instance, pod) es_cluster_routing_allocation_disk_watermark_flood_stage_pct - for: 5m - labels: - namespace: openshift-logging - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchDiskSpaceRunningLow - annotations: - message: Cluster {{ $labels.cluster }} is predicted to be out of disk - space within the next 6h. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Disk-Space-is-Running-Low - summary: Cluster low on disk space - expr: | - sum(predict_linear(es_fs_path_available_bytes[6h], 6 * 3600)) < 0 - for: 1h - labels: - namespace: openshift-logging - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchNodeDiskWatermarkReached - annotations: - message: Disk Low Watermark is predicted to be reached within the next - 6h at {{ $labels.pod }} pod. Shards can not be allocated to this node - anymore. You should consider adding more disk to the node. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Node-Disk-Low-Watermark-Reached - summary: Disk Low Watermark is predicted to be reached within next 6h. - expr: | - sum by (instance, pod) ( - round( - (1 - ( - predict_linear(es_fs_path_available_bytes[3h], 6 * 3600) / - predict_linear(es_fs_path_total_bytes[3h], 6 * 3600) - ) - ) * 100, 0.001) - ) > on(instance, pod) es_cluster_routing_allocation_disk_watermark_low_pct - for: 1h - labels: - namespace: openshift-logging - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchNodeDiskWatermarkReached - annotations: - message: Disk High Watermark is predicted to be reached within the next - 6h at {{ $labels.pod }} pod. Some shards will be re-allocated to different - nodes if possible. Make sure more disk space is added to the node or - drop old indices allocated to this node. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Node-Disk-High-Watermark-Reached - summary: Disk High Watermark is predicted to be reached within next 6h. - expr: | - sum by (instance, pod) ( - round( - (1 - ( - predict_linear(es_fs_path_available_bytes[3h], 6 * 3600) / - predict_linear(es_fs_path_total_bytes[3h], 6 * 3600) - ) - ) * 100, 0.001) - ) > on(instance, pod) es_cluster_routing_allocation_disk_watermark_high_pct - for: 1h - labels: - namespace: openshift-logging - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchNodeDiskWatermarkReached - annotations: - message: Disk Flood Stage Watermark is predicted to be reached within - the next 6h at {{ $labels.pod }}. Every index having a shard allocated - on this node is enforced a read-only block. The index block must be - released manually when the disk utilization falls below the high watermark. - runbook_url: https://github.com/openshift/elasticsearch-operator/blob/master/docs/alerts.md#Elasticsearch-Node-Disk-Flood-Watermark-Reached - summary: Disk Flood Stage Watermark is predicted to be reached within - next 6h. - expr: | - sum by (instance, pod) ( - round( - (1 - ( - predict_linear(es_fs_path_available_bytes[3h], 6 * 3600) / - predict_linear(es_fs_path_total_bytes[3h], 6 * 3600) - ) - ) * 100, 0.001) - ) > on(instance, pod) es_cluster_routing_allocation_disk_watermark_flood_stage_pct - for: 1h - labels: - namespace: openshift-logging - severity: warning - syn: 'true' - syn_component: openshift4-logging - - name: elasticsearch_node_storage.alerts - rules: - - alert: SYN_ElasticsearchExpectNodeToReachDiskWatermark - annotations: - message: Expecting to reach disk low watermark at {{ $labels.node }} node - in {{ $labels.cluster }} cluster in 72 hours. When reaching the watermark - no new shards will be allocated to this node anymore. You should consider - adding more disk to the node. - runbook_url: https://hub.syn.tools/openshift4-logging/runbooks/SYN_ElasticsearchExpectNodeToReachDiskWatermark.html - summary: Expecting to Reach Disk Low Watermark in 72 Hours - expr: | - sum by(cluster, instance, node) ( - (1 - (predict_linear(es_fs_path_available_bytes[72h], 259200) / es_fs_path_total_bytes)) * 100 - ) > 85 - for: 6h - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging diff --git a/tests/golden/legacy/openshift4-logging/apps/openshift4-logging.yaml b/tests/golden/legacy/openshift4-logging/apps/openshift4-logging.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/tests/golden/legacy/openshift4-logging/console-patching/openshift4_console_params.yaml b/tests/golden/legacy/openshift4-logging/console-patching/openshift4_console_params.yaml deleted file mode 100644 index f71555a..0000000 --- a/tests/golden/legacy/openshift4-logging/console-patching/openshift4_console_params.yaml +++ /dev/null @@ -1,3 +0,0 @@ -config: - plugins: - - logging-view-plugin diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/00_namespace.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/00_namespace.yaml deleted file mode 100644 index 1b27cf9..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/00_namespace.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: - openshift.io/node-selector: '' - labels: - name: openshift-logging - openshift.io/cluster-monitoring: 'true' - name: openshift-logging diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/10_operator_group.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/10_operator_group.yaml deleted file mode 100644 index ff11675..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/10_operator_group.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - annotations: {} - labels: - name: cluster-logging - name: cluster-logging - namespace: openshift-logging -spec: - targetNamespaces: - - openshift-logging diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/20_subscriptions.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/20_subscriptions.yaml deleted file mode 100644 index 1f0b7ad..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/20_subscriptions.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: {} - labels: - name: cluster-logging - name: cluster-logging - namespace: openshift-logging -spec: - channel: stable-5.9 - config: - resources: - limits: - memory: 256Mi - requests: - cpu: 10m - memory: 128Mi - installPlanApproval: Automatic - name: cluster-logging - source: redhat-operators - sourceNamespace: openshift-operators-redhat ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: {} - labels: - name: loki-operator - name: loki-operator - namespace: openshift-operators-redhat -spec: - channel: stable-5.9 - config: - resources: - limits: - memory: 512Mi - requests: - cpu: 50m - memory: 381Mi - installPlanApproval: Automatic - name: loki-operator - source: openshift-operators-redhat - sourceNamespace: openshift-operators-redhat diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/30_cluster_logging.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/30_cluster_logging.yaml deleted file mode 100644 index 307f0ca..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/30_cluster_logging.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: logging.openshift.io/v1 -kind: ClusterLogging -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: instance - name: instance - namespace: openshift-logging -spec: - collection: - type: vector - logStore: - lokistack: - name: loki - type: lokistack - managementState: Managed diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/31_cluster_logforwarding.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/31_cluster_logforwarding.yaml deleted file mode 100644 index 69c1e22..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/31_cluster_logforwarding.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: logging.openshift.io/v1 -kind: ClusterLogForwarder -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: instance - name: instance - namespace: openshift-logging -spec: - inputs: - - application: - namespaces: - - app-one - - app-two - name: my-apps - outputs: - - name: custom-forwarder - type: syslog - - elasticsearch: - version: 8 - name: my-other-forwarder - type: elasticsearch - pipelines: - - inputRefs: - - application - name: application-logs - outputRefs: - - my-other-forwarder - - default - - my-forwarder - parse: json - - detectMultilineErrors: true - inputRefs: - - infrastructure - name: infrastructure-logs - outputRefs: - - default - parse: json - - inputRefs: - - my-apps - name: my-apps - outputRefs: - - custom-forwarder - parse: json diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_stack.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_stack.yaml deleted file mode 100644 index 259068c..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_stack.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: loki.grafana.com/v1 -kind: LokiStack -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: loki - name: loki -spec: - limits: - global: - ingestion: - ingestionBurstSize: 9 - ingestionRate: 5 - size: 1x.demo - storage: - schemas: - - effectiveDate: '2022-06-01' - version: v12 - - effectiveDate: '2024-09-01' - version: v13 - secret: - name: loki-logstore - type: s3 - storageClassName: '' - template: - compactor: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 1 - distributor: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - gateway: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - indexGateway: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - ingester: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - querier: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - queryFrontend: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - ruler: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 1 - tenants: - mode: openshift-logging diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/60_collector_alerts.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/60_collector_alerts.yaml deleted file mode 100644 index 268663f..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/60_collector_alerts.yaml +++ /dev/null @@ -1,127 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - annotations: {} - labels: - name: syn-collector-rules - name: syn-collector-rules - namespace: openshift-logging -spec: - groups: - - name: logging_collector.alerts - rules: - - alert: SYN_CollectorNodeDown - annotations: - message: Prometheus could not scrape {{ $labels.namespace }}/{{ $labels.pod - }} collector component for more than 10m. - summary: Collector cannot be scraped - expr: | - up{app_kubernetes_io_component = "collector", app_kubernetes_io_part_of = "cluster-logging"} == 0 - for: 10m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_CollectorHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.001 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_CollectorVeryHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are very high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.05 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchDeprecation - annotations: - message: The OpenShift Elasticsearch Operator is deprecated and is planned - to be removed in a future release. Red Hat provides bug fixes and support - for this feature during the current release lifecycle, but this feature - no longer receives enhancements. As an alternative to using the OpenShift - Elasticsearch Operator to manage the default log storage, you can use - the Loki Operator. - summary: Detected Elasticsearch as the in-cluster storage which is deprecated - and will be removed in a future release. - expr: | - sum(kube_pod_labels{namespace="openshift-logging",label_component='elasticsearch'}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: storage - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_FluentdDeprecation - annotations: - message: Fluentd is deprecated and is planned to be removed in a future - release. Red Hat provides bug fixes and support for this feature during - the current release lifecycle, but this feature no longer receives enhancements. - As an alternative to Fluentd, you can use Vector instead. - summary: Detected Fluentd as the collector which is deprecated and will - be removed in a future release. - expr: | - sum(kube_pod_labels{namespace="openshift-logging", label_implementation='fluentd', label_app_kubernetes_io_managed_by="cluster-logging-operator"}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: collector - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_KibanaDeprecation - annotations: - message: The Kibana web console is now deprecated and is planned to be - removed in a future logging release. - summary: Detected Kibana as the visualization which is deprecated and - will be removed in a future release. - expr: | - sum(kube_pod_labels{namespace="openshift-logging",label_component='kibana'}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: visualization - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_DiskBufferUsage - annotations: - message: 'Collectors potentially consuming too much node disk, {{ $value - }}% ' - summary: Detected consuming too much node disk on $labels.hostname host - expr: "(label_replace(sum by(hostname) (vector_buffer_byte_size{component_kind='sink',\ - \ buffer_type='disk'}), 'instance', '$1', 'hostname', '(.*)') \n/ on(instance)\ - \ group_left() sum by(instance) (node_filesystem_size_bytes{mountpoint='/var'}))\ - \ * 100 > 15\n" - for: 5m - labels: - service: collector - severity: Warning - syn: 'true' - syn_component: openshift4-logging diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml b/tests/golden/legacy/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml deleted file mode 100644 index 65a573e..0000000 --- a/tests/golden/legacy/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml +++ /dev/null @@ -1,225 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - annotations: {} - labels: - name: syn-loki-logging-rules - name: syn-loki-logging-rules - namespace: openshift-logging -spec: - groups: - - name: logging_loki.alerts - rules: - - alert: SYN_LokiRequestErrors - annotations: - message: '{{ $labels.job }} {{ $labels.route }} is experiencing {{ printf - "%.2f" $value }}% errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Request-Errors - summary: At least 10% of requests are responded by 5xx server errors. - expr: | - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m{status_code=~"5.."} - ) by (job, namespace, route) - / - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m - ) by (job, namespace, route) - * 100 - > 10 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStackWriteRequestErrors - annotations: - message: '{{ printf "%.2f" $value }}% of write requests from {{ $labels.job - }} in {{ $labels.namespace }} are returned with server errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#LokiStack-Write-Request-Errors - summary: At least 10% of write requests to the lokistack-gateway are responded - with 5xx server errors. - expr: | - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{code=~"5..", handler="push"} - ) by (job, namespace) - / - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{handler="push"} - ) by (job, namespace) - * 100 - > 10 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStackReadRequestErrors - annotations: - message: '{{ printf "%.2f" $value }}% of query requests from {{ $labels.job - }} in {{ $labels.namespace }} are returned with server errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#LokiStack-Read-Request-Errors - summary: At least 10% of query requests to the lokistack-gateway are responded - with 5xx server errors. - expr: | - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{code=~"5..", handler=~"query|query_range|label|labels|label_values"} - ) by (job, namespace) - / - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{handler=~"query|query_range|label|labels|label_values"} - ) by (job, namespace) - * 100 - > 10 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiRequestPanics - annotations: - message: '{{ $labels.job }} is experiencing an increase of {{ $value }} - panics.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Request-Panics - summary: A panic was triggered. - expr: | - sum( - increase( - loki_panic_total[10m] - ) - ) by (job, namespace) - > 0 - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiRequestLatency - annotations: - message: '{{ $labels.job }} {{ $labels.route }} is experiencing {{ printf - "%.2f" $value }}s 99th percentile latency.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Request-Latency - summary: The 99th percentile is experiencing high latency (higher than - 1 second). - expr: | - histogram_quantile(0.99, - sum( - irate( - loki_request_duration_seconds_bucket{route!~"(?i).*tail.*"}[1m] - ) - ) by (job, le, namespace, route) - ) - > 1 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiTenantRateLimit - annotations: - message: '{{ $labels.job }} {{ $labels.route }} is experiencing 429 errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Tenant-Rate-Limit - summary: At least 10% of requests are responded with the rate limit error - code. - expr: | - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m{status_code="429"} - ) by (job, namespace, route) - / - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m - ) by (job, namespace, route) - * 100 - > 10 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStorageSlowWrite - annotations: - message: The storage path is experiencing slow write response rates. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Storage-Slow-Write - summary: The storage path is experiencing slow write response rates. - expr: | - histogram_quantile(0.99, - sum( - job_le_namespace_operation:loki_boltdb_shipper_request_duration_seconds_bucket:rate5m{operation="WRITE"} - ) by (job, le, namespace) - ) - > 1 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStorageSlowRead - annotations: - message: The storage path is experiencing slow read response rates. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Storage-Slow-Read - summary: The storage path is experiencing slow read response rates. - expr: | - histogram_quantile(0.99, - sum( - job_le_namespace_operation:loki_boltdb_shipper_request_duration_seconds_bucket:rate5m{operation="Shipper.Query"} - ) by (job, le, namespace) - ) - > 5 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiWritePathHighLoad - annotations: - message: The write path is experiencing high load. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Write-Path-High-Load - summary: The write path is experiencing high load, causing backpressure - storage flushing. - expr: | - sum( - loki_ingester_wal_replay_flushing - ) by (job, namespace) - > 0 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiReadPathHighLoad - annotations: - message: The read path is experiencing high load. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Read-Path-High-Load - summary: The read path has high volume of queries, causing longer response - times. - expr: | - histogram_quantile(0.99, - sum( - rate( - loki_logql_querystats_latency_seconds_bucket[5m] - ) - ) by (job, le, namespace) - ) - > 30 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokistackSchemaUpgradesRequired - annotations: - message: |- - The LokiStack "{{ $labels.stack_name }}" in namespace "{{ $labels.stack_namespace }}" is using a storage schema - configuration that does not contain the latest schema version. It is recommended to update the schema - configuration to update the schema version to the latest version in the future. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Lokistack-Schema-Upgrades-Required - summary: One or more of the deployed LokiStacks contains an outdated storage - schema configuration. - expr: | - sum ( - lokistack_status_condition{reason="StorageNeedsSchemaUpdate",status="true"} - ) by (stack_namespace, stack_name) - > 0 - for: 1m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging diff --git a/tests/golden/lokistack/openshift4-logging/apps/openshift4-logging.yaml b/tests/golden/lokistack/openshift4-logging/apps/openshift4-logging.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/tests/golden/lokistack/openshift4-logging/console-patching/openshift4_console_params.yaml b/tests/golden/lokistack/openshift4-logging/console-patching/openshift4_console_params.yaml deleted file mode 100644 index f71555a..0000000 --- a/tests/golden/lokistack/openshift4-logging/console-patching/openshift4_console_params.yaml +++ /dev/null @@ -1,3 +0,0 @@ -config: - plugins: - - logging-view-plugin diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/00_namespace.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/00_namespace.yaml deleted file mode 100644 index 1b27cf9..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/00_namespace.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: - openshift.io/node-selector: '' - labels: - name: openshift-logging - openshift.io/cluster-monitoring: 'true' - name: openshift-logging diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/10_operator_group.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/10_operator_group.yaml deleted file mode 100644 index ff11675..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/10_operator_group.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - annotations: {} - labels: - name: cluster-logging - name: cluster-logging - namespace: openshift-logging -spec: - targetNamespaces: - - openshift-logging diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/20_subscriptions.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/20_subscriptions.yaml deleted file mode 100644 index 2c1caee..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/20_subscriptions.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: {} - labels: - name: cluster-logging - name: cluster-logging - namespace: openshift-logging -spec: - channel: stable-5.8 - config: - resources: - limits: - memory: 256Mi - requests: - cpu: 10m - memory: 128Mi - installPlanApproval: Automatic - name: cluster-logging - source: redhat-operators - sourceNamespace: openshift-operators-redhat ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: {} - labels: - name: loki-operator - name: loki-operator - namespace: openshift-operators-redhat -spec: - channel: stable-5.8 - config: - resources: - limits: - memory: 512Mi - requests: - cpu: 50m - memory: 381Mi - installPlanApproval: Automatic - name: loki-operator - source: openshift-operators-redhat - sourceNamespace: openshift-operators-redhat diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/30_cluster_logging.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/30_cluster_logging.yaml deleted file mode 100644 index 2ef6ec2..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/30_cluster_logging.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: logging.openshift.io/v1 -kind: ClusterLogging -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: instance - name: instance - namespace: openshift-logging -spec: - collection: - type: fluentd - logStore: - lokistack: - name: loki - retentionPolicy: - application: - maxAge: 7d - pruneNamespacesInterval: 15m - audit: - maxAge: 30d - pruneNamespacesInterval: 15m - infra: - maxAge: 30d - pruneNamespacesInterval: 15m - type: lokistack - managementState: Managed diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_logstore.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_logstore.yaml deleted file mode 100644 index 77d8c18..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_logstore.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -data: {} -kind: Secret -metadata: - annotations: {} - labels: - name: loki-logstore - name: loki-logstore -stringData: - access_key_id: '' - access_key_secret: '' - bucketnames: c-green-test-1234-logstore - endpoint: '' -type: Opaque diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_netpol.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_netpol.yaml deleted file mode 100644 index f2cd3bb..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_netpol.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - annotations: {} - labels: - name: allow-console-logging-view-plugin - name: allow-console-logging-view-plugin -spec: - ingress: - - from: - - podSelector: - matchLabels: - app: console - component: ui - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: openshift-console - ports: - - port: 9443 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/created-by: openshift-logging_instance - app.kubernetes.io/name: logging-view-plugin - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - annotations: {} - labels: - name: allow-console-logging-lokistack-gateway - name: allow-console-logging-lokistack-gateway -spec: - ingress: - - from: - - podSelector: - matchLabels: - app: console - component: ui - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: openshift-console - ports: - - port: 8080 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/component: lokistack-gateway - app.kubernetes.io/instance: loki - app.kubernetes.io/name: lokistack - policyTypes: - - Ingress diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_rbac.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_rbac.yaml deleted file mode 100644 index d5dde59..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_rbac.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: {} - labels: - name: syn-loki-cluster-reader - rbac.authorization.k8s.io/aggregate-to-cluster-reader: 'true' - name: syn:loki:cluster-reader -rules: - - apiGroups: - - loki.grafana.com - resourceNames: - - logs - resources: - - application - - infrastructure - verbs: - - get diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_stack.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_stack.yaml deleted file mode 100644 index d61e352..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/50_loki_stack.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: loki.grafana.com/v1 -kind: LokiStack -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: loki - name: loki -spec: - limits: - global: - ingestion: - ingestionBurstSize: 9 - ingestionRate: 5 - size: 1x.demo - storage: - schemas: - - effectiveDate: '2022-06-01' - version: v12 - secret: - name: loki-logstore - type: s3 - storageClassName: '' - template: - compactor: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 1 - distributor: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - gateway: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - indexGateway: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - ingester: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - querier: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - queryFrontend: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 2 - ruler: - nodeSelector: - node-role.kubernetes.io/infra: '' - replicas: 1 - tenants: - mode: openshift-logging diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/60_collector_alerts.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/60_collector_alerts.yaml deleted file mode 100644 index 11efa15..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/60_collector_alerts.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - annotations: {} - labels: - name: syn-collector-rules - name: syn-collector-rules - namespace: openshift-logging -spec: - groups: - - name: logging_collector.alerts - rules: - - alert: SYN_CollectorNodeDown - annotations: - message: Prometheus could not scrape {{ $labels.namespace }}/{{ $labels.pod - }} collector component for more than 10m. - summary: Collector cannot be scraped - expr: | - up{app_kubernetes_io_component = "collector", app_kubernetes_io_part_of = "cluster-logging"} == 0 - for: 10m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_CollectorHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.001 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_CollectorVeryHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are very high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.05 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging diff --git a/tests/golden/lokistack/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml b/tests/golden/lokistack/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml deleted file mode 100644 index f56e623..0000000 --- a/tests/golden/lokistack/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml +++ /dev/null @@ -1,206 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - annotations: {} - labels: - name: syn-loki-logging-rules - name: syn-loki-logging-rules - namespace: openshift-logging -spec: - groups: - - name: logging_loki.alerts - rules: - - alert: SYN_LokiRequestErrors - annotations: - message: '{{ $labels.job }} {{ $labels.route }} is experiencing {{ printf - "%.2f" $value }}% errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Request-Errors - summary: At least 10% of requests are responded by 5xx server errors. - expr: | - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m{status_code=~"5.."} - ) by (job, namespace, route) - / - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m - ) by (job, namespace, route) - * 100 - > 10 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStackWriteRequestErrors - annotations: - message: '{{ printf "%.2f" $value }}% of write requests from {{ $labels.job - }} in {{ $labels.namespace }} are returned with server errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#LokiStack-Write-Request-Errors - summary: At least 10% of write requests to the lokistack-gateway are responded - with 5xx server errors. - expr: | - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{code=~"5..", handler="push"} - ) by (job, namespace) - / - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{handler="push"} - ) by (job, namespace) - * 100 - > 10 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStackReadRequestErrors - annotations: - message: '{{ printf "%.2f" $value }}% of query requests from {{ $labels.job - }} in {{ $labels.namespace }} are returned with server errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#LokiStack-Read-Request-Errors - summary: At least 10% of query requests to the lokistack-gateway are responded - with 5xx server errors. - expr: | - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{code=~"5..", handler=~"query|query_range|label|labels|label_values"} - ) by (job, namespace) - / - sum( - code_handler_job_namespace:lokistack_gateway_http_requests:irate1m{handler=~"query|query_range|label|labels|label_values"} - ) by (job, namespace) - * 100 - > 10 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiRequestPanics - annotations: - message: '{{ $labels.job }} is experiencing an increase of {{ $value }} - panics.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Request-Panics - summary: A panic was triggered. - expr: | - sum( - increase( - loki_panic_total[10m] - ) - ) by (job, namespace) - > 0 - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiRequestLatency - annotations: - message: '{{ $labels.job }} {{ $labels.route }} is experiencing {{ printf - "%.2f" $value }}s 99th percentile latency.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Request-Latency - summary: The 99th percentile is experiencing high latency (higher than - 1 second). - expr: | - histogram_quantile(0.99, - sum( - irate( - loki_request_duration_seconds_bucket{route!~"(?i).*tail.*"}[1m] - ) - ) by (job, le, namespace, route) - ) - > 1 - for: 15m - labels: - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiTenantRateLimit - annotations: - message: '{{ $labels.job }} {{ $labels.route }} is experiencing 429 errors.' - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Tenant-Rate-Limit - summary: At least 10% of requests are responded with the rate limit error - code. - expr: | - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m{status_code="429"} - ) by (job, namespace, route) - / - sum( - job_namespace_route_statuscode:loki_request_duration_seconds_count:irate1m - ) by (job, namespace, route) - * 100 - > 10 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStorageSlowWrite - annotations: - message: The storage path is experiencing slow write response rates. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Storage-Slow-Write - summary: The storage path is experiencing slow write response rates. - expr: | - histogram_quantile(0.99, - sum( - job_le_namespace_operation:loki_boltdb_shipper_request_duration_seconds_bucket:rate5m{operation="WRITE"} - ) by (job, le, namespace) - ) - > 1 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiStorageSlowRead - annotations: - message: The storage path is experiencing slow read response rates. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Storage-Slow-Read - summary: The storage path is experiencing slow read response rates. - expr: | - histogram_quantile(0.99, - sum( - job_le_namespace_operation:loki_boltdb_shipper_request_duration_seconds_bucket:rate5m{operation="Shipper.Query"} - ) by (job, le, namespace) - ) - > 5 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiWritePathHighLoad - annotations: - message: The write path is experiencing high load. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Write-Path-High-Load - summary: The write path is experiencing high load, causing backpressure - storage flushing. - expr: | - sum( - loki_ingester_wal_replay_flushing - ) by (job, namespace) - > 0 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_LokiReadPathHighLoad - annotations: - message: The read path is experiencing high load. - runbook_url: https://github.com/grafana/loki/blob/main/operator/docs/lokistack/sop.md#Loki-Read-Path-High-Load - summary: The read path has high volume of queries, causing longer response - times. - expr: | - histogram_quantile(0.99, - sum( - rate( - loki_logql_querystats_latency_seconds_bucket[5m] - ) - ) by (job, le, namespace) - ) - > 30 - for: 15m - labels: - severity: warning - syn: 'true' - syn_component: openshift4-logging diff --git a/tests/golden/master/openshift4-logging/apps/openshift4-logging.yaml b/tests/golden/master/openshift4-logging/apps/openshift4-logging.yaml index e69de29..6825b97 100644 --- a/tests/golden/master/openshift4-logging/apps/openshift4-logging.yaml +++ b/tests/golden/master/openshift4-logging/apps/openshift4-logging.yaml @@ -0,0 +1,4 @@ +spec: + syncPolicy: + syncOptions: + - ServerSideApply=true diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/00_namespace.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/00_namespace.yaml index 1b27cf9..4c91e3c 100644 --- a/tests/golden/master/openshift4-logging/openshift4-logging/00_namespace.yaml +++ b/tests/golden/master/openshift4-logging/openshift4-logging/00_namespace.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Namespace metadata: annotations: + argocd.argoproj.io/sync-wave: '-100' openshift.io/node-selector: '' labels: name: openshift-logging diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/10_operator_group.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/10_operator_group.yaml index b72498d..52f645d 100644 --- a/tests/golden/master/openshift4-logging/openshift4-logging/10_operator_group.yaml +++ b/tests/golden/master/openshift4-logging/openshift4-logging/10_operator_group.yaml @@ -1,9 +1,9 @@ apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: - annotations: {} + annotations: + argocd.argoproj.io/sync-wave: '-90' labels: name: cluster-logging name: cluster-logging namespace: openshift-logging -spec: {} diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/20_subscriptions.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/20_subscriptions.yaml index 750966b..59a6100 100644 --- a/tests/golden/master/openshift4-logging/openshift4-logging/20_subscriptions.yaml +++ b/tests/golden/master/openshift4-logging/openshift4-logging/20_subscriptions.yaml @@ -1,7 +1,8 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: - annotations: {} + annotations: + argocd.argoproj.io/sync-wave: '-80' labels: name: cluster-logging name: cluster-logging @@ -23,7 +24,8 @@ spec: apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: - annotations: {} + annotations: + argocd.argoproj.io/sync-wave: '-80' labels: name: loki-operator name: loki-operator diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/30_cluster_logging.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/30_cluster_logging.yaml deleted file mode 100644 index 307f0ca..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/30_cluster_logging.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: logging.openshift.io/v1 -kind: ClusterLogging -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: instance - name: instance - namespace: openshift-logging -spec: - collection: - type: vector - logStore: - lokistack: - name: loki - type: lokistack - managementState: Managed diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_logstore.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/30_loki_logstore.yaml similarity index 100% rename from tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_logstore.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/30_loki_logstore.yaml diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_netpol.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/30_loki_netpol.yaml similarity index 100% rename from tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_netpol.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/30_loki_netpol.yaml diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_rbac.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/30_loki_rbac.yaml similarity index 100% rename from tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_rbac.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/30_loki_rbac.yaml diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_stack.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/30_loki_stack.yaml similarity index 97% rename from tests/golden/master/openshift4-logging/openshift4-logging/50_loki_stack.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/30_loki_stack.yaml index 259068c..f859742 100644 --- a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_stack.yaml +++ b/tests/golden/master/openshift4-logging/openshift4-logging/30_loki_stack.yaml @@ -3,6 +3,7 @@ kind: LokiStack metadata: annotations: argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: '-50' labels: name: loki name: loki diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_logforwarding.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_logforwarding.yaml deleted file mode 100644 index f9b4483..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_logforwarding.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: logging.openshift.io/v1 -kind: ClusterLogForwarder -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: bar - name: bar - namespace: foo -spec: - inputs: - - application: - namespaces: - - app-one - - app-two - name: my-apps - outputs: - - name: custom-forwarder - type: syslog - pipelines: - - inputRefs: - - my-apps - name: my-apps - outputRefs: - - custom-forwarder - serviceAccountName: ueli ---- -apiVersion: logging.openshift.io/v1 -kind: ClusterLogForwarder -metadata: - annotations: - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - name: hands - name: hands - namespace: jazz -spec: - outputs: - - name: splunk-forwarder - secret: - name: splunk-forwarder - type: fluentdForward - url: tls://splunk-forwarder:24224 - pipelines: - - inputRefs: - - application - name: application-logs - outputRefs: - - splunk-forwarder - serviceAccountName: hands diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_rolebinding.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_rolebinding.yaml deleted file mode 100644 index 14a605e..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_rolebinding.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: {} - labels: - name: ueli - name: ueli - namespace: foo -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: collect-application-logs -subjects: - - kind: ServiceAccount - name: ueli - namespace: foo ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: {} - labels: - name: hands - name: hands - namespace: jazz -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: collect-application-logs -subjects: - - kind: ServiceAccount - name: hands - namespace: jazz diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_serviceaccount.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_serviceaccount.yaml deleted file mode 100644 index fc3c944..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/32_namespace_serviceaccount.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: ueli - name: ueli - namespace: foo ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: hands - name: hands - namespace: jazz diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/31_cluster_logforwarding.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/40_log_forwarder.yaml similarity index 95% rename from tests/golden/master/openshift4-logging/openshift4-logging/31_cluster_logforwarding.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/40_log_forwarder.yaml index 6ed51d1..c0417ea 100644 --- a/tests/golden/master/openshift4-logging/openshift4-logging/31_cluster_logforwarding.yaml +++ b/tests/golden/master/openshift4-logging/openshift4-logging/40_log_forwarder.yaml @@ -1,4 +1,4 @@ -apiVersion: logging.openshift.io/v1 +apiVersion: observability.openshift.io/v1 kind: ClusterLogForwarder metadata: annotations: diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_logreader_fix.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_fix_app_logs_reader.yaml similarity index 100% rename from tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_logreader_fix.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/50_fix_app_logs_reader.yaml diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_ingester_fix.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_fix_ingester_stuck.yaml similarity index 100% rename from tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_ingester_fix.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/50_fix_ingester_stuck.yaml diff --git a/tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_operator_metrics_token.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_fix_missing_metrics_token.yaml similarity index 100% rename from tests/golden/legacy/openshift4-logging/openshift4-logging/50_loki_operator_metrics_token.yaml rename to tests/golden/master/openshift4-logging/openshift4-logging/50_fix_missing_metrics_token.yaml diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_ingester_fix.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_ingester_fix.yaml deleted file mode 100644 index dcca6fb..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_ingester_fix.yaml +++ /dev/null @@ -1,153 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: loki-ingester-check - name: loki-ingester-check - namespace: openshift-logging ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - annotations: {} - labels: - name: loki-ingester-check - name: loki-ingester-check - namespace: openshift-logging -rules: - - apiGroups: - - '' - resources: - - pods - - pods/exec - verbs: - - get - - list - - watch - - create - - delete - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: {} - labels: - name: loki-ingester-check - name: loki-ingester-check - namespace: openshift-logging -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: loki-ingester-check -subjects: - - kind: ServiceAccount - name: loki-ingester-check ---- -apiVersion: v1 -data: - wal-check.sh: | - #!/bin/bash - - set -e -o pipefail - - # Check if pod is in stuck state. - function check_pod() { - POD_NAME="loki-ingester-${1}" - echo "checking POD ${POD_NAME}" - PHASE=$(kubectl -n openshift-logging get po ${POD_NAME} -oyaml | yq '.status.phase') - if [ ${PHASE} != "Running" ]; then - return 0 - fi - READY=$(kubectl -n openshift-logging get po ${POD_NAME} -oyaml | yq '.status.conditions[] | select(.type == "ContainersReady") | .status') - if [ ${READY} == "True" ]; then - return 0 - fi - return 1 - } - - # Check directories of pod and remove non-existing checkpoint if present. - function check_dir() { - shopt -s extglob - POD_NAME="loki-ingester-${1}" - echo "checking DIR ${POD_NAME}" - DIR_CHP=$(kubectl -n openshift-logging exec -i ${POD_NAME} -- ls /tmp/wal | grep -o "^checkpoint\.[0-9]*$") - PATTERN=$(echo ${DIR_CHP} | sed 's/[^0-9]*//g') - DIR_WAL=$(kubectl -n openshift-logging exec -i ${POD_NAME} -- ls /tmp/wal | grep -o "^0*${PATTERN}$" || exit 0) - if [ -z $DIR_WAL ]; then - kubectl -n openshift-logging exec -i ${POD_NAME} -- rm -rf /tmp/wal/${DIR_CHP} - kubectl -n openshift-logging delete po ${POD_NAME} - fi - } - - # Check if pods are in stuck state for longer than ${SLEEP_TIME}. - # Only fix 1 pod at a time and immediatly exit if it is fixed. - function fix_pod() { - if ! check_pod $1; then - echo "stuck POD, waiting ${SLEEP_TIME}" - sleep ${SLEEP_TIME} - if ! check_pod $1; then - check_dir $1 - exit 0 - fi - fi - } - - fix_pod 0 - fix_pod 1 - - exit 0 -kind: ConfigMap -metadata: - annotations: {} - labels: - name: loki-ingester-check - name: loki-ingester-check - namespace: openshift-logging ---- -apiVersion: batch/v1 -kind: CronJob -metadata: - annotations: {} - labels: - name: loki-ingester-check - name: loki-ingester-check - namespace: openshift-logging -spec: - concurrencyPolicy: Forbid - failedJobsHistoryLimit: 0 - jobTemplate: - spec: - activeDeadlineSeconds: 360 - backoffLimit: 1 - template: - spec: - containers: - - command: - - /usr/local/bin/wal-check.sh - env: - - name: SLEEP_TIME - value: 2m - image: quay.io/appuio/oc:v4.14 - imagePullPolicy: IfNotPresent - name: check-pod - ports: [] - stdin: false - tty: false - volumeMounts: - - mountPath: /usr/local/bin/wal-check.sh - name: wal-check - readOnly: true - subPath: wal-check.sh - nodeSelector: - node-role.kubernetes.io/infra: '' - restartPolicy: Never - serviceAccountName: loki-ingester-check - volumes: - - configMap: - defaultMode: 364 - name: loki-ingester-check - name: wal-check - schedule: '*/10 * * * *' diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_logreader_fix.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_logreader_fix.yaml deleted file mode 100644 index 5e7989d..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_logreader_fix.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: {} - labels: - name: logging-application-logs-reader-aggregate - rbac.authorization.k8s.io/aggregate-to-admin: 'true' - name: logging-application-logs-reader-aggregate -rules: - - apiGroups: - - loki.grafana.com - resourceNames: - - logs - resources: - - application - verbs: - - get diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_logstore.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_logstore.yaml deleted file mode 100644 index 77d8c18..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_logstore.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -data: {} -kind: Secret -metadata: - annotations: {} - labels: - name: loki-logstore - name: loki-logstore -stringData: - access_key_id: '' - access_key_secret: '' - bucketnames: c-green-test-1234-logstore - endpoint: '' -type: Opaque diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_netpol.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_netpol.yaml deleted file mode 100644 index f2cd3bb..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_netpol.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - annotations: {} - labels: - name: allow-console-logging-view-plugin - name: allow-console-logging-view-plugin -spec: - ingress: - - from: - - podSelector: - matchLabels: - app: console - component: ui - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: openshift-console - ports: - - port: 9443 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/created-by: openshift-logging_instance - app.kubernetes.io/name: logging-view-plugin - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - annotations: {} - labels: - name: allow-console-logging-lokistack-gateway - name: allow-console-logging-lokistack-gateway -spec: - ingress: - - from: - - podSelector: - matchLabels: - app: console - component: ui - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: openshift-console - ports: - - port: 8080 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/component: lokistack-gateway - app.kubernetes.io/instance: loki - app.kubernetes.io/name: lokistack - policyTypes: - - Ingress diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_operator_metrics_token.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_operator_metrics_token.yaml deleted file mode 100644 index 0b86fe6..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_operator_metrics_token.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - annotations: - argocd.argoproj.io/sync-options: Prune=false,Delete=false - kubernetes.io/service-account.name: loki-operator-controller-manager-metrics-reader - labels: - name: loki-operator-controller-manager-metrics-token - name: loki-operator-controller-manager-metrics-token - namespace: openshift-operators-redhat -type: kubernetes.io/service-account-token diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_rbac.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_rbac.yaml deleted file mode 100644 index d5dde59..0000000 --- a/tests/golden/master/openshift4-logging/openshift4-logging/50_loki_rbac.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: {} - labels: - name: syn-loki-cluster-reader - rbac.authorization.k8s.io/aggregate-to-cluster-reader: 'true' - name: syn:loki:cluster-reader -rules: - - apiGroups: - - loki.grafana.com - resourceNames: - - logs - resources: - - application - - infrastructure - verbs: - - get diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/60_collector_alerts.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/60_collector_alerts.yaml index 19adca5..2c6ddb1 100644 --- a/tests/golden/master/openshift4-logging/openshift4-logging/60_collector_alerts.yaml +++ b/tests/golden/master/openshift4-logging/openshift4-logging/60_collector_alerts.yaml @@ -12,7 +12,7 @@ spec: rules: - alert: SYN_CollectorNodeDown annotations: - message: Prometheus could not scrape {{ $labels.namespace }}/{{ $labels.pod + description: Prometheus could not scrape {{ $labels.namespace }}/{{ $labels.pod }} collector component for more than 10m. summary: Collector cannot be scraped expr: | @@ -23,97 +23,10 @@ spec: severity: critical syn: 'true' syn_component: openshift4-logging - - alert: SYN_CollectorHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.001 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_CollectorVeryHighErrorRate - annotations: - message: '{{ $value }}% of records have resulted in an error by {{ $labels.namespace - }}/{{ $labels.pod }} collector component.' - summary: '{{ $labels.namespace }}/{{ $labels.pod }} collector component - errors are very high' - expr: | - 100 * ( - collector:log_num_errors:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - / - collector:received_events:sum_rate{app_kubernetes_io_part_of = "cluster-logging"} - ) > 0.05 - for: 15m - labels: - service: collector - severity: critical - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_ElasticsearchDeprecation - annotations: - message: In Red Hat OpenShift Logging Operator 6.0, support for the Red - Hat Elasticsearch Operator has been removed. Bug fixes and support are - provided only through the end of the 5.9 lifecycle. As an alternative - to the Elasticsearch Operator, you can use the Loki Operator instead. - summary: Detected Elasticsearch as the in-cluster storage, which has been - removed in 6.0 release - expr: | - sum(kube_pod_labels{namespace="openshift-logging",label_component='elasticsearch'}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: storage - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_FluentdDeprecation - annotations: - message: In Red Hat OpenShift Logging Operator 6.0, support for Fluentd - as a collector has been removed. Bug fixes and support are provided - only through the end of the 5.9 lifecycle. As an alternative to Fluentd, - you can use the Vector collector instead. - summary: Detected Fluentd as the collector, which has been removed in - a 6.0 release - expr: | - sum(kube_pod_labels{namespace="openshift-logging", label_implementation='fluentd', label_app_kubernetes_io_managed_by="cluster-logging-operator"}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: collector - severity: Warning - syn: 'true' - syn_component: openshift4-logging - - alert: SYN_KibanaDeprecation - annotations: - message: In Red Hat OpenShift Logging Operator 6.0, support for Kibana - as a data visualization dashboard has been removed. Bug fixes and support - are provided only through the end of the 5.9 lifecycle. As an alternative - to Kibana, you can use the Grafana Dashboard instead. - summary: Detected Kibana as the log data visualization, which has been - removed in the 6.0 release - expr: | - sum(kube_pod_labels{namespace="openshift-logging",label_component='kibana'}) > 0 - for: 5m - labels: - namespace: openshift-logging - service: visualization - severity: Warning - syn: 'true' - syn_component: openshift4-logging - alert: SYN_DiskBufferUsage annotations: - message: 'Collectors potentially consuming too much node disk, {{ $value - }}% ' + description: 'Collectors potentially consuming too much node disk, {{ + $value }}% ' summary: Detected consuming too much node disk on $labels.hostname host expr: "(label_replace(sum by(hostname) (vector_buffer_byte_size{component_kind='sink',\ \ buffer_type='disk'}), 'instance', '$1', 'hostname', '(.*)') \n/ on(instance)\ diff --git a/tests/golden/master/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml b/tests/golden/master/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml index 65a573e..4f6c7da 100644 --- a/tests/golden/master/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml +++ b/tests/golden/master/openshift4-logging/openshift4-logging/60_lokistack_alerts.yaml @@ -204,6 +204,27 @@ spec: severity: warning syn: 'true' syn_component: openshift4-logging + - alert: SYN_LokiDiscardedSamplesWarning + annotations: + message: |- + Loki in namespace {{ $labels.namespace }} is discarding samples in the "{{ $labels.tenant }}" tenant during ingestion. + Samples are discarded because of "{{ $labels.reason }}" at a rate of {{ .Value | humanize }} samples per second. + runbook_url: '[[ .RunbookURL]]#Loki-Discarded-Samples-Warning' + summary: Loki is discarding samples during ingestion because they fail + validation. + expr: | + sum by(namespace, tenant, reason) ( + irate(loki_discarded_samples_total{ + reason!="rate_limited", + reason!="per_stream_rate_limit", + reason!="stream_limit"}[2m]) + ) + > 0 + for: 15m + labels: + severity: warning + syn: 'true' + syn_component: openshift4-logging - alert: SYN_LokistackSchemaUpgradesRequired annotations: message: |- diff --git a/tests/legacy.yml b/tests/legacy.yml deleted file mode 100644 index 7d5565b..0000000 --- a/tests/legacy.yml +++ /dev/null @@ -1,57 +0,0 @@ -applications: - - openshift4-operators as openshift-operators-redhat - - openshift4-monitoring - -parameters: - kapitan: - dependencies: - - type: https - source: https://raw.githubusercontent.com/appuio/component-openshift4-operators/v1.0.2/lib/openshift4-operators.libsonnet - output_path: vendor/lib/openshift4-operators.libsonnet - - type: https - source: https://raw.githubusercontent.com/appuio/component-openshift4-monitoring/v2.9.0/lib/openshift4-monitoring-alert-patching.libsonnet - output_path: vendor/lib/alert-patching.libsonnet - compile: - - input_type: jsonnet - input_paths: - - tests/console-patch.jsonnet - output_path: console-patching/ - - openshift4_operators: - defaultInstallPlanApproval: Automatic - defaultSource: openshift-operators-redhat - defaultSourceNamespace: openshift-operators-redhat - - openshift4_logging: - clusterLogForwarding: - enabled: true - forwarders: - custom-forwarder: - type: syslog - my-other-forwarder: - type: elasticsearch - elasticsearch: - version: 8 - namespace_groups: - my-apps: - namespaces: - - app-one - - app-two - forwarders: - - custom-forwarder - json: true - json: - enabled: true - application_logs: - json: true - forwarders: - - my-other-forwarder - infrastructure_logs: - json: true - detectMultilineErrors: true - - clusterLogForwarder: - pipelines: - application-logs: - outputRefs: - - my-forwarder diff --git a/tests/master.yml b/tests/master.yml index b73f496..cc30938 100644 --- a/tests/master.yml +++ b/tests/master.yml @@ -24,7 +24,6 @@ parameters: openshift4_logging: channel: 'stable' - alerts: 'master' clusterLogForwarder: inputs: @@ -50,6 +49,9 @@ parameters: outputRefs: - custom-forwarder + alerts: + release: 'master' + secrets: my-secret: stringData: