Kubesphere opensearch
Use when installing or configuring the OpenSearch extension for KubeSphere, which provides distributed search and analytics engine for storing logs, events, auditing, and notification history
install
source · Clone the upstream repo
git clone https://github.com/kubesphere/kubesphere
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/kubesphere/kubesphere "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/opensearch" ~/.claude/skills/kubesphere-kubesphere-opensearch && rm -rf "$T"
manifest:
skills/opensearch/SKILL.mdsource content
OpenSearch Extension
Overview
OpenSearch is a distributed search and analytics engine built into the KubeSphere WizTelemetry Observability Platform. It is used to store, search, and analyze observability data including logs, auditing events, K8s events, and notification history.
When to Use
- Installing OpenSearch cluster for KubeSphere observability extensions
- Configuring OpenSearch storage for logging, events, auditing, and notifications
- Managing OpenSearch Dashboard and Curator components
Components
| Component | Description | Default |
|---|---|---|
| opensearch-master | Master node for cluster coordination | 1 replica |
| opensearch-data | Data nodes for storing indices | 3 replicas |
| opensearch-dashboards | Web UI for visualizing data | disabled |
| opensearch-curator | Scheduled task to clean old indices | enabled |
Prerequisites
Check Installation Status
# Check if OpenSearch is installed kubectl get installplan opensearch -o jsonpath='{.spec.enabled}' # Get installed version kubectl get extension opensearch -o jsonpath='{.status.installedVersion}' # Get target clusters kubectl get installplan opensearch -o jsonpath='{.spec.clusterScheduling.placement.clusters}'
Returns:
- installed and enabled"true"
- installed but disabled"false"- Empty/Error - not installed
Get Available Clusters
kubectl get clusters -o jsonpath='{.items[*].metadata.name}'
Confirm Target Clusters (MUST DO)
⚠️ CRITICAL: Do Not guess.
⚠️ CRITICAL: DO NOT proceed until target clusters are determined.
- If user explicitly specified target clusters in the request → Use those clusters directly
- If user did NOT specify target clusters → You MUST ask user to confirm which clusters to deploy to
Ask user (if not specified):
Available clusters: host, dev Which clusters do you want to deploy OpenSearch to?
Get Latest Version
MUST do this to get the latest version:
kubectl get extensionversions -n kubesphere-system -l kubesphere.io/extension-ref=opensearch -o jsonpath='{range .items[*]}{.spec.version}{"\n"}{end}' | sort -V | tail -1
Installation
⚠️ CRITICAL: InstallPlan
MUST be metadata.name
. DO NOT use any other name.opensearch
Use the latest version obtained from "Get Latest Version" step.
Minimal Installation
apiVersion: kubesphere.io/v1alpha1 kind: InstallPlan metadata: name: opensearch spec: extension: name: opensearch version: <VERSION> # From Get Latest Version step enabled: true upgradeStrategy: Manual clusterScheduling: placement: clusters: - host
With OpenSearch Dashboard
apiVersion: kubesphere.io/v1alpha1 kind: InstallPlan metadata: name: opensearch spec: extension: name: opensearch version: <VERSION> # From Get Latest Version step enabled: true upgradeStrategy: Manual config: | opensearch-dashboards: enabled: true clusterScheduling: placement: clusters: - host
Disable Curator
apiVersion: kubesphere.io/v1alpha1 kind: InstallPlan metadata: name: opensearch spec: extension: name: opensearch version: <VERSION> # From Get Latest Version step enabled: true upgradeStrategy: Manual config: | opensearch-curator: enabled: false clusterScheduling: placement: clusters: - host
Configuration
Parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
| int | 1 | Number of master nodes |
| string | "-Xmx512M -Xms512M" | JVM options |
| object | - | Resource limits/requests |
| int | 3 | Number of data nodes |
| string | "-Xmx1536M -Xms1536M" | JVM options |
| object | - | Resource limits/requests |
| string | NodePort | Service type |
| int | 30920 | NodePort for external access |
| bool | false | Enable OpenSearch Dashboards |
| bool | true | Enable index cleanup job |
Resource Configuration
opensearch-master: replicas: 1 opensearchJavaOpts: "-Xmx512M -Xms512M" resources: requests: cpu: "100m" memory: "512Mi" limits: cpu: "500m" memory: "1Gi" opensearch-data: replicas: 3 opensearchJavaOpts: "-Xmx2048M -Xms2048M" resources: requests: cpu: "200m" memory: "2Gi" limits: cpu: "2000m" memory: "4Gi" persistence: size: 50Gi storageClass: "local-volume"
Operations
Access Target Cluster
⚠️ CRITICAL: You MUST access the target cluster BEFORE checking status or running any kubectl commands below.
❌ DO NOT run kubectl commands without using the target cluster kubeconfig ✅ MUST run:
kubectl --kubeconfig=/tmp/<cluster>-kubeconfig ...
Checklist (must complete before any operation):
-
1. Find target clusters:
kubectl get installplan opensearch -o jsonpath='{.spec.clusterScheduling.placement.clusters}' -
2. Get cluster kubeconfig:
kubectl get cluster <cluster-name> -o jsonpath='{.spec.connection.kubeconfig}' | base64 -d > /tmp/<cluster-name>-kubeconfig -
3. Use this kubeconfig for ALL subsequent commands
Note: Replace
with the actual cluster name. Use<cluster-name>for imported clusters.spec.connection.kubeconfig
Check Status
⚠️ REQUIRED: Complete Access Target Cluster checklist FIRST
# Extension status kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get extension opensearch # InstallPlan status kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get installplan opensearch
Get Pods
⚠️ REQUIRED: Complete Access Target Cluster checklist FIRST
# All pods kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get pods -n kubesphere-logging-system -l app.kubernetes.io/instance=opensearch-agent # By component kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get pods -n kubesphere-logging-system -l app.kubernetes.io/name=opensearch-master kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get pods -n kubesphere-logging-system -l app.kubernetes.io/name=opensearch-data # Status kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get pods -n kubesphere-logging-system -l app.kubernetes.io/instance=opensearch-agent -o wide
External Endpoint
⚠️ REQUIRED: Complete Access Target Cluster checklist FIRST
OpenSearch uses NodePort (default: 30920) to expose service externally.
# Get NodePort service kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get svc -n kubesphere-logging-system opensearch-cluster-data # Get node IP kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}' # Access OpenSearch externally # URL: https://<node-ip>:30920 curl -k -u admin:admin "https://<node-ip>:30920/_cluster/health"
Output Contract (For Other Skills)
⚠️ This section defines what information this skill provides to other skills
When OpenSearch is successfully deployed, other skills can retrieve:
| Field | Example Value | Description |
|---|---|---|
| | Full URL for Vector sink |
| | NodePort number |
| | Node internal IP |
| | Default username |
| | Default password |
How other skills should get this info:
-
Find which cluster OpenSearch was deployed to:
kubectl get installplan opensearch -o jsonpath='{.spec.clusterScheduling.placement.clusters}' -
Get cluster kubeconfig:
kubectl get cluster <cluster-name> -o jsonpath='{.spec.connection.kubeconfig}' | base64 -d > /tmp/<cluster-name>-kubeconfig -
Get OpenSearch endpoint:
# NodePort NODE_PORT=$(kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get svc -n kubesphere-logging-system opensearch-cluster-data -o jsonpath='{.spec.ports[?(@.port==9200)].nodePort}') # Node IP NODE_IP=$(kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}') # Full endpoint echo "https://${NODE_IP}:${NODE_PORT}"
Update Configuration
apiVersion: kubesphere.io/v1alpha1 kind: InstallPlan metadata: name: opensearch spec: extension: name: opensearch version: <VERSION> # From Get Latest Version step enabled: true upgradeStrategy: Manual config: | opensearch-data: replicas: 5 opensearchJavaOpts: "-Xmx4096M -Xms4096M" opensearch-dashboards: enabled: true clusterScheduling: placement: clusters: - host
Uninstall
Uninstall from all clusters:
kubectl delete installplan opensearch
Uninstall from specific cluster:
To remove OpenSearch from a specific cluster, update the InstallPlan by removing that cluster from
clusterScheduling.placement.clustersapiVersion: kubesphere.io/v1alpha1 kind: InstallPlan metadata: name: opensearch spec: extension: name: opensearch version: <VERSION> enabled: true upgradeStrategy: Manual config: | opensearch-data: replicas: 3 clusterScheduling: placement: clusters: - <REMAINING_CLUSTERS> # Remove the cluster you want to uninstall from
Troubleshooting
⚠️ REQUIRED: Complete Access Target Cluster checklist FIRST
Pod Issues
kubectl --kubeconfig=/tmp/<cluster>-kubeconfig get pods -n kubesphere-logging-system -l app.kubernetes.io/instance=opensearch-agent # Pod events kubectl --kubeconfig=/tmp/<cluster>-kubeconfig describe pods -n kubesphere-logging-system -l app.kubernetes.io/instance=opensearch-agent
OpenSearch Health
⚠️ REQUIRED: Complete Access Target Cluster checklist FIRST
# Cluster health curl -k -u admin:admin "https://<node-ip>:30920/_cluster/health" # List indices curl -k -u admin:admin "https://<node-ip>:30920/_cat/indices"
Common Issues
| Issue | Solution |
|---|---|
| Pods not starting | Check node resources and storage availability |
| Out of memory | Increase JVM heap size |
| Cannot connect | Check NodePort firewall rules |
| Index storage full | Increase PVC size or enable Curator |
Notes
- Resource Requirements: OpenSearch requires significant CPU and memory
- Storage: Data nodes use persistent storage
- NodePort: Default port is 30920
- Multi-cluster: Can be deployed to specific clusters