Configuring Gestalt Logging

There are two types of logging: Container logs, and Lambda logs. Enabling Lambda logs requires the user of an ElasticSearch instance to store the logs. Configuration of ElasticSearch is out of the scope of this guide.

DC/OS Specific Configuration

Perform the following after the initial Gestalt Platform installation

Configure Service Account and Secret

Gestalt logging requires a service account for DC/OS Enterprise Edition. Please refer to the instructions here:

(Authenticating DC/OS Services - Mesosphere DC/OS Documentation)[https://docs.mesosphere.com/1.9/security/ent/service-auth/custom-service-auth/]

1) Create a DC/OS service account using the DC/OS instructions. Create a keypair if necessary.

2) Assign the service account the following permissions:

      dcos:adminrouter:ops:mesos  full
      dcos:adminrouter:ops:slave  full
      dcos:adminrouter:service:marathon   full
      dcos:service:marathon:marathon:admin:events read
      dcos:service:marathon:marathon:services:/path/to/gestalt/appgroup    delete, create, read, update

3) Create a DC/OS secret based on the service account and private key. Retain the JSON string that is generated in this step.

Configure Gestalt Logging Service

In Gestalt > Providers configure a Logging Provider using the following configuration:

  • Name: gestalt-logging

  • Description: Logging Provider

  • Public Variables: (None)

  • Private Variables:

    DCOS_HOST               leader.mesos
    DCOS_PORT               80
    DCOS_PROTOCOL           http 
    DCOS_SVC_ACCOUNT_CREDS  (resulting json of the above steps)
  • Additional Private Variables if using an ElasticSearch for Lambda Logging:

    ES_CLUSTER_NAME      myesdb
    ES_SNAPSHOT_REPO     s3_repository
    ES_SERVICE_HOST      (Elastic Search service host)
    ES_SERVICE_PORT      (typically 9300)
    ES_COMPUTE_TYPE      dcos
    ES_HOT_DAYS          7
    ES_COLD_DAYS         14
  • Allowed Environments: (Leave all unchecked)

  • Container Configuration:

    Image           galacticfog/gestalt-log:0.6.4-SNAPSHOT-631a93c1
    Instances:      1
    CPU:            0.5
    Memory:         1024
    Network:        BRIDGE
    Command:        (leave blank)
    
    Port Mappings:
    [1] - Expose Service Endpoint: checked
        - Name: service / Protocol: TCP / Container port: 9000 / Service port: 9000 / Virtual Hosts:
    
    Volumes: (None)
    
    Secrets: (None)
    
    Environment Variables:
    
      JAVA_OPTS      -Xmx768m
    
    Labels:
    
      HAPROXY_0_REDIRECT_TO_HTTPS      true

Gestalt Laser Configuration

Note that the Gestalt Laser provider must be configured with configuratoin for the same ElasticSearch instance:

    ES_HOST         (ElasticSearch service host)
    ES_PORT         (typically 9200)
    ES_PROTOCOL     (http or https)