Commit 2c67da51 authored by Adrien Kohlbecker's avatar Adrien Kohlbecker Committed by Thong Kuah

Add Elastic Stack documentation

Add Elastic Stack documentationn
parent 869d725e
......@@ -41,6 +41,7 @@ The following applications can be installed:
- [JupyterHub](#jupyterhub)
- [Knative](#knative)
- [Crossplane](#crossplane)
- [Elastic Stack](#elastic-stack)
With the exception of Knative, the applications will be installed in a dedicated
namespace called `gitlab-managed-apps`.
......@@ -431,6 +432,38 @@ administrator to run following command within a Rails console:
Feature.enable(:enable_cluster_application_crossplane)
```
### Elastic Stack
> Introduced in GitLab 12.7 for project- and group-level clusters.
[Elastic Stack](https://www.elastic.co/products/elastic-stack) is a complete end-to-end
log analysis solution which helps in deep searching, analyzing and visualizing the logs
generated from different machines.
GitLab is able to gather logs from pods in your cluster automatically.
Filebeat will run as a DaemonSet on each node in your cluster, and it will ship container logs to Elasticsearch for querying.
GitLab will then connect to Elasticsearch for logs instead of the Kubernetes API,
and you will have access to more advanced querying capabilities.
This is a preliminary release of Elastic Stack as a GitLab-managed application. By default,
the ability to install it is disabled.
To allow installation of Elastic Stack as a GitLab-managed application, ask a GitLab
administrator to run following command within a Rails console:
```ruby
Feature.enable(:enable_cluster_application_elastic_stack)
```
Once the feature flag is set, to enable log shipping, install Elastic Stack into the cluster with the
**Install** button.
NOTE: **Note:**
The [`stable/elastic-stack`](https://github.com/helm/charts/tree/master/stable/elastic-stack)
chart is used to install this application with a
[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/elastic_stack/values.yaml)
file.
## Install using GitLab CI (alpha)
> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/20822) in GitLab 12.6.
......@@ -639,6 +672,7 @@ The applications below can be uninstalled.
| Knative | 12.1+ | The associated IP will be deleted and cannot be restored. |
| Prometheus | 11.11+ | All data will be deleted and cannot be restored. |
| Crossplane | 12.5+ | All data will be deleted and cannot be restored. |
| Elastic Stack | 12.7+ | All data will be deleted and cannot be restored. |
| Sentry | 12.6+ | The PostgreSQL persistent volume will remain and should be manually removed for complete uninstall. |
To uninstall an application:
......
......@@ -41,9 +41,37 @@ Logs can be displayed by clicking on a specific pod from [Deploy Boards](../depl
1. On the **Environments** page, you should see the status of the environment's pods with [Deploy Boards](../deploy_boards.md).
1. When mousing over the list of pods, a tooltip will appear with the exact pod name and status.
![Deploy Boards pod list](img/pod_logs_deploy_board.png)
1. Click on the desired pod to bring up the logs view, which will contain the last 500 lines for that pod.
You may switch between the following in this view:
- Pods.
- [From GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/issues/5769), environments.
1. Click on the desired pod to bring up the logs view.
Support for pods with multiple containers is coming [in a future release](https://gitlab.com/gitlab-org/gitlab/issues/6502).
### Logs view
The logs view will contain the last 500 lines for a pod, and has control to filter via:
- Pods.
- [From GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/issues/5769), environments.
- [From GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/merge_requests/21656), [full text search](#full-text-search).
Support for pods with multiple containers is coming [in a future release](https://gitlab.com/gitlab-org/gitlab/issues/13404).
Support for historical data is coming [in a future release](https://gitlab.com/gitlab-org/gitlab/issues/196191).
### Full text search
> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/21656) in GitLab 12.7.
When you enable [Elastic Stack](../../clusters/applications.md#elastic-stack) on your cluster,
you can search the content of your logs via a search bar.
The search is passed on to Elasticsearch using the [simple_query_string](https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-simple-query-string-query.html)
Elasticsearch function, which supports the following operators:
```
+ signifies AND operation
| signifies OR operation
- negates a single token
" wraps a number of tokens to signify a phrase for searching
* at the end of a term signifies a prefix query
( and ) signify precedence
~N after a word signifies edit distance (fuzziness)
~N after a phrase signifies slop amount
```
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment