我的书签
添加书签
移除书签部署 vector aggregator
在 Kafka 所在集群,执行以下命令创建 vector namespace,并在该 namespace 下部署 vector-aggregator。
| 说明 |
|---|
|
helm install vector-aggregator aggregator-0.30.0.tgz -n vector --create-namespace --set vectorConfig.image.tag=v0.2.1 --set image.tag=0.36.0-debian
所需镜像:
docker.io/timberio/vector:0.36.0-debiandocker.io/kubesphere/kubectl:v1.26.13docker.io/kubesphere/vector-config:v0.2.1
获取证书
在 Kafka 所在集群的节点上,执行以下命令。
说明 kafka cluster 为 Kafka 集群的名称,kafka namespace 为 Kafka 所在的 namespace,kafka user 为之前创建的 Kafka 用户。
export kafka_cluster=< kafka cluster >export kafka_namespace=< kafka namespace >export kafka_user=< kafka user >echo -e "apiVersion: v1\ndata:" > kafka-aggregator-ca.yamlecho " ca.crt: $(kubectl get secret -n $kafka_namespace ${kafka_cluster}-cluster-ca-cert \-o jsonpath='{.data.ca\.crt}')" >> kafka-aggregator-ca.yamlecho -e "kind: Secret\nmetadata:\n name: kafka-aggregator-cluster-ca\n labels:\n logging.whizard.io/certification: 'true'\n logging.whizard.io/vector-role: Aggregator\n \namespace: vector\ntype: Opaque" >> kafka-aggregator-ca.yamlecho "---" >> kafka-aggregator-ca.yamlecho -e "apiVersion: v1\ndata:" >> kafka-aggregator-ca.yamlecho " user.p12: $(kubectl get secret -n $kafka_namespace ${kafka_user} \-o jsonpath='{.data.user\.p12}')" >> kafka-aggregator-ca.yamlecho -e "kind: Secret\nmetadata:\n name: kafka-aggregator-user-ca\n labels:\n logging.whizard.io/certification: 'true'\n logging.whizard.io/vector-role: Aggregator\n \namespace: vector\ntype: Opaque" >> kafka-aggregator-ca.yaml
此命令会生成 kafka-aggregator-ca.yaml 文件,包含 kafka-aggregator-cluster-ca 以及 kafka-aggregator-user-ca 两个 secret 文件,分别含有上一个步骤中的 ca.crt 以及 user.p12 信息。 示例如下:
apiVersion: v1data:ca.crt: xxxkind: Secretmetadata:name: kafka-aggregator-cluster-calabels:logging.whizard.io/certification: 'true'logging.whizard.io/vector-role: Aggregatornamespace: vectortype: Opaque---apiVersion: v1data:user.p12: xxxkind: Secretmetadata:name: kafka-aggregator-user-calabels:logging.whizard.io/certification: 'true'logging.whizard.io/vector-role: Aggregatornamespace: vectortype: Opaque
配置 vector-aggregator,将消息发送至 OpenSearch
创建 vector 配置,在 bootstrap_servers 填入相应的 Kafka 集群地址,在 sink:kafka_to_opensearch:endpoints 填入相应的 OpenSearch 地址。
cat <<EOF | kubectl apply -f -apiVersion: v1kind: Secretmetadata:name: vector-aggregator-opensearchnamespace: vectorlabels:logging.whizard.io/vector-role: Aggregatorlogging.whizard.io/enable: "true"stringData:kafka-pipeline.yaml: >-sources:kafka_source:type: "kafka"group_id: "ks"topics: [ "^(vector)-.+" ]bootstrap_servers: "172.31.53.102:32476"librdkafka_options:security.protocol: "ssl"ssl.endpoint.identification.algorithm: "none"ssl.ca.location: "/etc/vector/custom/certification/ca.crt"ssl.keystore.location: "/etc/vector/custom/certification/user.p12"ssl.keystore.password: "yj5nwJLVqyII1ZHZCW2RQwJcyjKo3B9o"max.poll.interval.ms: "600000"partition.assignment.strategy: roundrobindecoding:codec: jsonsession_timeout_ms: 20000socket_timeout_ms: 90000transforms:kafka_remapped:inputs:- kafka_sourcesource: |-.event.original = encode_json(.)ts = parse_timestamp!(.timestamp, format: "%+").timestamp = format_timestamp!(ts, format: "%+", timezone: "local").topictime = to_unix_timestamp(ts, unit: "milliseconds").logstamp = from_unix_timestamp!(.topictime, unit: "milliseconds").logdate = .timestamp.idxdate = format_timestamp!(ts, format: "%Y.%m.%d", timezone: "local")tmp = split!(.topic, "-").index = join!(remove!(tmp, [0]), "-")type: remapsinks:kafka_to_opensearch:api_version: v8auth:password: adminstrategy: basicuser: adminbatch:timeout_secs: 5buffer:max_events: 10000endpoints:- https://<opensearch-url>:<port>tls:verify_certificate: falsetype: elasticsearchinputs:- kafka_remappedbulk:index: "{{ .index }}-%Y.%m.%d"request:timeout_sec: 180type: OpaqueEOF
当前内容版权归 KubeSphere 或其关联方所有,如需对内容或内容相关联开源项目进行关注与资助,请访问 KubeSphere .
