您好,欢迎访问代理记账网站
移动应用 微信公众号 联系我们

咨询热线 -

电话 15988168888

联系客服
  • 价格透明
  • 信息保密
  • 进度掌控
  • 售后无忧

Kubernetes ELLK

Kubernetes ELLK

本次方案是按照 Elasticsearch + Logspout + Logstash + kibana 并且手机的日志可以被简单切分:

Elasticsearch-rc 配置文件:

apiVersion: v1

kind: ReplicationController

metadata:

  name: elasticsearch-logging-v1

  labels:

    k8s-app: elasticsearch-logging

    version: v1

    kubernetes.io/cluster-service"true"

spec:

  replicas: 1

  selector:

    k8s-app: elasticsearch-logging

    version: v1

  template:

    metadata:

      labels:

        k8s-app: elasticsearch-logging

        version: v1

        kubernetes.io/cluster-service"true"

    spec:

      nodeSelector:

        role: elk

      containers:

      - image: registry.aliyuncs.com/slzcc/elasticsearch

        name: elasticsearch

        resources:

          limits:

            cpu: 1000m

          requests:

            cpu: 100m

        ports:

        - containerPort: 9200

          name: db

          protocol: TCP

        - containerPort: 9300

          name: transport

          protocol: TCP

        volumeMounts:

        - name: es-persistent-storage

          mountPath: "/usr/share/elasticsearch/data"

      volumes:

      - name: es-persistent-storage

        hostPath:

          path: "/data/elasticsearch" 

Elasticsearch-svc 配置文件:

apiVersion: v1

kind: Service

metadata:

  name: elasticsearch-logging

  labels:

    k8s-app: elasticsearch-logging

    kubernetes.io/cluster-service"true"

    kubernetes.io/name"Elasticsearch"

spec:

  ports:

  - port: 9200

    name: http

    protocol: TCP

    targetPort: db

  selector:

    k8s-app: elasticsearch-logging

Kibana-rc 配置文件:

apiVersion: extensions/v1beta1

kind: Deployment

metadata:

  name: kibana-logging

  labels:

    k8s-app: kibana-logging

    kubernetes.io/cluster-service"true"

spec:

  replicas: 1

  selector:

    matchLabels:

      k8s-app: kibana-logging

  template:

    metadata:

      labels:

        k8s-app: kibana-logging

    spec:

      nodeSelector:

        role: elk

      containers:

      - name: kibana-logging

        image: registry.aliyuncs.com/slzcc/kibana

        resources:

          # keep request = limit to keep this container in guaranteed class

          limits:

            cpu: 100m

          requests:

            cpu: 100m

        env:

          - name: "ELASTICSEARCH_URL"

            value: "http://elasticsearch-logging:9200"

        ports:

        - containerPort: 5601

          name: ui

          protocol: TCP

Kibana-svc 配置文件:

apiVersion: v1

kind: Service

metadata:

  name: kibana-logging

  labels:

    k8s-app: kibana-logging

    kubernetes.io/cluster-service"true"

    kubernetes.io/name"Kibana"

spec:

  ports:

  - port: 5601

    name: http

    protocol: TCP

    targetPort: ui

  selector:

    k8s-app: kibana-logging

Logstash-configmap 配置文件:

apiVersion: v1

kind: ConfigMap

metadata:

  name: logstash

data:

  logstash.conf: |-

      input {

        udp {

        port => 514

        type => syslog

        codec => json

        }

        tcp {

        port => 514

        type => syslog

        codec => json

        }

      }

      filter {

        if [type] == "syslog" {

          grok {

            match => { "message" => "%{SYSLOG5424PRI}%{NONNEGINT:ver} +(?:%{TIMESTAMP_ISO8601:ts}|-) +(?:%{HOSTNAME:containerid}|-) +(?:%    {NOTSPACE:containername}|-) +(?:%{NOTSPACE:proc}|-) +(?:%{WORD:msgid}|-) +(?:%{SYSLOG5424SD:sd}|-|) +%{GREEDYDATA:msg}" }

          }

          syslog_pri { }

          date {

              match => [ "syslog_timestamp""MMM  d HH:mm:ss""MMM dd HH:mm:ss" ]

          }

          if !("_grokparsefailure" in [tags]) {

              mutate {

                replace => [ "@source_host""%{syslog_hostname}" ]

                replace => [ "@message""%{syslog_message}" ]

              }

          }

          mutate {

            remove_field => [ "syslog_hostname""syslog_message""syslog_timestamp" ]

          }

        }

      }

      output {

          elasticsearch {

              hosts => ["elasticsearch-logging:9200"]

              index => "k8s-%{type}-%{+YYYY.MM.dd}"

              document_type => "%{type}"

              workers => 1

              flush_size => 20000

              idle_flush_time => 10

              template_overwrite => true

              codec => json

          }

      }

Logstash-rc 配置文件:

apiVersion: v1

kind: ReplicationController

metadata:

  name: logstash

  labels:

    k8s-app: logstash

    version: v1

    kubernetes.io/cluster-service"true"

spec:

  replicas: 1

  selector:

    k8s-app: logstash

    version: v1

  template:

    metadata:

      labels:

        k8s-app: logstash

        version: v1

        kubernetes.io/cluster-service"true"

    spec:

      nodeSelector:

        role: elk

      containers:

      - image: registry.aliyuncs.com/slzcc/logstash-build

        name: logstash

        resources:

          limits:

            cpu: 1000m

          requests:

            cpu: 100m

        ports:

        - containerPort: 514

          name: input

          protocol: TCP

        - containerPort: 514

          name: output

          protocol: UDP

        command:

        '/logstash-5.1.1/bin/logstash'

        '-f'

        '/etc/logstash/logstash.conf'

        '-w 20'

        volumeMounts:

          - mountPath: "/etc/logstash/"

            name: config-volume

      volumes:

        - name: config-volume

          configMap:

            name: logstash 

Logstash-svc 配置文件:

apiVersion: v1

kind: Service

metadata:

  name: logstash

  labels:

    k8s-app: logstash

    kubernetes.io/cluster-service"true"

    kubernetes.io/name"logstash"

spec:

  ports:

  - port: 514

    name: input

    protocol: TCP

    targetPort: input

#  - port: 514

#    name: output

#    protocol: UDP

#    targetPort: output

  selector:

    k8s-app: logstash

  clusterIP: None

Lospout-daemon 配置文件:

apiVersion: extensions/v1beta1

kind: DaemonSet

metadata:

  name: logspout-elasticsearch

  labels:

    k8s-app: logspout-logging

spec:

  template:

    metadata:

      labels:

        name: logspout-elasticsearch

    spec:

      containers:

      nodeSelector:

        role: elk

      - name: logspout-elasticsearch

        image: registry.aliyuncs.com/slzcc/logspout-logstash

        resources:

          limits:

            memory: 200Mi

          requests:

            cpu: 100m

            memory: 200Mi

        env:

          - name: "ROUTE_URIS"

            value: "logstash+tcp://logstash:514"

        volumeMounts:

          - mountPath: "/var/run/docker.sock"

            name: sock

      volumes:

        - hostPath:

            path: "/var/run/docker.sock"

          name: sock

      terminationGracePeriodSeconds: 30

 


分享:

低价透明

统一报价,无隐形消费

金牌服务

一对一专属顾问7*24小时金牌服务

信息保密

个人信息安全有保障

售后无忧

服务出问题客服经理全程跟进