当前位置:   article > 正文

kubernetes EFK日志管理系统

efk operator

1. kubernetes 日志管理方案介绍:

  在kubernetes集群中一般使用EFK日志解决方案,所谓的EFK分布代表了elasticsearch、fluentd、kibana.

  fluentd主要功能是日志收集客户端,主要用途是收集每一个pod的日志,同时也会收集操作系统层面的日志,比如kubelet组件、docker服务、apiserver等组件的日志;

因此flunetd组件一般是以DaemonSet的资源类型运行在k8s之上,包括k8s master节点都需要运行fluentd容器;

  elasticsearch是日志存储功能,主要用来存储收集来的日志生成索引。一般都是要创建成ES集群。标准的ES集群一般分为Client端、Master管理端、DATA数据端。Client端主要负责对外提供接口,也就是访问ES集群就是访问Client的服务请求。然后Client再把服务转发给Master服务器,最后由Master把数据写入到DATA服务器。

  kibana主要用途是日志展示和管理搜索等。将ES集群中的日志索引通过图形界面展示出来,可以实时查看日志的内容和根据关键字搜索日志;

  有的解决方案是这样的. fluentd--->logstash(日志格式转换等)--->Redis缓存--->ES集群存储--->kibana展示。其中用到的logstash是用来做日志的过滤和格式转换的,而redis用来做缓存,主要是因为ES的写入速度很慢,但是fluentd的发送日志速度很快,如果中间没有缓存的话,可能会造成数据的延迟或者丢失;

  在k8s容器中收集日志也有集中类型,一般fluentd的日志收集客户端只能收集STDOUT(标准输出)的日志, 什么是标准输出?就是你可以通过kubectl logs -f Pod_name 查询到的日志输出就是标准输出。但是有些JAVA应用程序并没有把业务日志输出到STDOUT,而是输出到一个文件里面。
大家应该知道容器里面是不能写入文件内容的,因为容器一旦重启内容就会消失,除非通过挂载共享存储的方式才能保存文件中的日志;但是文件中的日志fluentd检测不到怎么办,这个时候就要用到sidecar容器来实现把业务日志的文件中的内容输出到标准输出;或者也可以直接修改log4j配置文件将应用日志直接输出到ES;
边角容器这种方法也有一个明显的缺陷,就是日志不仅会在原容器文件中保留下来,还会通过 stdout 输出后占用磁盘空间,这样无形中就增加了一倍磁盘空间。

2. 使用Helm安装fluentd、ES、kibana:

  由于前面几篇博文已经详细描述过helm怎么安装Redis、RabbitMQ、Mysql、Jenkins等步骤,这里就不详细描述Helm的使用方法了。
  反正大家只要记住几点就行:

  1. helm的官方网站是: https://github.com/helm/charts/tree/master/stable/ 你需要的应用都在这个目录下面;
  2. 一般的流程就是helm search 应用名---> helm fetch 应用名--->根据官方文档配置value.yaml--->启动helm应用;

  接下来我主要是把这几个应用的value.yaml文件给大家重点介绍一下:

  1. image:
  2. repository: k8s.harbor.maimaiti.site/system/fluentd
  3. ## Specify an imagePullPolicy (Required)
  4. ## It's recommended to change this to 'Always' if the image tag is 'latest'
  5. ## ref: http://kubernetes.io/docs/user-guide/images/#updating-images
  6. tag: v2.5.1
  7. pullPolicy: IfNotPresent
  8. ## Optionally specify an array of imagePullSecrets.
  9. ## Secrets must be manually created in the namespace.
  10. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  11. ##
  12. # pullSecrets:
  13. # - myRegistrKeySecretName
  14. ## If using AWS Elasticsearch, all requests to ES need to be signed regardless of whether
  15. ## one is using Cognito or not. By setting this to true, this chart will install a sidecar
  16. ## proxy that takes care of signing all requests being sent to the AWS ES Domain.
  17. awsSigningSidecar:
  18. enabled: false
  19. image:
  20. repository: abutaha/aws-es-proxy
  21. tag: 0.9
  22. # Specify to use specific priorityClass for pods
  23. # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
  24. # If a Pod cannot be scheduled, the scheduler tries to preempt (evict) lower priority
  25. # Pods to make scheduling of the pending Pod possible.
  26. priorityClassName: ""
  27. ## Configure resource requests and limits
  28. ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  29. ##
  30. resources: {}
  31. # limits:
  32. # cpu: 100m
  33. # memory: 500Mi
  34. # requests:
  35. # cpu: 100m
  36. # memory: 200Mi
  37. elasticsearch:
  38. host: 'elasticsearch-client.kube-system'
  39. port: 9200
  40. scheme: 'http'
  41. ssl_version: TLSv1_2
  42. user: ""
  43. password: ""
  44. buffer_chunk_limit: 2M
  45. buffer_queue_limit: 8
  46. logstash_prefix: 'logstash'
  47. # If you want to add custom environment variables, use the env dict
  48. # You can then reference these in your config file e.g.:
  49. # user "#{ENV['OUTPUT_USER']}"
  50. env:
  51. # OUTPUT_USER: my_user
  52. # LIVENESS_THRESHOLD_SECONDS: 300
  53. # STUCK_THRESHOLD_SECONDS: 900
  54. # If you want to add custom environment variables from secrets, use the secret list
  55. secret:
  56. # - name: ELASTICSEARCH_PASSWORD
  57. # secret_name: elasticsearch
  58. # secret_key: password
  59. rbac:
  60. create: true
  61. serviceAccount:
  62. # Specifies whether a ServiceAccount should be created
  63. create: true
  64. # The name of the ServiceAccount to use.
  65. # If not set and create is true, a name is generated using the fullname template
  66. name: ""
  67. ## Specify if a Pod Security Policy for node-exporter must be created
  68. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
  69. ##
  70. podSecurityPolicy:
  71. enabled: false
  72. annotations: {}
  73. ## Specify pod annotations
  74. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
  75. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
  76. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
  77. ##
  78. # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
  79. # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
  80. # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
  81. livenessProbe:
  82. enabled: true
  83. annotations: {}
  84. podAnnotations:
  85. prometheus.io/scrape: "true"
  86. prometheus.io/port: "24231"
  87. ## DaemonSet update strategy
  88. ## Ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/
  89. updateStrategy:
  90. type: RollingUpdate
  91. tolerations:
  92. - key: node-role.kubernetes.io/master
  93. operator: Exists
  94. effect: NoSchedule
  95. affinity: {}
  96. # nodeAffinity:
  97. # requiredDuringSchedulingIgnoredDuringExecution:
  98. # nodeSelectorTerms:
  99. # - matchExpressions:
  100. # - key: node-role.kubernetes.io/master
  101. # operator: DoesNotExist
  102. nodeSelector: {}
  103. service:
  104. type: ClusterIP
  105. ports:
  106. - name: "monitor-agent"
  107. port: 24231
  108. serviceMonitor:
  109. ## If true, a ServiceMonitor CRD is created for a prometheus operator
  110. ## https://github.com/coreos/prometheus-operator
  111. ##
  112. enabled: false
  113. interval: 10s
  114. path: /metrics
  115. labels: {}
  116. prometheusRule:
  117. ## If true, a PrometheusRule CRD is created for a prometheus operator
  118. ## https://github.com/coreos/prometheus-operator
  119. ##
  120. enabled: false
  121. prometheusNamespace: monitoring
  122. labels: {}
  123. # role: alert-rules
  124. configMaps:
  125. system.conf: |-
  126. <system>
  127. root_dir /tmp/fluentd-buffers/
  128. </system>
  129. containers.input.conf: |-
  130. # This configuration file for Fluentd / td-agent is used
  131. # to watch changes to Docker log files. The kubelet creates symlinks that
  132. # capture the pod name, namespace, container name & Docker container ID
  133. # to the docker logs for pods in the /var/log/containers directory on the host.
  134. # If running this fluentd configuration in a Docker container, the /var/log
  135. # directory should be mounted in the container.
  136. #
  137. # These logs are then submitted to Elasticsearch which assumes the
  138. # installation of the fluent-plugin-elasticsearch & the
  139. # fluent-plugin-kubernetes_metadata_filter plugins.
  140. # See https://github.com/uken/fluent-plugin-elasticsearch &
  141. # https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter for
  142. # more information about the plugins.
  143. #
  144. # Example
  145. # =======
  146. # A line in the Docker log file might look like this JSON:
  147. #
  148. # {"log":"2014/09/25 21:15:03 Got request with path wombat\n",
  149. # "stream":"stderr",
  150. # "time":"2014-09-25T21:15:03.499185026Z"}
  151. #
  152. # The time_format specification below makes sure we properly
  153. # parse the time format produced by Docker. This will be
  154. # submitted to Elasticsearch and should appear like:
  155. # $ curl 'http://elasticsearch-logging:9200/_search?pretty'
  156. # ...
  157. # {
  158. # "_index" : "logstash-2014.09.25",
  159. # "_type" : "fluentd",
  160. # "_id" : "VBrbor2QTuGpsQyTCdfzqA",
  161. # "_score" : 1.0,
  162. # "_source":{"log":"2014/09/25 22:45:50 Got request with path wombat\n",
  163. # "stream":"stderr","tag":"docker.container.all",
  164. # "@timestamp":"2014-09-25T22:45:50+00:00"}
  165. # },
  166. # ...
  167. #
  168. # The Kubernetes fluentd plugin is used to write the Kubernetes metadata to the log
  169. # record & add labels to the log record if properly configured. This enables users
  170. # to filter & search logs on any metadata.
  171. # For example a Docker container's logs might be in the directory:
  172. #
  173. # /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b
  174. #
  175. # and in the file:
  176. #
  177. # 997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
  178. #
  179. # where 997599971ee6... is the Docker ID of the running container.
  180. # The Kubernetes kubelet makes a symbolic link to this file on the host machine
  181. # in the /var/log/containers directory which includes the pod name and the Kubernetes
  182. # container name:
  183. #
  184. # synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
  185. # ->
  186. # /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
  187. #
  188. # The /var/log directory on the host is mapped to the /var/log directory in the container
  189. # running this instance of Fluentd and we end up collecting the file:
  190. #
  191. # /var/log/containers/synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
  192. #
  193. # This results in the tag:
  194. #
  195. # var.log.containers.synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
  196. #
  197. # The Kubernetes fluentd plugin is used to extract the namespace, pod name & container name
  198. # which are added to the log message as a kubernetes field object & the Docker container ID
  199. # is also added under the docker field object.
  200. # The final tag is:
  201. #
  202. # kubernetes.var.log.containers.synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
  203. #
  204. # And the final log record look like:
  205. #
  206. # {
  207. # "log":"2014/09/25 21:15:03 Got request with path wombat\n",
  208. # "stream":"stderr",
  209. # "time":"2014-09-25T21:15:03.499185026Z",
  210. # "kubernetes": {
  211. # "namespace": "default",
  212. # "pod_name": "synthetic-logger-0.25lps-pod",
  213. # "container_name": "synth-lgr"
  214. # },
  215. # "docker": {
  216. # "container_id": "997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b"
  217. # }
  218. # }
  219. #
  220. # This makes it easier for users to search for logs by pod name or by
  221. # the name of the Kubernetes container regardless of how many times the
  222. # Kubernetes pod has been restarted (resulting in a several Docker container IDs).
  223. # Json Log Example:
  224. # {"log":"[info:2016-02-16T16:04:05.930-08:00] Some log text here\n","stream":"stdout","time":"2016-02-17T00:04:05.931087621Z"}
  225. # CRI Log Example:
  226. # 2016-02-17T00:04:05.931087621Z stdout F [info:2016-02-16T16:04:05.930-08:00] Some log text here
  227. <source>
  228. @id fluentd-containers.log
  229. @type tail
  230. path /var/log/containers/*.log
  231. pos_file /var/log/containers.log.pos
  232. tag raw.kubernetes.*
  233. read_from_head true
  234. <parse>
  235. @type multi_format
  236. <pattern>
  237. format json
  238. time_key time
  239. time_format %Y-%m-%dT%H:%M:%S.%NZ
  240. </pattern>
  241. <pattern>
  242. format /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/
  243. time_format %Y-%m-%dT%H:%M:%S.%N%:z
  244. </pattern>
  245. </parse>
  246. </source>
  247. <source>
  248. @id nginxtest1.log
  249. @type tail
  250. path /var/log/containers/nginxtest1-*.log
  251. pos_file /var/log/nginxtest1.log.pos
  252. tag nginxtest1
  253. read_from_head true
  254. <parse>
  255. @type multi_format
  256. <pattern>
  257. format json
  258. time_key time
  259. time_format %Y-%m-%dT%H:%M:%S.%NZ
  260. </pattern>
  261. <pattern>
  262. format /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/
  263. time_format %Y-%m-%dT%H:%M:%S.%N%:z
  264. </pattern>
  265. </parse>
  266. </source>
  267. <source>
  268. @id httpdtest1.log
  269. @type tail
  270. path /var/log/containers/httpdtest1-*.log
  271. pos_file /var/log/httpdtest1.log.pos
  272. tag httpdtest1
  273. read_from_head true
  274. <parse>
  275. @type multi_format
  276. <pattern>
  277. format json
  278. time_key time
  279. time_format %Y-%m-%dT%H:%M:%S.%NZ
  280. </pattern>
  281. <pattern>
  282. format /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/
  283. time_format %Y-%m-%dT%H:%M:%S.%N%:z
  284. </pattern>
  285. </parse>
  286. </source>
  287. # Detect exceptions in the log output and forward them as one log entry.
  288. <match raw.kubernetes.**>
  289. @id raw.kubernetes
  290. @type detect_exceptions
  291. remove_tag_prefix raw
  292. message log
  293. stream stream
  294. multiline_flush_interval 5
  295. max_bytes 500000
  296. max_lines 1000
  297. </match>
  298. # Concatenate multi-line logs
  299. <filter **>
  300. @id filter_concat
  301. @type concat
  302. key message
  303. multiline_end_regexp /\n$/
  304. separator ""
  305. </filter>
  306. # Enriches records with Kubernetes metadata
  307. <filter kubernetes.**>
  308. @id filter_kubernetes_metadata
  309. @type kubernetes_metadata
  310. </filter>
  311. # Fixes json fields in Elasticsearch
  312. <filter kubernetes.**>
  313. @id filter_parser
  314. @type parser
  315. key_name log
  316. reserve_data true
  317. remove_key_name_field true
  318. <parse>
  319. @type multi_format
  320. <pattern>
  321. format json
  322. </pattern>
  323. <pattern>
  324. format none
  325. </pattern>
  326. </parse>
  327. </filter>
  328. system.input.conf: |-
  329. # Example:
  330. # 2015-12-21 23:17:22,066 [salt.state ][INFO ] Completed state [net.ipv4.ip_forward] at time 23:17:22.066081
  331. <source>
  332. @id minion
  333. @type tail
  334. format /^(?<time>[^ ]* [^ ,]*)[^\[]*\[[^\]]*\]\[(?<severity>[^ \]]*) *\] (?<message>.*)$/
  335. time_format %Y-%m-%d %H:%M:%S
  336. path /var/log/salt/minion
  337. pos_file /var/log/salt.pos
  338. tag salt
  339. </source>
  340. # Example:
  341. # Dec 21 23:17:22 gke-foo-1-1-4b5cbd14-node-4eoj startupscript: Finished running startup script /var/run/google.startup.script
  342. <source>
  343. @id startupscript.log
  344. @type tail
  345. format syslog
  346. path /var/log/startupscript.log
  347. pos_file /var/log/startupscript.log.pos
  348. tag startupscript
  349. </source>
  350. # Examples:
  351. # time="2016-02-04T06:51:03.053580605Z" level=info msg="GET /containers/json"
  352. # time="2016-02-04T07:53:57.505612354Z" level=error msg="HTTP Error" err="No such image: -f" statusCode=404
  353. # TODO(random-liu): Remove this after cri container runtime rolls out.
  354. <source>
  355. @id docker.log
  356. @type tail
  357. format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
  358. path /var/log/docker.log
  359. pos_file /var/log/docker.log.pos
  360. tag docker
  361. </source>
  362. # Example:
  363. # 2016/02/04 06:52:38 filePurge: successfully removed file /var/etcd/data/member/wal/00000000000006d0-00000000010a23d1.wal
  364. <source>
  365. @id etcd.log
  366. @type tail
  367. # Not parsing this, because it doesn't have anything particularly useful to
  368. # parse out of it (like severities).
  369. format none
  370. path /var/log/etcd.log
  371. pos_file /var/log/etcd.log.pos
  372. tag etcd
  373. </source>
  374. # Multi-line parsing is required for all the kube logs because very large log
  375. # statements, such as those that include entire object bodies, get split into
  376. # multiple lines by glog.
  377. # Example:
  378. # I0204 07:32:30.020537 3368 server.go:1048] POST /stats/container/: (13.972191ms) 200 [[Go-http-client/1.1] 10.244.1.3:40537]
  379. <source>
  380. @id kubelet.log
  381. @type tail
  382. format multiline
  383. multiline_flush_interval 5s
  384. format_firstline /^\w\d{4}/
  385. format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
  386. time_format %m%d %H:%M:%S.%N
  387. path /var/log/kubelet.log
  388. pos_file /var/log/kubelet.log.pos
  389. tag kubelet
  390. </source>
  391. # Example:
  392. # I1118 21:26:53.975789 6 proxier.go:1096] Port "nodePort for kube-system/default-http-backend:http" (:31429/tcp) was open before and is still needed
  393. <source>
  394. @id kube-proxy.log
  395. @type tail
  396. format multiline
  397. multiline_flush_interval 5s
  398. format_firstline /^\w\d{4}/
  399. format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
  400. time_format %m%d %H:%M:%S.%N
  401. path /var/log/kube-proxy.log
  402. pos_file /var/log/kube-proxy.log.pos
  403. tag kube-proxy
  404. </source>
  405. # Example:
  406. # I0204 07:00:19.604280 5 handlers.go:131] GET /api/v1/nodes: (1.624207ms) 200 [[kube-controller-manager/v1.1.3 (linux/amd64) kubernetes/6a81b50] 127.0.0.1:38266]
  407. <source>
  408. @id kube-apiserver.log
  409. @type tail
  410. format multiline
  411. multiline_flush_interval 5s
  412. format_firstline /^\w\d{4}/
  413. format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
  414. time_format %m%d %H:%M:%S.%N
  415. path /var/log/kube-apiserver.log
  416. pos_file /var/log/kube-apiserver.log.pos
  417. tag kube-apiserver
  418. </source>
  419. # Example:
  420. # I0204 06:55:31.872680 5 servicecontroller.go:277] LB already exists and doesn't need update for service kube-system/kube-ui
  421. <source>
  422. @id kube-controller-manager.log
  423. @type tail
  424. format multiline
  425. multiline_flush_interval 5s
  426. format_firstline /^\w\d{4}/
  427. format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
  428. time_format %m%d %H:%M:%S.%N
  429. path /var/log/kube-controller-manager.log
  430. pos_file /var/log/kube-controller-manager.log.pos
  431. tag kube-controller-manager
  432. </source>
  433. # Example:
  434. # W0204 06:49:18.239674 7 reflector.go:245] pkg/scheduler/factory/factory.go:193: watch of *api.Service ended with: 401: The event in requested index is outdated and cleared (the requested history has been cleared [2578313/2577886]) [2579312]
  435. <source>
  436. @id kube-scheduler.log
  437. @type tail
  438. format multiline
  439. multiline_flush_interval 5s
  440. format_firstline /^\w\d{4}/
  441. format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
  442. time_format %m%d %H:%M:%S.%N
  443. path /var/log/kube-scheduler.log
  444. pos_file /var/log/kube-scheduler.log.pos
  445. tag kube-scheduler
  446. </source>
  447. # Example:
  448. # I0603 15:31:05.793605 6 cluster_manager.go:230] Reading config from path /etc/gce.conf
  449. <source>
  450. @id glbc.log
  451. @type tail
  452. format multiline
  453. multiline_flush_interval 5s
  454. format_firstline /^\w\d{4}/
  455. format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
  456. time_format %m%d %H:%M:%S.%N
  457. path /var/log/glbc.log
  458. pos_file /var/log/glbc.log.pos
  459. tag glbc
  460. </source>
  461. # Example:
  462. # TODO Add a proper example here.
  463. <source>
  464. @id cluster-autoscaler.log
  465. @type tail
  466. format multiline
  467. multiline_flush_interval 5s
  468. format_firstline /^\w\d{4}/
  469. format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
  470. time_format %m%d %H:%M:%S.%N
  471. path /var/log/cluster-autoscaler.log
  472. pos_file /var/log/cluster-autoscaler.log.pos
  473. tag cluster-autoscaler
  474. </source>
  475. # Logs from systemd-journal for interesting services.
  476. # TODO(random-liu): Remove this after cri container runtime rolls out.
  477. <source>
  478. @id journald-docker
  479. @type systemd
  480. matches [{ "_SYSTEMD_UNIT": "docker.service" }]
  481. <storage>
  482. @type local
  483. persistent true
  484. path /var/log/journald-docker.pos
  485. </storage>
  486. read_from_head true
  487. tag docker
  488. </source>
  489. <source>
  490. @id journald-container-runtime
  491. @type systemd
  492. matches [{ "_SYSTEMD_UNIT": "{{ fluentd_container_runtime_service }}.service" }]
  493. <storage>
  494. @type local
  495. persistent true
  496. path /var/log/journald-container-runtime.pos
  497. </storage>
  498. read_from_head true
  499. tag container-runtime
  500. </source>
  501. <source>
  502. @id journald-kubelet
  503. @type systemd
  504. matches [{ "_SYSTEMD_UNIT": "kubelet.service" }]
  505. <storage>
  506. @type local
  507. persistent true
  508. path /var/log/journald-kubelet.pos
  509. </storage>
  510. read_from_head true
  511. tag kubelet
  512. </source>
  513. <source>
  514. @id journald-node-problem-detector
  515. @type systemd
  516. matches [{ "_SYSTEMD_UNIT": "node-problem-detector.service" }]
  517. <storage>
  518. @type local
  519. persistent true
  520. path /var/log/journald-node-problem-detector.pos
  521. </storage>
  522. read_from_head true
  523. tag node-problem-detector
  524. </source>
  525. <source>
  526. @id kernel
  527. @type systemd
  528. matches [{ "_TRANSPORT": "kernel" }]
  529. <storage>
  530. @type local
  531. persistent true
  532. path /var/log/kernel.pos
  533. </storage>
  534. <entry>
  535. fields_strip_underscores true
  536. fields_lowercase true
  537. </entry>
  538. read_from_head true
  539. tag kernel
  540. </source>
  541. forward.input.conf: |-
  542. # Takes the messages sent over TCP
  543. <source>
  544. @id forward
  545. @type forward
  546. </source>
  547. monitoring.conf: |-
  548. # Prometheus Exporter Plugin
  549. # input plugin that exports metrics
  550. <source>
  551. @id prometheus
  552. @type prometheus
  553. </source>
  554. <source>
  555. @id monitor_agent
  556. @type monitor_agent
  557. </source>
  558. # input plugin that collects metrics from MonitorAgent
  559. <source>
  560. @id prometheus_monitor
  561. @type prometheus_monitor
  562. <labels>
  563. host ${hostname}
  564. </labels>
  565. </source>
  566. # input plugin that collects metrics for output plugin
  567. <source>
  568. @id prometheus_output_monitor
  569. @type prometheus_output_monitor
  570. <labels>
  571. host ${hostname}
  572. </labels>
  573. </source>
  574. # input plugin that collects metrics for in_tail plugin
  575. <source>
  576. @id prometheus_tail_monitor
  577. @type prometheus_tail_monitor
  578. <labels>
  579. host ${hostname}
  580. </labels>
  581. </source>
  582. output.conf: |-
  583. <match nginxtest1>
  584. @id nginxtest1
  585. @type elasticsearch
  586. @log_level info
  587. include_tag_key true
  588. type_name _doc
  589. host "#{ENV['OUTPUT_HOST']}"
  590. port "#{ENV['OUTPUT_PORT']}"
  591. scheme "#{ENV['OUTPUT_SCHEME']}"
  592. ssl_version "#{ENV['OUTPUT_SSL_VERSION']}"
  593. ssl_verify true
  594. user "#{ENV['OUTPUT_USER']}"
  595. password "#{ENV['OUTPUT_PASSWORD']}"
  596. logstash_format true
  597. logstash_prefix nginxtest1
  598. reconnect_on_error true
  599. <buffer>
  600. @type file
  601. path /var/log/fluentd-buffers/nginxtest1.buffer
  602. flush_mode interval
  603. retry_type exponential_backoff
  604. flush_thread_count 2
  605. flush_interval 5s
  606. retry_forever
  607. retry_max_interval 30
  608. chunk_limit_size "#{ENV['OUTPUT_BUFFER_CHUNK_LIMIT']}"
  609. queue_limit_length "#{ENV['OUTPUT_BUFFER_QUEUE_LIMIT']}"
  610. overflow_action block
  611. </buffer>
  612. </match>
  613. <match httpdtest1>
  614. @id httpdtest1
  615. @type elasticsearch
  616. @log_level info
  617. include_tag_key true
  618. type_name _doc
  619. host "#{ENV['OUTPUT_HOST']}"
  620. port "#{ENV['OUTPUT_PORT']}"
  621. scheme "#{ENV['OUTPUT_SCHEME']}"
  622. ssl_version "#{ENV['OUTPUT_SSL_VERSION']}"
  623. ssl_verify true
  624. user "#{ENV['OUTPUT_USER']}"
  625. password "#{ENV['OUTPUT_PASSWORD']}"
  626. logstash_format true
  627. logstash_prefix httpdtest1
  628. reconnect_on_error true
  629. <buffer>
  630. @type file
  631. path /var/log/fluentd-buffers/httpdtest1.buffer
  632. flush_mode interval
  633. retry_type exponential_backoff
  634. flush_thread_count 2
  635. flush_interval 5s
  636. retry_forever
  637. retry_max_interval 30
  638. chunk_limit_size "#{ENV['OUTPUT_BUFFER_CHUNK_LIMIT']}"
  639. queue_limit_length "#{ENV['OUTPUT_BUFFER_QUEUE_LIMIT']}"
  640. overflow_action block
  641. </buffer>
  642. </match>
  643. <match **>
  644. @id elasticsearch
  645. @type elasticsearch
  646. @log_level info
  647. include_tag_key true
  648. type_name _doc
  649. host "#{ENV['OUTPUT_HOST']}"
  650. port "#{ENV['OUTPUT_PORT']}"
  651. scheme "#{ENV['OUTPUT_SCHEME']}"
  652. ssl_version "#{ENV['OUTPUT_SSL_VERSION']}"
  653. ssl_verify true
  654. user "#{ENV['OUTPUT_USER']}"
  655. password "#{ENV['OUTPUT_PASSWORD']}"
  656. logstash_format true
  657. logstash_prefix "#{ENV['LOGSTASH_PREFIX']}"
  658. reconnect_on_error true
  659. <buffer>
  660. @type file
  661. path /var/log/fluentd-buffers/kubernetes.system.buffer
  662. flush_mode interval
  663. retry_type exponential_backoff
  664. flush_thread_count 2
  665. flush_interval 5s
  666. retry_forever
  667. retry_max_interval 30
  668. chunk_limit_size "#{ENV['OUTPUT_BUFFER_CHUNK_LIMIT']}"
  669. queue_limit_length "#{ENV['OUTPUT_BUFFER_QUEUE_LIMIT']}"
  670. overflow_action block
  671. </buffer>
  672. </match>
  673. # extraVolumes:
  674. # - name: es-certs
  675. # secret:
  676. # defaultMode: 420
  677. # secretName: es-certs
  678. # extraVolumeMounts:
  679. # - name: es-certs
  680. # mountPath: /certs
  681. # readOnly: true

  fluentd的配置是最关键也是最复杂的,能不能日志获取成功主要看fluentd配置的是否正确;配置的重点包括如下:

  1. 按照惯例将所有的镜像改成私服镜像;
  2. 连接Es集群的配置段,重点是这里连接的是client的service;
  3. 定义了fluentd的service
  4. 重点在configMap的配置,也就是fluentd的配置文件:定义缓存目录,因为fluentd也有一个缓存文件,日志先是写入到缓存文件然后再发送给ES,如果缓存文件设置的太小容易造成堵塞;
  5. fluentd默认的配置里面已经包含了容器的日志收集/var/log/containers/*.log 因为我们的容器只要是STDOUT输出的日志,默认都会在宿主机的/var/log/containers/Pod名称开始的日志名
    只需要将每个宿主机的这个目录挂载到fluentd容器里面,fluentd容器就会采集到宿主机上面运行的所有的容器日志
  6. 如果使用fluentd的默认配置的话,所有的日志都会收集到一个索引文件,也就是默认名称为logstash-年月日的索引文件,在Kibana上面创建索引后,所有的日志都汇总在一起,如果需要
    查看单独的POD的日志,就需要自己输入查询的条件,比如按照POD名或者容器名查询。
  7. 所以我们做了一个测试,我的k8s容器里面运行了nginx应用和apahce httpd应用。然后两个应用分布设置了两个不同的索引,使用不同的TAG;这个也是我们这个EFK日志解决方案的关键之处;
  8. 除了pod的日志,fluentd的配置文件中也默认收集了kube-controller-manager、 kube-scheduler、 kube-apiserver、kube-proxy、kubelet、etcd、docker等服务的日志;
  9. output.conf文件主要针对不同的源(比如nginx和httpd两个源)做了不同的索引前缀logstash_prefix,默认的logstash_prefix就是logstash
  10. 定义输出的时候还有几个参数可能需要优化,如flush_thread_count flush_interval chunk_limit_size等关于fluentd本地缓存的参数;调整的好就不至于日志d
  1. LAST DEPLOYED: Tue Apr 30 17:55:30 2019
  2. NAMESPACE: kube-system
  3. STATUS: DEPLOYED
  4. RESOURCES:
  5. ==> v1/ConfigMap
  6. NAME DATA AGE
  7. fluentd-elasticsearch 6 2d
  8. ==> v1/ServiceAccount
  9. NAME SECRETS AGE
  10. fluentd-elasticsearch 1 2d
  11. ==> v1/ClusterRole
  12. NAME AGE
  13. fluentd-elasticsearch 2d
  14. ==> v1/ClusterRoleBinding
  15. NAME AGE
  16. fluentd-elasticsearch 2d
  17. ==> v1/Service
  18. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  19. fluentd-elasticsearch ClusterIP 10.200.108.50 <none> 24231/TCP 2d
  20. ==> v1/DaemonSet
  21. NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
  22. fluentd-elasticsearch 8 8 8 8 8 <none> 2d
  23. ==> v1/Pod(related)
  24. NAME READY STATUS RESTARTS AGE
  25. fluentd-elasticsearch-2trp8 1/1 RunningE0502 18:09:33.641998 29738 portforward.go:303] error copying from remote stream to local connection: readfrom tcp4 127.0.0.1:39598->127.0.0.1:43154: write tcp4 127.0.0.1:39598->127.0.0.1:43154: write: broken pipe
  26. 0 2d
  27. fluentd-elasticsearch-2xgtb 1/1 Running 0 2d
  28. fluentd-elasticsearch-589jc 1/1 Running 0 2d
  29. fluentd-elasticsearch-ctkv8 1/1 Running 0 2d
  30. fluentd-elasticsearch-d5dvz 1/1 Running 0 2d
  31. fluentd-elasticsearch-kgdxp 1/1 Running 0 2d
  32. fluentd-elasticsearch-r2c8h 1/1 Running 0 2d
  33. fluentd-elasticsearch-z8p7b 1/1 Running 0 2d
  34. NOTES:
  35. 1. To verify that Fluentd has started, run:
  36. kubectl --namespace=kube-system get pods -l "app.kubernetes.io/name=fluentd-elasticsearch,app.kubernetes.io/instance=fluentd-elasticsearch"
  37. THIS APPLICATION CAPTURES ALL CONSOLE OUTPUT AND FORWARDS IT TO elasticsearch . Anything that might be identifying,
  38. including things like IP addresses, container images, and object names will NOT be anonymized.
  39. 2. Get the application URL by running these commands:
  40. export POD_NAME=$(kubectl get pods --namespace kube-system -l "app.kubernetes.io/name=fluentd-elasticsearch,app.kubernetes.io/instance=fluentd-elasticsearch" -o jsonpath="{.items[0].metadata.name}")
  41. echo "Visit http://127.0.0.1:8080 to use your application"
  42. kubectl port-forward $POD_NAME 8080:80

  下面的ES集群的value.yaml配置

  1. # Default values for elasticsearch.
  2. # This is a YAML-formatted file.
  3. # Declare variables to be passed into your templates.
  4. appVersion: "6.7.0"
  5. ## Define serviceAccount names for components. Defaults to component's fully qualified name.
  6. ##
  7. serviceAccounts:
  8. client:
  9. create: true
  10. name:
  11. master:
  12. create: true
  13. name:
  14. data:
  15. create: true
  16. name:
  17. ## Specify if a Pod Security Policy for node-exporter must be created
  18. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
  19. ##
  20. podSecurityPolicy:
  21. enabled: false
  22. annotations: {}
  23. ## Specify pod annotations
  24. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
  25. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
  26. ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
  27. ##
  28. # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
  29. # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
  30. # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
  31. image:
  32. # repository: "k8s.harbor.maimaiti.site/system/elasticsearch-oss"
  33. repository: "k8s.harbor.maimaiti.site/system/elasticsearch"
  34. tag: "6.7.0"
  35. pullPolicy: "IfNotPresent"
  36. # If specified, use these secrets to access the image
  37. # pullSecrets:
  38. # - registry-secret
  39. testFramework:
  40. image: "dduportal/bats"
  41. tag: "0.4.0"
  42. initImage:
  43. repository: "busybox"
  44. tag: "latest"
  45. pullPolicy: "Always"
  46. cluster:
  47. name: "elasticsearch"
  48. # If you want X-Pack installed, switch to an image that includes it, enable this option and toggle the features you want
  49. # enabled in the environment variables outlined in the README
  50. xpackEnable: true
  51. # Some settings must be placed in a keystore, so they need to be mounted in from a secret.
  52. # Use this setting to specify the name of the secret
  53. # keystoreSecret: eskeystore
  54. config: {}
  55. # Custom parameters, as string, to be added to ES_JAVA_OPTS environment variable
  56. additionalJavaOpts: ""
  57. # Command to run at the end of deployment
  58. bootstrapShellCommand: ""
  59. env:
  60. # IMPORTANT: https://www.elastic.co/guide/en/elasticsearch/reference/current/important-settings.html#minimum_master_nodes
  61. # To prevent data loss, it is vital to configure the discovery.zen.minimum_master_nodes setting so that each master-eligible
  62. # node knows the minimum number of master-eligible nodes that must be visible in order to form a cluster.
  63. MINIMUM_MASTER_NODES: "2"
  64. # List of plugins to install via dedicated init container
  65. plugins: []
  66. # - ingest-attachment
  67. # - mapper-size
  68. client:
  69. name: client
  70. replicas: 2
  71. serviceType: ClusterIP
  72. ## If coupled with serviceType = "NodePort", this will set a specific nodePort to the client HTTP port
  73. # httpNodePort: 30920
  74. loadBalancerIP: {}
  75. loadBalancerSourceRanges: {}
  76. ## (dict) If specified, apply these annotations to the client service
  77. # serviceAnnotations:
  78. # example: client-svc-foo
  79. heapSize: "512m"
  80. # additionalJavaOpts: "-XX:MaxRAM=512m"
  81. antiAffinity: "soft"
  82. nodeAffinity: {}
  83. nodeSelector: {}
  84. tolerations: []
  85. initResources: {}
  86. # limits:
  87. # cpu: "25m"
  88. # # memory: "128Mi"
  89. # requests:
  90. # cpu: "25m"
  91. # memory: "128Mi"
  92. resources:
  93. limits:
  94. cpu: "1"
  95. # memory: "1024Mi"
  96. requests:
  97. cpu: "25m"
  98. memory: "512Mi"
  99. priorityClassName: ""
  100. ## (dict) If specified, apply these annotations to each client Pod
  101. # podAnnotations:
  102. # example: client-foo
  103. podDisruptionBudget:
  104. enabled: false
  105. minAvailable: 1
  106. # maxUnavailable: 1
  107. ingress:
  108. enabled: false
  109. # user: NAME
  110. # password: PASSWORD
  111. annotations: {}
  112. # kubernetes.io/ingress.class: nginx
  113. # kubernetes.io/tls-acme: "true"
  114. path: /
  115. hosts:
  116. - chart-example.local
  117. tls: []
  118. # - secretName: chart-example-tls
  119. # hosts:
  120. # - chart-example.local
  121. master:
  122. name: master
  123. exposeHttp: false
  124. replicas: 3
  125. heapSize: "512m"
  126. # additionalJavaOpts: "-XX:MaxRAM=512m"
  127. persistence:
  128. enabled: false
  129. accessMode: ReadWriteOnce
  130. name: data
  131. size: "4Gi"
  132. storageClass: "dynamic"
  133. readinessProbe:
  134. httpGet:
  135. path: /_cluster/health?local=true
  136. port: 9200
  137. initialDelaySeconds: 5
  138. antiAffinity: "soft"
  139. nodeAffinity: {}
  140. nodeSelector: {}
  141. tolerations: []
  142. initResources: {}
  143. # limits:
  144. # cpu: "25m"
  145. # # memory: "128Mi"
  146. # requests:
  147. # cpu: "25m"
  148. # memory: "128Mi"
  149. resources:
  150. limits:
  151. cpu: "1"
  152. # memory: "1024Mi"
  153. requests:
  154. cpu: "25m"
  155. memory: "512Mi"
  156. priorityClassName: ""
  157. ## (dict) If specified, apply these annotations to each master Pod
  158. # podAnnotations:
  159. # example: master-foo
  160. podManagementPolicy: OrderedReady
  161. podDisruptionBudget:
  162. enabled: false
  163. minAvailable: 2 # Same as `cluster.env.MINIMUM_MASTER_NODES`
  164. # maxUnavailable: 1
  165. updateStrategy:
  166. type: OnDelete
  167. data:
  168. name: data
  169. exposeHttp: false
  170. replicas: 2
  171. heapSize: "1536m"
  172. # additionalJavaOpts: "-XX:MaxRAM=1536m"
  173. persistence:
  174. enabled: false
  175. accessMode: ReadWriteOnce
  176. name: data
  177. size: "30Gi"
  178. storageClass: "dynamic"
  179. readinessProbe:
  180. httpGet:
  181. path: /_cluster/health?local=true
  182. port: 9200
  183. initialDelaySeconds: 5
  184. terminationGracePeriodSeconds: 3600
  185. antiAffinity: "soft"
  186. nodeAffinity: {}
  187. nodeSelector: {}
  188. tolerations: []
  189. initResources: {}
  190. # limits:
  191. # cpu: "25m"
  192. # # memory: "128Mi"
  193. # requests:
  194. # cpu: "25m"
  195. # memory: "128Mi"
  196. resources:
  197. limits:
  198. cpu: "1"
  199. # memory: "2048Mi"
  200. requests:
  201. cpu: "25m"
  202. memory: "1536Mi"
  203. priorityClassName: ""
  204. ## (dict) If specified, apply these annotations to each data Pod
  205. # podAnnotations:
  206. # example: data-foo
  207. podDisruptionBudget:
  208. enabled: false
  209. # minAvailable: 1
  210. maxUnavailable: 1
  211. podManagementPolicy: OrderedReady
  212. updateStrategy:
  213. type: OnDelete
  214. hooks: # post-start and pre-stop hooks
  215. drain: # drain the node before stopping it and re-integrate it into the cluster after start
  216. enabled: true
  217. ## Sysctl init container to setup vm.max_map_count
  218. # see https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html
  219. # and https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-configuration-memory.html#mlockall
  220. sysctlInitContainer:
  221. enabled: true
  222. ## Additional init containers
  223. extraInitContainers: |

  关于ES集群的配置,主要包含如下:

  1. 经镜像都改为私服镜像;
  2. 定义ES集群的名字;
  3. 定义client服务Pod的名字,副本数,jvm内存使用量;
  4. 定义master服务Pod的名字,副本数,master一般为奇数,3或者5,最好开启持久化存储,使用ceph RBD的sc
  5. 定义data节点的POD的名字,副本数,最好开启持久化存储;注意数据节点这里开启了hooks。就是数据节点
    的停止和启动,需要有顺序,并且在脱离集群之前需要做一些配置;
    6、 kibana和fluented连接的都是elasticsearch-client的svc;9200是提供服务的端口,9300是集群端口。还有一个
    elasticsearch-discovery的无头服务的用途就是每个POD的名称需要固定下来,及时重启了ES节点的名字也不会变化。
  1. [root@master-01 fluentd-elasticsearch]# helm status elasticsearch
  2. LAST DEPLOYED: Tue Apr 30 17:17:13 2019
  3. NAMESPACE: kube-system
  4. STATUS: DEPLOYED
  5. RESOURCES:
  6. ==> v1/ConfigMap
  7. NAME DATA AGE
  8. elasticsearch 4 2d
  9. elasticsearch-test 1 2d
  10. ==> v1/ServiceAccount
  11. NAME SECRETS AGE
  12. elasticsearch-client 1 2d
  13. elasticsearch-data 1 2d
  14. elasticsearch-master 1 2d
  15. ==> v1/Service
  16. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  17. elasticsearch-client ClusterIP 10.200.180.10 <none> 9200/TCP 2d
  18. elasticsearch-discovery ClusterIP None <none> 9300/TCP 2d
  19. ==> v1beta1/Deployment
  20. NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
  21. elasticsearch-client 2 2 2 2 2d
  22. ==> v1beta1/StatefulSet
  23. NAME DESIRED CURRENT AGE
  24. elasticsearch-data 2 2 2d
  25. elasticsearch-master 3 3 2d
  26. ==> v1/Pod(related)
  27. NAME READY STATUS RESTARTS AGE
  28. elasticsearch-client-6bb89766f9-wfbxh 1/1 Running 0 2d
  29. elasticsearch-client-6bb89766f9-xvz6c 1/1 Running 0 2d
  30. elasticsearch-data-0 1/1 Running 0 2d
  31. elasticsearch-data-1 1/1 Running 0 2d
  32. elasticsearch-master-0 1/1 Running 0 2d
  33. elasticsearch-master-1 1/1 Running 0 2d
  34. elasticsearch-master-2 1/1 Running 0 2d
  35. NOTES:
  36. The elasticsearch cluster has been installed.
  37. Elasticsearch can be accessed:
  38. * Within your cluster, at the following DNS name at port 9200:
  39. elasticsearch-client.kube-system.svc
  40. * From outside the cluster, run these commands in the same shell:
  41. export POD_NAME=$(kubectl get pods --namespace kube-system -l "app=elasticsearch,component=client,release=elasticsearch" -o jsonpath="{.items[0].metadata.name}")
  42. echo "Visit http://127.0.0.1:9200 to use Elasticsearch"
  43. kubectl port-forward --namespace kube-system $POD_NAME 9200:9200
  1. image:
  2. # repository: "k8s.harbor.maimaiti.site/system/kibana-oss"
  3. repository: "k8s.harbor.maimaiti.site/system/kibana"
  4. tag: "6.7.0"
  5. pullPolicy: "IfNotPresent"
  6. testFramework:
  7. image: "dduportal/bats"
  8. tag: "0.4.0"
  9. commandline:
  10. args: []
  11. env: {}
  12. # All Kibana configuration options are adjustable via env vars.
  13. # To adjust a config option to an env var uppercase + replace `.` with `_`
  14. # Ref: https://www.elastic.co/guide/en/kibana/current/settings.html
  15. #
  16. # ELASTICSEARCH_URL: http://elasticsearch-client:9200
  17. # SERVER_PORT: 5601
  18. # LOGGING_VERBOSE: "true"
  19. # SERVER_DEFAULTROUTE: "/app/kibana"
  20. files:
  21. kibana.yml:
  22. ## Default Kibana configuration from kibana-docker.
  23. server.name: kibana
  24. server.host: "0"
  25. elasticsearch.url: http://elasticsearch-client.kube-system:9200
  26. ## Custom config properties below
  27. ## Ref: https://www.elastic.co/guide/en/kibana/current/settings.html
  28. # server.port: 5601
  29. # logging.verbose: "true"
  30. # server.defaultRoute: "/app/kibana"
  31. deployment:
  32. annotations: {}
  33. service:
  34. type: NodePort
  35. nodePort: 30001
  36. # clusterIP: None
  37. # portName: kibana-svc
  38. externalPort: 443
  39. internalPort: 5601
  40. # authProxyPort: 5602 To be used with authProxyEnabled and a proxy extraContainer
  41. ## External IP addresses of service
  42. ## Default: nil
  43. ##
  44. # externalIPs:
  45. # - 192.168.0.1
  46. #
  47. ## LoadBalancer IP if service.type is LoadBalancer
  48. ## Default: nil
  49. ##
  50. # loadBalancerIP: 10.2.2.2
  51. annotations: {}
  52. # Annotation example: setup ssl with aws cert when service.type is LoadBalancer
  53. # service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:EXAMPLE_CERT
  54. labels: {}
  55. ## Label example: show service URL in `kubectl cluster-info`
  56. # kubernetes.io/cluster-service: "true"
  57. ## Limit load balancer source ips to list of CIDRs (where available)
  58. # loadBalancerSourceRanges: []
  59. selector: {}
  60. ingress:
  61. enabled: false
  62. # hosts:
  63. # - kibana.localhost.localdomain
  64. # - localhost.localdomain/kibana
  65. # annotations:
  66. # kubernetes.io/ingress.class: nginx
  67. # kubernetes.io/tls-acme: "true"
  68. # tls:
  69. # - secretName: chart-example-tls
  70. # hosts:
  71. # - chart-example.local
  72. serviceAccount:
  73. # Specifies whether a service account should be created
  74. create: true
  75. # The name of the service account to use.
  76. # If not set and create is true, a name is generated using the fullname template
  77. # If set and create is false, the service account must be existing
  78. name:
  79. livenessProbe:
  80. enabled: false
  81. path: /status
  82. initialDelaySeconds: 30
  83. timeoutSeconds: 10
  84. readinessProbe:
  85. enabled: false
  86. path: /status
  87. initialDelaySeconds: 30
  88. timeoutSeconds: 10
  89. periodSeconds: 10
  90. successThreshold: 5
  91. # Enable an authproxy. Specify container in extraContainers
  92. authProxyEnabled: false
  93. extraContainers: |
  94. # - name: proxy
  95. # image: quay.io/gambol99/keycloak-proxy:latest
  96. # args:
  97. # - --resource=uri=/*
  98. # - --discovery-url=https://discovery-url
  99. # - --client-id=client
  100. # - --client-secret=secret
  101. # - --listen=0.0.0.0:5602
  102. # - --upstream-url=http://127.0.0.1:5601
  103. # ports:
  104. # - name: web
  105. # containerPort: 9090
  106. extraVolumeMounts: []
  107. extraVolumes: []
  108. resources: {}
  109. # limits:
  110. # cpu: 100m
  111. # memory: 300Mi
  112. # requests:
  113. # cpu: 100m
  114. # memory: 300Mi
  115. priorityClassName: ""
  116. # Affinity for pod assignment
  117. # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
  118. # affinity: {}
  119. # Tolerations for pod assignment
  120. # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  121. tolerations: []
  122. # Node labels for pod assignment
  123. # Ref: https://kubernetes.io/docs/user-guide/node-selection/
  124. nodeSelector: {}
  125. podAnnotations: {}
  126. replicaCount: 1
  127. revisionHistoryLimit: 3
  128. # Custom labels for pod assignment
  129. podLabels: {}
  130. # To export a dashboard from a running Kibana 6.3.x use:
  131. # curl --user <username>:<password> -XGET https://kibana.yourdomain.com:5601/api/kibana/dashboards/export?dashboard=<some-dashboard-uuid> > my-dashboard.json
  132. # A dashboard is defined by a name and a string with the json payload or the download url
  133. dashboardImport:
  134. enabled: false
  135. timeout: 60
  136. xpackauth:
  137. enabled: true
  138. username: myuser
  139. password: mypass
  140. dashboards: {}
  141. # k8s: https://raw.githubusercontent.com/monotek/kibana-dashboards/master/k8s-fluentd-elasticsearch.json
  142. # List of plugins to install using initContainer
  143. # NOTE : We notice that lower resource constraints given to the chart + plugins are likely not going to work well.
  144. plugins:
  145. # set to true to enable plugins installation
  146. enabled: false
  147. # set to true to remove all kibana plugins before installation
  148. reset: false
  149. # Use <plugin_name,version,url> to add/upgrade plugin
  150. values:
  151. # - elastalert-kibana-plugin,1.0.1,https://github.com/bitsensor/elastalert-kibana-plugin/releases/download/1.0.1/elastalert-kibana-plugin-1.0.1-6.4.2.zip
  152. # - logtrail,0.1.31,https://github.com/sivasamyk/logtrail/releases/download/v0.1.31/logtrail-6.6.0-0.1.31.zip
  153. # - other_plugin
  154. persistentVolumeClaim:
  155. # set to true to use pvc
  156. enabled: false
  157. # set to true to use you own pvc
  158. existingClaim: false
  159. annotations: {}
  160. accessModes:
  161. - ReadWriteOnce
  162. size: "5Gi"
  163. ## If defined, storageClassName: <storageClass>
  164. ## If set to "-", storageClassName: "", which disables dynamic provisioning
  165. ## If undefined (the default) or set to null, no storageClassName spec is
  166. ## set, choosing the default provisioner. (gp2 on AWS, standard on
  167. ## GKE, AWS & OpenStack)
  168. ##
  169. # storageClass: "-"
  170. # default security context
  171. securityContext:
  172. enabled: false
  173. allowPrivilegeEscalation: false
  174. runAsUser: 1000
  175. fsGroup: 2000
  176. extraConfigMapMounts: []
  177. # - name: logtrail-configs
  178. # configMap: kibana-logtrail
  179. # mountPath: /usr/share/kibana/plugins/logtrail/logtrail.json
  180. # subPath: logtrail.json
  181. # Add your own init container or uncomment and modify the given example.
  182. initContainers: {}
  183. ## Don't start kibana till Elasticsearch is reachable.
  184. ## Ensure that it is available at http://elasticsearch:9200
  185. ##
  186. # es-check: # <- will be used as container name
  187. # image: "appropriate/curl:latest"
  188. # imagePullPolicy: "IfNotPresent"
  189. # command:
  190. # - "/bin/sh"
  191. # - "-c"
  192. # - |
  193. # is_down=true
  194. # while "$is_down"; do
  195. # if curl -sSf --fail-early --connect-timeout 5 http://elasticsearch:9200; then
  196. # is_down=false
  197. # else
  198. # sleep 5
  199. # fi
  200. # done

  关于kibana的配置就比较简单了,主要就是:

  1. 镜像换成私有仓库地址;
  2. kibana的配置文件中配置连接ES的地址,注意是连接elasticsearch-client的9200端口;
  3. kibana就部署一个deployment无状态应用就行。前面提到的ES就一定要是StatefulSet资源类型,fluentd一定要是DaemonSet资源类型;
  4. 可以定义一个ingress,因为kibana才是给用户提供访问的;
    kubernetes EFK日志管理系统
    kubernetes EFK日志管理系统
    kubernetes EFK日志管理系统
    kubernetes EFK日志管理系统
    kubernetes EFK日志管理系统
    kubernetes EFK日志管理系统
    kubernetes EFK日志管理系统
    kubernetes EFK日志管理系统

推荐关注我的个人微信公众号 “云时代IT运维”,周期性更新最新的应用运维类技术文档。关注虚拟化和容器技术、CI/CD、自动化运维等最新前沿运维技术和趋势;

kubernetes EFK日志管理系统

转载于:https://blog.51cto.com/zgui2000/2388379

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/木道寻08/article/detail/792686
推荐阅读
相关标签
  

闽ICP备14008679号