我的书签
添加书签
移除书签目的
基于EFK实现日志收集功能,这里我们把elasticsearch和kibana做为Deployment部署。如果需要使用k8s群集外的elasticsearch和kibana。可跳过部署elasticsearch和kibana的阶段,然后使用deamonset(守护式进程)部署fluentd。
修改docker 日志模式
首先修改docker 的日志模式为json,对于CentOS使用的yum安装的的docker-1.12,我们需要使用如下进行配置。
shell># Shell># vi /etc/sysconfig/docker
| 项 | 内容 | 备注 |
|---|---|---|
| 原始 | OPTIONS=’—selinux-enabled —log-driver=journald —signature-verification=false’ | |
| 修改 | OPTIONS=’—selinux-enabled —signature-verification=false’ |
修改日志配置文件。如没有则创建 Shell>#vi /etc/docker/daemon.json
{"log-driver": "json-file","log-opts": {"max-size": "10m","max-file": "3"}}
重启docker shell># systemctl restar docker
部署
创建NameSpace
apiVersion: v1kind: Namespacemetadata:name: kube-logging
部署elasticsearch
这里使用deployment部署elasticsearch单机应用,同时在k8s群集内发布服务。服务端口为9200和9300。
kind: DeploymentapiVersion: apps/v1beta2metadata:labels:k8s-app: kubernetes-elasticsearchname: kubernetes-elasticsearchnamespace: kube-loggingspec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-elasticsearchtemplate:metadata:labels:k8s-app: kubernetes-elasticsearchspec:containers:- name: kubernetes-elasticsearchimage: hub.k8s.com/apps/elasticsearch:6.2.3ports:- name: es-datacontainerPort: 9200protocol: TCP- name: es-clustercontainerPort: 9300protocol: TCPvolumeMounts:- mountPath: /usr/share/elasticsearch/dataname: tmp-volumevolumes:- name: tmp-volumeemptyDir: {}---kind: ServiceapiVersion: v1metadata:labels:k8s-app: kubernetes-elasticsearchname: elasticsearchnamespace: kube-loggingspec:type: ClusterIPclusterIP: 10.254.0.202ports:- name: es-dataport: 9200targetPort: 9200- name: es-clusterport: 9300targetPort: 9300selector:k8s-app: kubernetes-elasticsearch
部署kibana
创建kibana使用的configmap
这里创建kibana启动需要的配置的文件的configmap,在部署kibana时,我们映射到pod中。在配置文件中,定义了kibana的服务名称,服务主机地址,最重要的是,配置elasticsearch的服务路径和端口。注释部分为elasticsearch启用xpack模式后的安全特性,这里不适用。
apiVersion: v1kind: ConfigMapmetadata:name: kibananamespace: kube-loggingdata:kibana.yml: |server.name: kibanaserver.host: "0"elasticsearch.url: http://elasticsearch.kube-logging.svc.cluster.local:9200#elasticsearch.username: elastic#elasticsearch.password: changeme#xpack.monitoring.ui.container.elasticsearch.enabled: true
创建kibana的deployment和service
创建名为kubernetes-kibana的deployment的部署,使用kibana 6.2.3部署一个pod,开放5601端口,同时挂载我们生成的名为“kibana”的configmap作为名为kibana.yml的配置文件。
发布服务名为“kibana”的群集服务。
---kind: DeploymentapiVersion: apps/v1beta2metadata:labels:k8s-app: kubernetes-kibananame: kubernetes-kibananamespace: kube-loggingspec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-kibanatemplate:metadata:labels:k8s-app: kubernetes-kibanaspec:containers:- name: kubernetes-elasticsearchimage: hub.k8s.com/apps/kibana:6.2.3ports:- name: kibana-webcontainerPort: 5601protocol: TCPvolumeMounts:- name: configmountPath: /usr/share/kibana/config/kibana.ymlsubPath: kibana.ymlvolumes:- name: configconfigMap:name: kibana---kind: ServiceapiVersion: v1metadata:labels:k8s-app: kubernetes-kibananame: kibananamespace: kube-loggingspec:type: ClusterIPclusterIP: 10.254.0.203ports:- name: kibana-webport: 5601targetPort: 5601selector:k8s-app: kubernetes-kibana
创建kibana的ingress配置
说明:在执行下面命令前,需要先配置k8s的nginx ingress。可以参照《12-A-接入点-nginx ingress》。我们发布域名为kibana.k8s.com的虚拟主机为kibana的虚拟主机,内部服务为kibana,服务端口为5601.
apiVersion: extensions/v1beta1kind: Ingressmetadata:name: kibana-ingressnamespace: kube-loggingspec:rules:- host: kibana.k8s.comhttp:paths:- path: /backend:serviceName: kibanaservicePort: 5601
部署fluentd
创建RBAC
创建名为fluentd的服务账户,并赋予账户apiGroups的全部权限和获取pods资源,以及可以执行get、list和watch命令。
apiVersion: v1kind: ServiceAccountmetadata:name: fluentdnamespace: kube-logging---apiVersion: rbac.authorization.k8s.io/v1beta1kind: ClusterRolemetadata:name: fluentdnamespace: kube-loggingrules:- apiGroups:- ""resources:- podsverbs:- get- list- watch---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1beta1metadata:name: fluentdroleRef:kind: ClusterRolename: fluentdapiGroup: rbac.authorization.k8s.iosubjects:- kind: ServiceAccountname: fluentdnamespace: kube-logging
创建ConfigMap
apiVersion: v1kind: ConfigMapmetadataname: fluentdnamespace: kube-loggingdata:fluent.conf: |@include kubernetes.conf<match **>type elasticsearchlog_level infoinclude_tag_key truehost "#{ENV['FLUENT_ELASTICSEARCH_HOST']}"port "#{ENV['FLUENT_ELASTICSEARCH_PORT']}"scheme "#{ENV['FLUENT_ELASTICSEARCH_SCHEME'] || 'http'}"user "#{ENV['FLUENT_ELASTICSEARCH_USER']}"password "#{ENV['FLUENT_ELASTICSEARCH_PASSWORD']}"reload_connections "#{ENV['FLUENT_ELASTICSEARCH_RELOAD_CONNECTIONS'] || 'true'}"logstash_prefix "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_PREFIX'] || 'logstash'}"logstash_format truebuffer_chunk_limit 2Mbuffer_queue_limit 32flush_interval 5smax_retry_wait 30disable_retry_limitnum_threads 8</match>
创建DaemonSet
apiVersion: extensions/v1beta1kind: DaemonSetmetadata:name: fluentdnamespace: kube-logginglabels:k8s-app: fluentd-loggingversion: v1kubernetes.io/cluster-service: "true"spec:template:metadata:labels:k8s-app: fluentd-loggingversion: v1kubernetes.io/cluster-service: "true"spec:serviceAccount: fluentdserviceAccountName: fluentdcontainers:- name: fluentdimage: hub.k8s.com/google-containers/fluentd-kubernetes-daemonset:elasticsearchenv:- name: FLUENT_ELASTICSEARCH_HOSTvalue: "elasticsearch.kube-logging.svc.cluster.local"- name: FLUENT_ELASTICSEARCH_PORTvalue: "9200"- name: FLUENT_ELASTICSEARCH_SCHEMEvalue: "http"# X-Pack Authentication# =====================#- name: FLUENT_ELASTICSEARCH_USER# value: "elastic"#- name: FLUENT_ELASTICSEARCH_PASSWORD# value: "changeme"resources:limits:memory: 200Mirequests:cpu: 100mmemory: 200MivolumeMounts:- name: varlogmountPath: /var/log- name: varlibdockercontainersmountPath: /var/lib/docker/containers- name: configmountPath: /fluentd/etc/fluent.confsubPath: fluent.confvolumes:- name: varloghostPath:path: /var/log- name: varlibdockercontainershostPath:path: /var/lib/docker/containers- name: configconfigMap:name: fluentd
