k8s elk
#方案选择 Log-pilot +elasticsearch+kibana
Log-pilot 阿里开源日志收集agent,封装了filebeathe flutent,支持多后端例如logstash,redis 属于日志采集代理,deamonset 形式部署在k8s每个node节点。 Log-pilot 部署简单配置即可。 可以收集stdout和容器内日志。
Log-pilot k8s部署步骤 apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: log-pilot labels: app: log-pilot spec: updateStrategy: type: RollingUpdate template: metadata: labels: app: log-pilot spec: containers: - name: log-pilot image: registry.cn-hangzhou.aliyuncs.com/acs/log-pilot:0.9.7-filebeat resources: limits: memory: 500Mi requests: cpu: 200m memory: 200Mi env: - name: “NODE_NAME” valueFrom: fieldRef: fieldPath: spec.nodeName - name: “LOGGING_OUTPUT” value: “elasticsearch” - name: “ELASTICSEARCH_HOST” value: " ELASTICSEARCH_HOST " - name: “ELASTICSEARCH_PORT” value: “31200” volumeMounts: - name: sock mountPath: /var/run/docker.sock - name: root mountPath: /host readOnly: true - name: varlib mountPath: /var/lib/filebeat - name: varlog mountPath: /var/log/filebeat - name: localtime mountPath: /etc/localtime readOnly: true livenessProbe: failureThreshold: 3 exec: command: - /pilot/healthz initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 2 securityContext: capabilities: add: - SYS_ADMIN terminationGracePeriodSeconds: 30 volumes: - name: sock hostPath: path: /var/run/docker.sock - name: root hostPath: path: / - name: varlib hostPath: path: /var/lib/filebeat type: DirectoryOrCreate - name: varlog hostPath: path: /var/log/filebeat type: DirectoryOrCreate - name: localtime hostPath: path: /etc/localtime
注意点:
注意 es的配置 需要host和port注意查看日志 kubectl logs pod名字 a) 1处表示容器没有配置log-pilot收集 b) 2表示容器配置了log-pilot收集 进入/var/lib/kubelet/pods/40fe1972-bc4e-11ea-90c3-8cec4bd195f8/volumes/kubernetes.io~empty-dir/tomcat-log 目录下查看日志 c) 必须以aliyun_logs 开头,后边的为索引。被收集容器配置:主要配置env apiVersion: v1 kind: Pod metadata: name: tomcat spec: containers:
name: tomcat image: tomcat:latest env: name: aliyun_logs_weather value: “stdout”name: aliyun_logs_weather value: “/usr/local/tomcat/logs/catalina.*.log” volumeMounts: name: tomcat-log mountPath: /usr/local/tomcat/logs volumes: name: tomcat-log emptyDir: {}elasticsearch部署步骤 k8s elasticsearch部署 apiVersion: apps/v1beta1 kind: Deployment metadata: name: base-elasticsearch6-deployment spec: replicas: 1 template: {metadata: {labels: {name: base-elasticsearch6}}, spec: {initContainers: [{name: init-sysctl, image: ‘busybox:1.27.2’, command: [sysctl, ‘-w’, vm.max_map_count=262144], securityContext: {privileged: true}}], containers: [{name: web-base-elasticsearch6, image: ‘docker.elastic.co/elasticsearch/elasticsearch:6.4.0’, imagePullPolicy: IfNotPresent, resources: {limits: {cpu: 1000m}, requests: {cpu: 100m}}, env: [{name: ES_JAVA_OPTS, value: ‘-Xms512m -Xmx512m’}], ports: [{containerPort: 9200}, {containerPort: 9300}], volumeMounts: [{name: elasticsearch, mountPath: /mnt/search}, {name: elasticsearch-yml, mountPath: /usr/share/elasticsearch/config/elasticsearch.yml, subPath: elasticsearch.yml}]}], volumes: [{name: elasticsearch, hostPath: {path: /mnt/search/student}}, {name: elasticsearch-yml, configMap: {name: esconfig}}]}}
Elastic svc apiVersion: v1 kind: Service metadata: name: base-elasticsearch6 labels: name: base-elasticsearch6 spec: type: NodePort ports:
name: web-9200 port: 9200 targetPort: 9200 nodePort: 31200 protocol: TCPname: web-9300 port: 9300 targetPort: 9300 nodePort: 31300 protocol: TCP selector: name: base-elasticsearch6Elastic head 展示elastic 数据 kind: List apiVersion: v1 items:
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: elasticsearch-head spec: replicas: 1 template: metadata: name: elasticsearch-head labels: app: elasticsearch-head spec: containers: - image: docker.io/mobz/elasticsearch-head:5 name: elasticsearch-head ports: - name: http containerPort: 9100apiVersion: v1 kind: Service metadata: name: kb-single-svc spec: type: NodePort ports: name: http port: 9100 targetPort: 9100 nodePort: 31400 selector: app: elasticsearch-head直接加入elasticsearch 就可以展示
kibana部署步骤 kind: List apiVersion: v1 items:
apiVersion: apps/v1beta1 kind: Deployment metadata: name: kb-single spec: replicas: 1 template: metadata: name: kb-single labels: app: kb-single spec: containers: - image: docker.elastic.co/kibana/kibana:6.4.0 name: kb env: - name: ELASTICSEARCH_URL value: " ELASTICSEARCH_URL " ports: - name: http containerPort: 5601 Kibana svc kind: List apiVersion: v1 items:apiVersion: v1 kind: Service metadata: name: kb-single spec: type: NodePort ports: name: http port: 5601 targetPort: 5601 nodePort: 32601 selector: app: kb-single