No description

Dockerfile 58.9%
Shell 41.1%

Find a file

Peter Pflaeging ab7fb598df first version		2023-02-20 14:25:34 +01:00
kustomize	Add module	2023-02-20 10:44:20 +01:00
.gitignore	first version	2023-02-20 14:25:34 +01:00
Dockerfile	switch to alma	2023-02-20 11:34:28 +01:00
get-ca.sh	first version	2023-02-20 14:25:34 +01:00
Readme.md	first version	2023-02-20 14:25:34 +01:00
rsyslog.conf	tls conf	2023-02-20 10:32:22 +01:00

Readme.md

Simple rsyslog container running in an OpenShift namespace

This container could be contacted:

inside your namespace via TCP/1514 (service definition syslog)
form outside via TLS and the created Openshift Route

The rsyslog container writes all his logging on stdout (means console log in kubernetes).

Build

oc apply -k kustomize/build

Deploy

Check your kustomize/deploy/kustomization.yaml for:

right path for the imagestream

oc apply -k kustomize/deploy

Test

You can test the function from a machine outside your cluster with:

echo "<142>$HOSTNAME Hello World, dodo" | gnutls-cli simple-rsyslog-mynamespace.apps.mycluster.cool --port=443 --insecure

Client config

There's a shellscript which gets the CA of the server for you: sh ./get-ca.sh
copy the certs/service-ca.pem to your client machine in /etc/certs/rsyslog-ca.pem

The config should look like:

global(
  DefaultNetstreamDriverCAFile="/etc/certs/rsyslog-ca.pem"
)
action(
  type="omfwd"
  protocol="tcp"
  target="simple-rsyslog-mynamespace.apps.mycluster.cool"
  port="443"
  StreamDriver="gtls"
  StreamDriverMode="1"
  StreamDriverAuthMode="anon"
  StreamDriverPermittedPeers="*.apps.mycluster.cool"
)

(this config is pretty untested right now)

Peter Pfläging <peter@pflaeging.net>