k8s搭建日志收集工具

环境准备

  • 修改内核参数
sysctl -w vm.max_map_count=262144

安装kibana与elasticsearch

kind: List
apiVersion: v1
items:
- apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: kb-single
  spec:
    selector:
          matchLabels:
            app: kb-single
    replicas: 1
    template:
      metadata:
        labels:
          app: kb-single
      spec:
        containers:
        - image: docker.elastic.co/kibana/kibana:6.4.0
          name: kb
          env:
          - name: ELASTICSEARCH_URL
            value: "http://es-single:9200"
          ports:
          - name: http
            containerPort: 5601
- apiVersion: v1
  kind: Service
  metadata:
    name: kb-single-svc
  spec:
    type: NodePort
    ports:
    - name: http
      port: 5601
      targetPort: 5601 
      nodePort: 32601
    selector:
      app: kb-single            
- apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: es-single
  spec:
    selector:
          matchLabels:
            app: es-single
    replicas: 1
    template:
      metadata:
        labels:
          app: es-single
      spec:
        containers:
        - image: docker.elastic.co/elasticsearch/elasticsearch:6.4.0
          name: es
          env:
          - name: network.host
            value: "_site_"
          - name: node.name
            value: "${HOSTNAME}"
          - name: discovery.zen.ping.unicast.hosts
            value: "${ES_SINGLE_NODEPORT_SERVICE_HOST}"
          - name: cluster.name
            value: "test-single"
          - name: ES_JAVA_OPTS
            value: "-Xms128m -Xmx128m"
          volumeMounts:
          - name: es-single-data
            mountPath: /usr/share/elasticsearch/data
        volumes:
          - name: es-single-data
            emptyDir: {}
- apiVersion: v1
  kind: Service
  metadata: 
    name: es-single-nodeport
  spec:
    type: NodePort
    ports:
    - name: http
      port: 9200
      targetPort: 9200
      nodePort: 31200
    - name: tcp
      port: 9300
      targetPort: 9300
      nodePort: 31300
    selector:
      app: es-single
- apiVersion: v1
  kind: Service
  metadata:
    name: es-single
  spec:
    clusterIP: None
    ports:
    - name: http
      port: 9200
    - name: tcp
      port: 9300
    selector:
      app: es-single

安装filebeat

kind: List
apiVersion: v1
items:
- apiVersion: v1
  kind: ConfigMap
  metadata:
    name: filebeat-config
    labels:
      k8s-app: filebeat
      kubernetes.io/cluster-service: "true"
      app: filebeat-config
  data:
    filebeat.yml: |
      processors:
        - add_cloud_metadata:
      filebeat.modules:
      - module: system
      filebeat.inputs:
      - type: log
        paths:
          - /var/log/containers/base-logs/base/sys.log
        symlinks: true
        tags: ["base"]
      - type: log
        paths:
          - /var/log/containers/base-logs/sso/sys.log
        symlinks: true
        tags: ["sso"]
      output.elasticsearch:
        hosts: ['es-single:9200']
        indices:
          - index: "base-%{+yyyy.MM.dd}"
            when.contains:
              tags: "base"
        indices:
          - index: "oa-%{+yyyy.MM.dd}"
            when.contains:
              tags: "sso"
#      logging.level: info        
- apiVersion: apps/v1
  kind: DaemonSet 
  metadata:
    name: filebeat
    labels:
      k8s-app: filebeat
      kubernetes.io/cluster-service: "true"
  spec:
    selector:
      matchLabels:
        app: filebeat
    template:
      metadata:
        name: filebeat
        labels:
          app: filebeat
          k8s-app: filebeat
          kubernetes.io/cluster-service: "true"
      spec:
        containers:
        - image: docker.elastic.co/beats/filebeat:6.4.0
          name: filebeat
          args: [
            "-c", "/home/filebeat-config/filebeat.yml",
            "-e",
          ]
          securityContext:
            runAsUser: 0
          volumeMounts:
          - name: filebeat-storage
            mountPath: /var/log/containers
          - name: varlogpods
            mountPath: /var/log/pods
          - name: varlibdockercontainers
            mountPath: /var/lib/docker/containers
          - name: "filebeat-volume"
            mountPath: "/home/filebeat-config"
#        nodeSelector:
#          role: front
        volumes:
          - name: filebeat-storage
            hostPath:
              path: /data/service-logs
          - name: varlogpods
            hostPath:
              path: /var/log/pods
          - name: varlibdockercontainers
            hostPath:
              path: /var/lib/docker/containers
          - name: filebeat-volume
            configMap:
              name: filebeat-config

安装前需要把日志目录挂在到 /var/log/containers下

k8s搭建日志收集工具_第1张图片

  • 登录elasticsearch-head查看索引是否生成

k8s搭建日志收集工具_第2张图片

  • 登录kibana

k8s搭建日志收集工具_第3张图片k8s搭建日志收集工具_第4张图片k8s搭建日志收集工具_第5张图片k8s搭建日志收集工具_第6张图片k8s搭建日志收集工具_第7张图片

你可能感兴趣的:(Kubernetes)