{"id":33360,"date":"2018-05-29T20:12:25","date_gmt":"2018-05-29T17:12:25","guid":{"rendered":"https:\/\/www.altoros.com\/blog\/?p=33360"},"modified":"2018-07-23T13:07:41","modified_gmt":"2018-07-23T10:07:41","slug":"using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments","status":"publish","type":"post","link":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/","title":{"rendered":"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_79_2 counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#The_need_for_a_unified_logging_tool\" >The need for a unified logging tool<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#Whats_Logsearch\" >What&#8217;s Logsearch?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#What_logs_can_you_monitor\" >What logs can you monitor?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#How_it_works\" >How it works<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#Related_slides\" >Related slides<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#Further_reading\" >Further reading<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#About_the_experts\" >About the experts<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"The_need_for_a_unified_logging_tool\"><\/span>The need for a unified logging tool<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Logging is the first step in troubleshooting any kind of software deployment. In Cloud Foundry, the default means of retrieving logs is using the <code style=\"color: #222222; background-color: #e6e6e6; padding: 1px 2px;\">cf logs<\/code> command. This way, however, there is no user interface, which makes logging quite inconvenient.<\/p>\n<p>In addition, the retention period of Cloud Foundry logs is set to a mere 24 hours. While this can be extended with manual configuration, it is not the most convenient method for managing logs.<\/p>\n<p>When a log retention period expires, developers can no longer access any log data unless they configured the system to archive such data in some external storage. Sometimes, retrieving data from an external data warehouse involves a lot of redundant manipulations.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-logging-grep.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-logging-grep.png\" alt=\"\" width=\"640\" class=\"aligncenter size-full wp-image-33419\" \/><\/a><small>Retrieving logs using a grep command (<a href=\"https:\/\/www.slideshare.net\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<p>With hybrid environments gaining popularity and developers exploring the combination of <a href=\"https:\/\/www.altoros.com\/blog\/cloud-foundry-advisory-board-meeting-apr-2018-kubernetes-casts-its-shadow\/\">Cloud Foundry and Kubernetes deployments<\/a>, troubleshooting becomes even more challenging as developers now have to keep track and search through logs in each environment. At KubeCon 2018, <a href=\"https:\/\/twitter.com\/viktoryiakotava\" rel=\"noopener\" target=\"_blank\">Viktoryia Kotava<\/a> and <a href=\"https:\/\/twitter.com\/akrasnitski\" rel=\"noopener\" target=\"_blank\">Andrei Krasnitski<\/a> of Altoros demonstrated how to simplify logging in a hybrid environment.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Whats_Logsearch\"><\/span>What&#8217;s Logsearch?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><a href=\"http:\/\/www.logsearch.io\/\" rel=\"noopener\" target=\"_blank\">Logsearch<\/a> is an open-source project for building and operating log analysis clusters in the cloud. Using the <a href=\"https:\/\/www.elastic.co\/elasticsearch\/\" rel=\"noopener\" target=\"_blank\">Elasticsearch<\/a>, <a href=\"https:\/\/www.elastic.co\/logstash\/\" rel=\"noopener\" target=\"_blank\">Logstash<\/a>, and <a href=\"https:\/\/www.elastic.co\/kibana\/\" rel=\"noopener\" target=\"_blank\">Kibana<\/a> (ELK) stack, Logsearch provides the following features:<\/p>\n<ul>\n<li style=\"margin-bottom: 6px;\"><strong>Unified log management.<\/strong> All logs produced by the deployed environment are available in a single place.<\/li>\n<li style=\"margin-bottom: 6px;\"><strong>Highly available centralized storage.<\/strong> Elasticsearch uses the concept of <a href=\"https:\/\/en.wikipedia.org\/wiki\/Shard_(database_architecture)\" rel=\"noopener\" target=\"_blank\">shards<\/a>, where each index is broken down into them. Each shard can have one or more replicas. All components support horizontal and vertical scaling.<\/li>\n<li style=\"margin-bottom: 6px;\"><strong>Parsing rules.<\/strong> Precise parsing rules for Logstash transform raw log data into understandable and readable format from any structured\/unstructured data source. Filtration is based on already parsed logs.<\/li>\n<li><strong>Security and multitenancy.<\/strong> Logsearch is secured with the Cloud Foundry identity management service, <a href=\"https:\/\/www.altoros.com\/blog\/configuring-uaa-to-provide-a-single-entry-point-for-kubernetes-and-cloud-foundry\/\">User Account and Authentication<\/a> (UAA), which is also available for Kubernetes deployments. Syslog traffic can be encrypted and secured with TLS\/SSL certificates.<\/li>\n<\/ul>\n<blockquote><p><em>&#8220;Logsearch has a native integration with Cloud Foundry UAA. You may also use Cloud Foundry UAA for a Kubernetes installation. If you enable UAA, those permissions you configure for role-based or attribute-based access control systems will work for Logsearch, too.&#8221; \u2014Viktoryia Kotava<\/em><\/p><\/blockquote>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-Viktoryia-Kotava-Andrei-Krasnitski.jpg\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-Viktoryia-Kotava-Andrei-Krasnitski-1024x576.jpg\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-33540\" \/><\/a><small>Viktoryia Kotava and Andrei Krasnitski at KubeCon 2018 (Courtesy of <a href=\"https:\/\/www.linkedin.com\/in\/drmaximilien\/\" rel=\"noopener\" target=\"_blank\">Michael Maximilien<\/a>)<\/small><\/center><\/p>\n<p>The encryption of the syslog traffic ensures that messages are encrypted in the transport layer. Any communication requires the syslog sender to authenticate the syslog receiver, and vise versa. This mutual authentication prevents <a href=\"https:\/\/en.wikipedia.org\/wiki\/Man-in-the-middle_attack\" rel=\"noopener\" target=\"_blank\">man-in-the-middle attacks<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"What_logs_can_you_monitor\"><\/span>What logs can you monitor?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>In Cloud Foundry and Kubernetes environments, Logsearch can help to collect the following logs:<\/p>\n<ul>\n<li style=\"margin-bottom: 6px;\"><strong>Platform logs<\/strong> from all the Cloud Foundry components, Kubernetes pods and nodes, as well as the underlying infrastructure.<\/li>\n<li style=\"margin-bottom: 6px;\"><strong>Third-party services logs<\/strong> from Cloud Foundry, Pivotal CF, and related data services.<\/li>\n<li><strong>Application logs<\/strong> collected using <a href=\"https:\/\/github.com\/cloudfoundry-community\/firehose-to-syslog\" rel=\"noopener\" target=\"_blank\">firehose-to-syslog<\/a> in Cloud Foundry or the <a href=\"https:\/\/www.fluentd.org\/download\" rel=\"noopener\" target=\"_blank\">Fluentd<\/a> data collector in Kubernetes.<\/li>\n<\/ul>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-Logsearch-Kubernetes-Cloud-Foundry-Viktoryia-Kotava-Andrei-Krasnitski.jpg\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-Logsearch-Kubernetes-Cloud-Foundry-Viktoryia-Kotava-Andrei-Krasnitski.jpg\" alt=\"\" width=\"640\" class=\"aligncenter size-full wp-image-33370\" \/><\/a><small>Viktoryia Kotava and Andrei Krasnitski at KubeCon 2018 (Courtesy of <a href=\"https:\/\/www.linkedin.com\/in\/drmaximilien\/\" rel=\"noopener\" target=\"_blank\">Michael Maximilien<\/a>)<\/small><\/center><\/p>\n<p>In addition, Logsearch provides out-of-the-box <strong>dashboards<\/strong> for applications and platform logs. <strong>Automated backups<\/strong> can also be configured to work with any Amazon S3 compatible storage system.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"How_it_works\"><\/span>How it works<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Andrei provided some insights into how log management works in Cloud Foundry and Kubernetes\/Kubo\u2014exemplified on sample architectural schemes. The architectural solution for aggregating platform logs in Cloud Foundry includes such components as <a href=\"https:\/\/docs.cloudfoundry.org\/concepts\/architecture\/messaging-nats.html\" rel=\"noopener\" target=\"_blank\">NATS<\/a>, <a href=\"https:\/\/www.altoros.com\/blog\/configuring-uaa-to-provide-a-single-entry-point-for-kubernetes-and-cloud-foundry\/\" rel=\"noopener\" target=\"_blank\">UAA<\/a>, <a href=\"https:\/\/docs.cloudfoundry.org\/concepts\/architecture\/cloud-controller.html\" rel=\"noopener\" target=\"_blank\">Cloud Controller<\/a>, etc. For Cloud Foundry, one uses the <a href=\"https:\/\/github.com\/cloudfoundry-community\/logsearch-boshrelease\" rel=\"noopener\" target=\"_blank\">Logsearch BOSH release<\/a>, which encapsulates <a href=\"https:\/\/www.rsyslog.com\/\" rel=\"noopener\" target=\"_blank\">RSYSLOG<\/a> responsible for efficient forwarding of log messages.<\/p>\n<p>Logstash serves as a syslog server (receiving log messages via the syslog protocol), a persistent queue, and a log messages parser. To make log management even more convenient, Logsearch provides a set of custom parsing rules for Logstash. Elasticsearch plays the role of a distributed and highly available storage, while Kibana delivers a web interface.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/an-architectural-schema-for-system-log-management-with-logsearch-for-cloud-foundry-v1.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/an-architectural-schema-for-system-log-management-with-logsearch-for-cloud-foundry-v1-1024x576.png\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-33532\" \/><\/a><small>Managing system logs on Cloud Foundry (<a href=\"https:\/\/www.slideshare.net\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<p>The architectural solution for managing application logs on Cloud Foundry will include almost the same components, except for <code style=\"color: #222222; background-color: #e6e6e6; padding: 1px 2px;\">firehose-to-syslog<\/code> replacing <code style=\"color: #222222; background-color: #e6e6e6; padding: 1px 2px;\">RSYSLOG<\/code> to ensure log pulling.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/an-architectural-schema-for-application-log-management-with-logsearch-for-cloud-foundry-v1.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/an-architectural-schema-for-application-log-management-with-logsearch-for-cloud-foundry-v1-1024x576.png\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-33511\" \/><\/a><small>Managing application logs on Cloud Foundry (<a href=\"https:\/\/www.slideshare.net\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<p>The team at Altoros decided to use its knowledge about log management in Cloud Foundry, as well as a codebase developed in three years, and re-apply it to Kubernetes. As a result, we&#8217;ve come up with the following implementation:<\/p>\n<ul>\n<li style=\"margin-bottom: 6px;\">To aggregate container logs, Fluentd agents are installed on top of Kubernetes pods using BOSH runtime config.<\/li>\n<li style=\"margin-bottom: 6px;\">Fluentd ships log data straight to Elasticsearch, excluding Logstach.<\/li>\n<li>The ELK stack is deployed as a BOSH release.<\/li>\n<\/ul>\n<p>In addition to container logs, this architectural approach allows for aggregating infrastructure-related logs. The approach is valid for both Kubernetes and <a href=\"https:\/\/www.altoros.com\/blog\/not-only-for-cloud-foundry-kubo-enables-kubernetes-deployments-with-bosh\/\" rel=\"noopener\" target=\"_blank\">Kubo<\/a>\u2014a tool for launching Kubernetes environment managed by BOSH.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/an-architectural-schema-for-container-log-management-in-kubernetes-kubo.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/an-architectural-schema-for-container-log-management-in-kubernetes-kubo-1024x576.png\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-33514\" \/><\/a><small>A sample architecture for managing container logs on Kubernetes (<a href=\"https:\/\/www.slideshare.net\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<p>To install Logsearch for Kubernetes, you may consider two of the following options:<\/p>\n<ul>\n<li style=\"margin-bottom: 6px;\">If you a novice to Logsearch or need a separate deployment for Kubo or <a href=\"https:\/\/www.altoros.com\/blog\/evaluating-the-new-pivotal-container-service-for-kubernetes-clusters\/\">Pivotal Container Service<\/a>, it&#8217;s recommended to install Logsearch from scratch.<\/li>\n<li>If you are already using Logsearch with an open-source Cloud Foundry or Pivotal CF, you may bind your Kubernetes environment with the existing Logsearch installation using <a href=\"https:\/\/github.com\/Altoros\/logsearch-kubo-extension-release\" rel=\"noopener\" target=\"_blank\">this extension<\/a>.<\/li>\n<\/ul>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/logsearch-installation-options-for-kubernetes.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/logsearch-installation-options-for-kubernetes-1024x576.png\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-33519\" \/><\/a><small>Two options for installing Logsearch on top of Kubernetes (<a href=\"https:\/\/www.slideshare.net\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\/altoros\/a-single-tool-for-hybrid-environments-using-logsearch-with-cloud-foundry-and-kubernetes\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<p>As hybrid deployments garner more interest, unified tools, such as Logsearch, will become increasingly useful. At the moment, Logsearch is available as a <a href=\"https:\/\/github.com\/cloudfoundry-community\/logsearch-boshrelease\" rel=\"noopener\" target=\"_blank\">BOSH release<\/a> for open-source Cloud Foundry and as a <a href=\"https:\/\/network.pivotal.io\/products\/altoros-log-search\/\" rel=\"noopener\" target=\"_blank\">tile<\/a> for Pivotal CF<\/a>. For Kubernetes and Kubo deployments, you may use the <a href=\"https:\/\/github.com\/Altoros\/logsearch-kubo-extension-release\" rel=\"noopener\" target=\"_blank\">extension<\/a> designed by Altoros.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Related_slides\"><\/span>Related slides<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><center><iframe loading=\"lazy\" src=\"\/\/www.slideshare.net\/slideshow\/embed_code\/key\/dwngxqCyWfPsAk\" width=\"595\" height=\"485\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" style=\"border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;\" allowfullscreen> <\/iframe><\/center><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Further_reading\"><\/span>Further reading<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/configuring-uaa-to-provide-a-single-entry-point-for-kubernetes-and-cloud-foundry\/\">Configuring UAA to Provide a Single Entry Point for Kubernetes and Cloud Foundry<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/using-centralized-logs-and-metrics-to-monitor-cloud-foundry-across-all-levels\/\">Using Centralized Logs and Metrics to Monitor Cloud Foundry Across All Levels<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/troubleshooting-net-apps-on-cloud-foundry-logs-metrics-and-remote-debugging\/\">Troubleshooting .NET Apps on Cloud Foundry: Logs, Metrics, and Remote Debugging<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"About_the_experts\"><\/span>About the experts<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<div>\n<div style=\"float: right;\"><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/Viktoriya-Kotava-bio.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/Viktoriya-Kotava-bio.png\" alt=\"\" width=\"120\" class=\"aligncenter size-full wp-image-33389\" \/><\/a><\/div>\n<div style=\"width: 600px;\"><small><a href=\"https:\/\/twitter.com\/viktoryiakotava\" rel=\"noopener\" target=\"_blank\">Viktoryia Kotava<\/a> is a Cloud Foundry product and project manager at Altoros. She is responsible for service integration delivery for Cloud Foundry and Pivotal CF. With 5+ years working at Altoros, Viktoryia has been overlooking delivery of commercial services, staying closely involved in assessment of requirements, preparation of business proposals and SoWs, and legal support of projects.<\/small><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<div>\n<div style=\"float: right;\"><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/09\/Andrei-Krasnitski-altoros-bio.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2017\/09\/Andrei-Krasnitski-altoros-bio.png\" alt=\"\" width=\"120\" class=\"aligncenter size-full wp-image-27894\" \/><\/a><\/div>\n<div style=\"width: 600px;\"><small><a href=\"https:\/\/twitter.com\/akrasnitski\" rel=\"noopener\" target=\"_blank\">Andrei Krasnitski<\/a> is a Cloud Foundry Engineer at Altoros. He has 5+ years of experience in cloud infrastructures and platforms automation, enterprise-level service integrations, and cloud environment troubleshooting. Andrei is building and supporting Cloud Foundry environments for Altoros\u2019s enterprise customers.<\/small><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<hr \/>\n<p><center><small>This blog post was written by <a href=\"https:\/\/www.altoros.com\/blog\/author\/carlo\/\">Carlo Gutierrez<\/a> with assistance from Viktoryia Kotava, <a href=\"https:\/\/www.altoros.com\/blog\/author\/sophie.turol\/\">Sophie Turol<\/a>, and Andrei Krasnitski.<\/small><\/center><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The need for a unified logging tool<\/p>\n<p>Logging is the first step in troubleshooting any kind of software deployment. In Cloud Foundry, the default means of retrieving logs is using the cf logs command. This way, however, there is no user interface, which makes logging quite inconvenient.<\/p>\n<p>In addition, the retention period [&#8230;]<\/p>\n","protected":false},"author":32,"featured_media":33552,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[7],"tags":[873,912,206],"class_list":["post-33360","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-opinion","tag-cloud-native","tag-kubernetes","tag-oss-cloud-foundry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments | Altoros<\/title>\n<meta name=\"description\" content=\"This blog post investigates how to employ the Elasticsearch, Logstash, and Kibana (ELK) stack for managing container logs in Kubernetes.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments | Altoros\" \/>\n<meta property=\"og:description\" content=\"The need for a unified logging tool Logging is the first step in troubleshooting any kind of software deployment. In Cloud Foundry, the default means of retrieving logs is using the cf logs command. This way, however, there is no user interface, which makes logging quite inconvenient. In addition, the retention period [...]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/\" \/>\n<meta property=\"og:site_name\" content=\"Altoros\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-29T17:12:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-07-23T10:07:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/gif\" \/>\n<meta name=\"author\" content=\"Carlo Gutierrez\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Carlo Gutierrez\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/\",\"url\":\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/\",\"name\":\"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments | Altoros\",\"isPartOf\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif\",\"datePublished\":\"2018-05-29T17:12:25+00:00\",\"dateModified\":\"2018-07-23T10:07:41+00:00\",\"author\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#primaryimage\",\"url\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif\",\"contentUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif\",\"width\":640,\"height\":360},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.altoros.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#website\",\"url\":\"https:\/\/www.altoros.com\/blog\/\",\"name\":\"Altoros\",\"description\":\"Insight\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.altoros.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442\",\"name\":\"Carlo Gutierrez\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg\",\"contentUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg\",\"caption\":\"Carlo Gutierrez\"},\"description\":\"Carlo Gutierrez is a Technical Writer at Altoros. As part of the editorial team, his focus has been on emerging technologies such as Cloud Foundry, Kubernetes, blockchain, and the Internet of Things. Prior to Altoros, he primarily wrote about enterprise and consumer technology. Carlo has over 12 years of experience in the publishing industry. Previously, he served as an Editor for PC World Philippines and Questex Asia, as well as a Designer for Tropa Entertainment.\",\"url\":\"https:\/\/www.altoros.com\/blog\/author\/carlo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments | Altoros","description":"This blog post investigates how to employ the Elasticsearch, Logstash, and Kibana (ELK) stack for managing container logs in Kubernetes.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/","og_locale":"en_US","og_type":"article","og_title":"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments | Altoros","og_description":"The need for a unified logging tool Logging is the first step in troubleshooting any kind of software deployment. In Cloud Foundry, the default means of retrieving logs is using the cf logs command. This way, however, there is no user interface, which makes logging quite inconvenient. In addition, the retention period [...]","og_url":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/","og_site_name":"Altoros","article_published_time":"2018-05-29T17:12:25+00:00","article_modified_time":"2018-07-23T10:07:41+00:00","og_image":[{"width":640,"height":360,"url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif","type":"image\/gif"}],"author":"Carlo Gutierrez","twitter_misc":{"Written by":"Carlo Gutierrez","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/","url":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/","name":"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments | Altoros","isPartOf":{"@id":"https:\/\/www.altoros.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#primaryimage"},"image":{"@id":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#primaryimage"},"thumbnailUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif","datePublished":"2018-05-29T17:12:25+00:00","dateModified":"2018-07-23T10:07:41+00:00","author":{"@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442"},"breadcrumb":{"@id":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#primaryimage","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/05\/KubeCon-2018-Logsearch-Kubernetes-Cloud-Foundry-v6.gif","width":640,"height":360},{"@type":"BreadcrumbList","@id":"https:\/\/www.altoros.com\/blog\/using-logsearch-for-hybrid-cloud-foundry-and-kubernetes-deployments\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.altoros.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Using Logsearch for Hybrid Cloud Foundry and Kubernetes Deployments"}]},{"@type":"WebSite","@id":"https:\/\/www.altoros.com\/blog\/#website","url":"https:\/\/www.altoros.com\/blog\/","name":"Altoros","description":"Insight","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.altoros.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442","name":"Carlo Gutierrez","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg","caption":"Carlo Gutierrez"},"description":"Carlo Gutierrez is a Technical Writer at Altoros. As part of the editorial team, his focus has been on emerging technologies such as Cloud Foundry, Kubernetes, blockchain, and the Internet of Things. Prior to Altoros, he primarily wrote about enterprise and consumer technology. Carlo has over 12 years of experience in the publishing industry. Previously, he served as an Editor for PC World Philippines and Questex Asia, as well as a Designer for Tropa Entertainment.","url":"https:\/\/www.altoros.com\/blog\/author\/carlo\/"}]}},"_links":{"self":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/33360","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/comments?post=33360"}],"version-history":[{"count":110,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/33360\/revisions"}],"predecessor-version":[{"id":34621,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/33360\/revisions\/34621"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media\/33552"}],"wp:attachment":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media?parent=33360"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/categories?post=33360"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/tags?post=33360"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}