1. Proposed title of this feature request
Enable setting username and password for ElasticSearch LogForward
2. What is the nature and description of the request?
The Log Forwarding feature (Tech Preview in OpenShift Container Platform 4.3) allows users to configure log forwarding to external ElasticSearch instances. The connection to this external ElasticSearch instance can either be insecured or secured by TLS certificates. However, specifying a username and password is currently not supported by the `LogForwarding` CRD.
This RFE requests to implement a way to be able to specify the values for the `user` and `password` field for external ElasticSearch instances via a `Secret` or similar.
@type elasticsearch host ELASTICHOST port 9243 scheme https ssl_version TLSv1_2 target_index_key example_index_name id_key example_msg_id remove_keys example_index_name user USER password PW [..]
The current workaround is to manually specify the username and password in a `secure-forward.conf` as shown above without using the `LogForward` CRD.
3. Why does the customer need this? (List the business requirements here)
Customer is already using ElasticSearch as his company-wide logging stack. The OpenShift logging stack should forward logs to this centralised logging stack in order to not have multiple logging stacks within the company. This allows for central log management.
4. List any affected packages or components.
OpenShift Logging Operator (`LogForwarding` CRD)
- is related to
LOG-1022 Allow to set username / password for external ElasticSearch output inside the LF API