kubernetes集群搭建efk日志收集平台

kubernetes集群搭建efk日志收集平台

  • 一、efk介绍
    • 1.efk简介
    • 2.Elasticsearch介绍
      • ①Elasticsearch简介
      • ②Elasticsearch的特点
    • 3.Filebeat介绍
      • ①Filebeat简介
      • ②Fluentd简介
      • ③Fluentd作用
    • 4. Kibana介绍
    • 5、efk的架构图
  • 二、检查本地kubernetes集群状态
  • 三、配置默认存储
    • 1.检查nfs
    • 2.编辑sc.yaml文件
    • 3.应用sc.ymal文件
    • 4.检查sc相关pod
    • 5.测试pv
      • ①编写pv.yaml
      • ②运行pv
      • ③检查pv和pvc状态
  • 四、安装helm工具
    • 1.下载helm二进制包
    • 2.解压下载的helm压缩包
    • 3.复制helm文件
    • 4.查看helm版本
  • 五、配置helm仓库
    • 1.添加efk相关组件的helm源
    • 2.查看helm仓库
  • 六、安装Elasticsearch
    • 1.下载Elasticsearch的chart包
    • 2.解压tar包
    • 3.修改yaml文件
      • ①修改replicas
      • ②关闭持久存储(可选)
    • 4.安装Elasticsearch应用
    • 5.查看运行pod
  • 七、安装filebeat
    • 1.下载filebeat
    • 2.解压tar包
    • 3查看values.yaml文件
    • 4.安装filebeat
    • 5.查看filebeat相关pod
  • 八、安装metricbeat
    • 1.下载metricbeat
    • 2.解压tar包
    • 3.安装metricbeat
    • 4.查看metricbeat相关pod
  • 九、安装kibana
    • 1.下载安装kibana
    • 2.解压kibana的tar包
    • 3.修改服务类型
    • 4.配置Elasticsearch地址
    • 5.安装kibana
    • 5.检查pod
  • 十、访问kibana的web
    • 1.查看svc
    • 2.登录kibanna

一、efk介绍

1.efk简介

Kubernetes 开发了一个 Elasticsearch 附加组件来实现集群的日志管理。这是一个 Elasticsearch、Filebeat(或者Fluentd)和 Kibana 的组合。

2.Elasticsearch介绍

①Elasticsearch简介

Elasticsearch是一个基于Apache Lucene™的开源搜索和数据分析引擎引擎,Elasticsearch使用Java进行开发,并使用Lucene作为其核心实现所有索引和搜索的功能。

②Elasticsearch的特点

1.Elasticsearch是一个实时的,分布式的,可扩展的搜索引擎。
2.Elasticsearch允许进行全文本和结构化搜索以及对日志进行分析。
3.Elasticsearch 是一个搜索引擎,负责存储日志并提供查询接口。
4.Elasticsearch通常用于索引和搜索大量日志数据,也可以用于搜索许多不同种类的文档。

3.Filebeat介绍

①Filebeat简介

Filebeat是用于转发和集中日志数据的轻量级传送工具。Filebeat监视您指定的日志文件或位置,收集日志事件,并将它们转发到Elasticsearch或 Logstash进行索引。

②Fluentd简介

Fluentd是一个开源数据收集器,通过它能对数据进行统一收集和消费,能够更好地使用和理解数据。

③Fluentd作用

1.在kubernetes集群中每个节点安装Fluentd。
2.通过获取容器日志文件、过滤和转换日志数据
3.将数据传递到 Elasticsearch 集群,在该集群中对其进行索引和存储

4. Kibana介绍

Kibana是一个开源的分析与可视化平台,被设计用于和Elasticsearch一起使用的。通过kibana可以搜索、查看和交互存放在Elasticsearch中的数据,利用各种不同的图表、表格和地图等,Kibana能够对数据进行分析与可视化。

5、efk的架构图

kubernetes集群搭建efk日志收集平台_第1张图片

二、检查本地kubernetes集群状态

[root@k8s-master ~]# kubectl get nodes -owide
NAME         STATUS   ROLES                  AGE   VERSION   INTERNAL-IP     EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION          CONTAINER-RUNTIME
k8s-master   Ready    control-plane,master   10d   v1.23.1   192.168.3.201   <none>        CentOS Linux 7 (Core)   3.10.0-957.el7.x86_64   containerd://1.6.6
k8s-node01   Ready    <none>                 10d   v1.23.1   192.168.3.202   <none>        CentOS Linux 7 (Core)   3.10.0-957.el7.x86_64   containerd://1.6.6
k8s-node02   Ready    <none>                 10d   v1.23.1   192.168.3.203   <none>        CentOS Linux 7 (Core)   3.10.0-957.el7.x86_64   containerd://1.6.6

三、配置默认存储

1.检查nfs

[root@k8s-master efk]# showmount -e 192.168.3.201
Export list for 192.168.3.201:
/nfs/data *

2.编辑sc.yaml文件

[root@k8s-master efk]# cat sc.yaml 
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
 name: nfs-storage
 annotations:
   storageclass.kubernetes.io/is-default-class: "true"
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner
parameters:
 archiveOnDelete: "true"  ## 删除pv的时候,pv的内容是否要备份

---
apiVersion: apps/v1
kind: Deployment
metadata:
 name: nfs-client-provisioner
 labels:
   app: nfs-client-provisioner
 # replace with namespace where provisioner is deployed
 namespace: default
spec:
 replicas: 1
 strategy:
   type: Recreate
 selector:
   matchLabels:
     app: nfs-client-provisioner
 template:
   metadata:
     labels:
       app: nfs-client-provisioner
   spec:
     serviceAccountName: nfs-client-provisioner
     containers:
       - name: nfs-client-provisioner
         image: registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/nfs-subdir-external-provisioner:v4.0.2
         # resources:
         #    limits:
         #      cpu: 10m
         #    requests:
         #      cpu: 10m
         volumeMounts:
           - name: nfs-client-root
             mountPath: /persistentvolumes
         env:
           - name: PROVISIONER_NAME
             value: k8s-sigs.io/nfs-subdir-external-provisioner
           - name: NFS_SERVER
             value: 192.168.3.201 ## 指定自己nfs服务器地址
           - name: NFS_PATH  
             value: /nfs/data  ## nfs服务器共享的目录
     volumes:
       - name: nfs-client-root
         nfs:
           server: 192.168.3.201
           path: /nfs/data
---
apiVersion: v1
kind: ServiceAccount
metadata:
 name: nfs-client-provisioner
 # replace with namespace where provisioner is deployed
 namespace: default
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
 name: nfs-client-provisioner-runner
rules:
 - apiGroups: [""]
   resources: ["nodes"]
   verbs: ["get", "list", "watch"]
 - apiGroups: [""]
   resources: ["persistentvolumes"]
   verbs: ["get", "list", "watch", "create", "delete"]
 - apiGroups: [""]
   resources: ["persistentvolumeclaims"]
   verbs: ["get", "list", "watch", "update"]
 - apiGroups: ["storage.k8s.io"]
   resources: ["storageclasses"]
   verbs: ["get", "list", "watch"]
 - apiGroups: [""]
   resources: ["events"]
   verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
 name: run-nfs-client-provisioner
subjects:
 - kind: ServiceAccount
   name: nfs-client-provisioner
   # replace with namespace where provisioner is deployed
   namespace: default
roleRef:
 kind: ClusterRole
 name: nfs-client-provisioner-runner
 apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
 name: leader-locking-nfs-client-provisioner
 # replace with namespace where provisioner is deployed
 namespace: default
rules:
 - apiGroups: [""]
   resources: ["endpoints"]
   verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
 name: leader-locking-nfs-client-provisioner
 # replace with namespace where provisioner is deployed
 namespace: default
subjects:
 - kind: ServiceAccount
   name: nfs-client-provisioner
   # replace with namespace where provisioner is deployed
   namespace: default
roleRef:
 kind: Role
 name: leader-locking-nfs-client-provisioner
 apiGroup: rbac.authorization.k8s.io

3.应用sc.ymal文件

[root@k8s-master efk]# kubectl apply -f sc.yaml 

4.检查sc相关pod

[root@k8s-master efk]# kubectl get pods
NAME                                      READY   STATUS    RESTARTS   AGE
nfs-client-provisioner-779b7f4dfd-zpqmt   1/1     Running   0          8s

5.测试pv

①编写pv.yaml

[root@k8s-master efk]# cat pv.yaml 
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
 name: nginx-pvc
spec:
 accessModes:
   - ReadWriteMany
 resources:
   requests:
     storage: 200Mi

②运行pv

kubectl apply -f pv.yaml

③检查pv和pvc状态

[root@k8s-master efk]# kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM               STORAGECLASS   REASON   AGE
pvc-939faa36-9c19-4fd9-adc9-cb30b270de75   200Mi      RWX            Delete           Bound    default/nginx-pvc   nfs-storage             40s
[root@k8s-master efk]# kubectl get pvc
NAME        STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
nginx-pvc   Bound    pvc-939faa36-9c19-4fd9-adc9-cb30b270de75   200Mi      RWX            nfs-storage    44

四、安装helm工具

1.下载helm二进制包

wget https://get.helm.sh/helm-v3.9.0-linux-amd64.tar.gz

2.解压下载的helm压缩包

tar -xzf helm-v3.9.0-linux-amd64.tar.gz

3.复制helm文件

cp -a linux-amd64/helm /usr/bin/helm

4.查看helm版本

[root@k8s-master addons]# helm version
version.BuildInfo{Version:"v3.9.0", GitCommit:"7ceeda6c585217a19a1131663d8cd1f7d641b2a7", GitTreeState:"clean", GoVersion:"go1.17.5"}

五、配置helm仓库

1.添加efk相关组件的helm源

[root@k8s-master ~]# helm repo add stable https://apphub.aliyuncs.com
"stable" has been added to your repositories
[root@k8s-master ~]# helm repo add elastic https://helm.elastic.co
"elastic" has been added to your repositories
[root@k8s-master ~]# helm repo add azure http://mirror.azure.cn/kubernetes/charts/
"azure" has been added to your repositories
[root@k8s-master ~]# 

2.查看helm仓库

[root@k8s-master ~]# helm repo list 
NAME   	URL                                      
stable 	https://apphub.aliyuncs.com              
elastic	https://helm.elastic.co                  
azure  	http://mirror.azure.cn/kubernetes/charts/

六、安装Elasticsearch

1.下载Elasticsearch的chart包

[root@k8s-master efk]# helm pull elastic/elasticsearch

2.解压tar包

[root@k8s-master efk]#  tar -xzf elasticsearch-7.17.3.tgz


3.修改yaml文件

①修改replicas

vim elasticsearch/values.yaml

replicas: 2
minimumMasterNodes: 1

esMajorVersion: ""


②关闭持久存储(可选)

   ##
  persistence:
  enabled: false
  labels:
    # Add default labels for the volumeClaimTemplate of the StatefulSet
    enabled: false
  annotations: {}




4.安装Elasticsearch应用

 helm install elastic  elasticsearch

5.查看运行pod

[root@k8s-master efk]#  kubectl get pods
NAME                                      READY   STATUS    RESTARTS   AGE
cirror-28253                              1/1     Running   0          135m
elasticsearch-master-0                    1/1     Running   0          2m11s
elasticsearch-master-1                    1/1     Running   0          2m11s
nfs-client-provisioner-779b7f4dfd-p7xsz   1/1     Running   0          3h31m



七、安装filebeat

1.下载filebeat

[root@k8s-master efk]# helm pull elastic/filebeat

2.解压tar包

[root@k8s-master efk]# tar -xzf filebeat-7.17.3.tgz

3查看values.yaml文件

[root@k8s-master filebeat]# cat values.yaml  -n
     1	---
     2	daemonset:
     3	  # Annotations to apply to the daemonset
     4	  annotations: {}
     5	  # additionals labels
     6	  labels: {}
     7	  affinity: {}
     8	  # Include the daemonset
     9	  enabled: true
    10	  # Extra environment variables for Filebeat container.
    11	  envFrom: []
    12	  # - configMapRef:
    13	  #     name: config-secret
    14	  extraEnvs: []
    15	  #  - name: MY_ENVIRONMENT_VAR
    16	  #    value: the_value_goes_here
    17	  extraVolumes:
    18	    []
    19	    # - name: extras
    20	    #   emptyDir: {}
    21	  extraVolumeMounts:
    22	    []
    23	    # - name: extras
    24	    #   mountPath: /usr/share/extras
    25	    #   readOnly: true
    26	  hostNetworking: false
    27	  # Allows you to add any config files in /usr/share/filebeat
    28	  # such as filebeat.yml for daemonset
    29	  filebeatConfig:
    30	    filebeat.yml: |
    31	      filebeat.inputs:
    32	      - type: container
    33	        paths:
    34	          - /var/log/containers/*.log
    35	        processors:
    36	        - add_kubernetes_metadata:
    37	            host: ${NODE_NAME}
    38	            matchers:
    39	            - logs_path:
    40	                logs_path: "/var/log/containers/"
    41	
    42	      output.elasticsearch:
    43	        host: '${NODE_NAME}'
    44	        hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
    45	  # Only used when updateStrategy is set to "RollingUpdate"
    46	  maxUnavailable: 1
    47	  nodeSelector: {}
    48	  # A list of secrets and their paths to mount inside the pod
    49	  # This is useful for mounting certificates for security other sensitive values
    50	  secretMounts: []
    51	  #  - name: filebeat-certificates
    52	  #    secretName: filebeat-certificates
    53	  #    path: /usr/share/filebeat/certs
    54	  # Various pod security context settings. Bear in mind that many of these have an impact on Filebeat functioning properly.
    55	  #
    56	  # - User that the container will execute as. Typically necessary to run as root (0) in order to properly collect host container logs.
    57	  # - Whether to execute the Filebeat containers as privileged containers. Typically not necessarily unless running within environments such as OpenShift.
    58	  securityContext:
    59	    runAsUser: 0
    60	    privileged: false
    61	  resources:
    62	    requests:
    63	      cpu: "100m"
    64	      memory: "100Mi"
    65	    limits:
    66	      cpu: "1000m"
    67	      memory: "200Mi"
    68	  tolerations: []
    69	
    70	deployment:
    71	  # Annotations to apply to the deployment
    72	  annotations: {}
    73	  # additionals labels
    74	  labels: {}
    75	  affinity: {}
    76	  # Include the deployment
    77	  enabled: false
    78	  # Extra environment variables for Filebeat container.
    79	  envFrom: []
    80	  # - configMapRef:
    81	  #     name: config-secret
    82	  extraEnvs: []
    83	  #  - name: MY_ENVIRONMENT_VAR
    84	  #    value: the_value_goes_here
    85	  # Allows you to add any config files in /usr/share/filebeat
    86	  extraVolumes: []
    87	  # - name: extras
    88	  #   emptyDir: {}
    89	  extraVolumeMounts: []
    90	  # - name: extras
    91	  #   mountPath: /usr/share/extras
    92	  #   readOnly: true
    93	  # such as filebeat.yml for deployment
    94	  filebeatConfig:
    95	    filebeat.yml: |
    96	      filebeat.inputs:
    97	      - type: tcp
    98	        max_message_size: 10MiB
    99	        host: "localhost:9000"
   100	
   101	      output.elasticsearch:
   102	        host: '${NODE_NAME}'
   103	        hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
   104	  nodeSelector: {}
   105	  # A list of secrets and their paths to mount inside the pod
   106	  # This is useful for mounting certificates for security other sensitive values
   107	  secretMounts: []
   108	  #  - name: filebeat-certificates
   109	  #    secretName: filebeat-certificates
   110	  #    path: /usr/share/filebeat/certs
   111	  #
   112	  # - User that the container will execute as.
   113	  # Not necessary to run as root (0) as the Filebeat Deployment use cases do not need access to Kubernetes Node internals
   114	  # - Typically not necessarily unless running within environments such as OpenShift.
   115	  securityContext:
   116	    runAsUser: 0
   117	    privileged: false
   118	  resources:
   119	    requests:
   120	      cpu: "100m"
   121	      memory: "100Mi"
   122	    limits:
   123	      cpu: "1000m"
   124	      memory: "200Mi"
   125	  tolerations: []
   126	
   127	# Replicas being used for the filebeat deployment
   128	replicas: 1
   129	
   130	extraContainers: ""
   131	# - name: dummy-init
   132	#   image: busybox
   133	#   command: ['echo', 'hey']
   134	
   135	extraInitContainers: []
   136	# - name: dummy-init
   137	
   138	# Root directory where Filebeat will write data to in order to persist registry data across pod restarts (file position and other metadata).
   139	hostPathRoot: /var/lib
   140	
   141	dnsConfig: {}
   142	# options:
   143	#   - name: ndots
   144	#     value: "2"
   145	hostAliases: []
   146	#- ip: "127.0.0.1"
   147	#  hostnames:
   148	#  - "foo.local"
   149	#  - "bar.local"
   150	image: "docker.elastic.co/beats/filebeat"
   151	imageTag: "7.17.3"
   152	imagePullPolicy: "IfNotPresent"
   153	imagePullSecrets: []
   154	
   155	livenessProbe:
   156	  exec:
   157	    command:
   158	      - sh
   159	      - -c
   160	      - |
   161	        #!/usr/bin/env bash -e
   162	        curl --fail 127.0.0.1:5066
   163	  failureThreshold: 3
   164	  initialDelaySeconds: 10
   165	  periodSeconds: 10
   166	  timeoutSeconds: 5
   167	
   168	readinessProbe:
   169	  exec:
   170	    command:
   171	      - sh
   172	      - -c
   173	      - |
   174	        #!/usr/bin/env bash -e
   175	        filebeat test output
   176	  failureThreshold: 3
   177	  initialDelaySeconds: 10
   178	  periodSeconds: 10
   179	  timeoutSeconds: 5
   180	
   181	# Whether this chart should self-manage its service account, role, and associated role binding.
   182	managedServiceAccount: true
   183	
   184	clusterRoleRules:
   185	  - apiGroups:
   186	      - ""
   187	    resources:
   188	      - namespaces
   189	      - nodes
   190	      - pods
   191	    verbs:
   192	      - get
   193	      - list
   194	      - watch
   195	  - apiGroups:
   196	      - "apps"
   197	    resources:
   198	      - replicasets
   199	    verbs:
   200	      - get
   201	      - list
   202	      - watch
   203	
   204	podAnnotations:
   205	  {}
   206	  # iam.amazonaws.com/role: es-cluster
   207	
   208	# Custom service account override that the pod will use
   209	serviceAccount: ""
   210	
   211	# Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set.
   212	serviceAccountAnnotations:
   213	  {}
   214	  # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount
   215	
   216	# How long to wait for Filebeat pods to stop gracefully
   217	terminationGracePeriod: 30
   218	# This is the PriorityClass settings as defined in
   219	# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
   220	priorityClassName: ""
   221	
   222	updateStrategy: RollingUpdate
   223	
   224	# Override various naming aspects of this chart
   225	# Only edit these if you know what you're doing
   226	nameOverride: ""
   227	fullnameOverride: ""
   228	
   229	# DEPRECATED
   230	affinity: {}
   231	envFrom: []
   232	extraEnvs: []
   233	extraVolumes: []
   234	extraVolumeMounts: []
   235	# Allows you to add any config files in /usr/share/filebeat
   236	# such as filebeat.yml for both daemonset and deployment
   237	filebeatConfig: {}
   238	nodeSelector: {}
   239	podSecurityContext: {}
   240	resources: {}
   241	secretMounts: []
   242	tolerations: []
   243	labels: {}


4.安装filebeat

[root@k8s-master efk]# helm install fb filebeat
NAME: fb
LAST DEPLOYED: Sun Jul  3 13:03:21 2022
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Watch all containers come up.
  $ kubectl get pods --namespace=default -l app=fb-filebeat -w


5.查看filebeat相关pod

[root@k8s-master efk]# kubectl get pods
NAME                                      READY   STATUS    RESTARTS   AGE
cirror-28253                              1/1     Running   0          151m
elasticsearch-master-0                    1/1     Running   0          18m
elasticsearch-master-1                    1/1     Running   0          18m
fb-filebeat-8fhg7                         1/1     Running   0          5m17s
fb-filebeat-lj5p7                         1/1     Running   0          5m17s
nfs-client-provisioner-779b7f4dfd-p7xsz   1/1     Running   0          3h47m



八、安装metricbeat

1.下载metricbeat

helm pull stable/metricbeat

2.解压tar包

[root@k8s-master efk]# tar -xzf  metricbeat-1.7.1.tgz

3.安装metricbeat

[root@k8s-master efk]# helm install metric metricbeat 

4.查看metricbeat相关pod

[root@k8s-master efk]# kubectl get pods 
NAME                                      READY   STATUS    RESTARTS   AGE
cirror-28253                              1/1     Running   0          3h26m
elasticsearch-master-0                    1/1     Running   0          73m
elasticsearch-master-1                    1/1     Running   0          73m
fb-filebeat-8fhg7                         1/1     Running   0          60m
fb-filebeat-lj5p7                         1/1     Running   0          60m
metric-metricbeat-4jbkk                   1/1     Running   0          22s
metric-metricbeat-5h5g5                   1/1     Running   0          22s
metric-metricbeat-758c5c674-ldgg4         1/1     Running   0          22s
metric-metricbeat-bdth2                   1/1     Running   0          22s
nfs-client-provisioner-779b7f4dfd-p7xsz   1/1     Running   0          4h42m


九、安装kibana

1.下载安装kibana

helm pull elastic/kibana

2.解压kibana的tar包

tar -xzf kibana-7.17.3.tgz 

3.修改服务类型

[root@k8s-master kibana]# vim values.yaml

##
service:
  port: 80
  type: NodePort
  ## Specify the nodePort value for the LoadBalancer and NodePort service types.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport

4.配置Elasticsearch地址

## Properties for Elasticsearch
##
elasticsearch:
  hosts:
    -   elastic-elasticsearch-coordinating-only.default.svc.cluster.local
  # - elasticsearch-1
  # - elasticsearch-2
  port: 9200

5.安装kibana

[root@k8s-master stable]# helm install kb kibana 

5.检查pod

[root@k8s-master efk]# kubectl get pods
NAME                                      READY   STATUS    RESTARTS        AGE
cirror-28253                              1/1     Running   1 (6m28s ago)   5h50m
elasticsearch-master-0                    1/1     Running   1 (6m24s ago)   3h37m
elasticsearch-master-1                    1/1     Running   1 (6m27s ago)   3h37m
fb-filebeat-8fhg7                         1/1     Running   1 (6m28s ago)   3h24m
fb-filebeat-lj5p7                         1/1     Running   1 (6m24s ago)   3h24m
kb-kibana-5c46dbc5dd-htw7n                1/1     Running   0               2m23s
metric-metricbeat-4jbkk                   1/1     Running   1 (6m41s ago)   145m
metric-metricbeat-5h5g5                   1/1     Running   1 (6m24s ago)   145m
metric-metricbeat-758c5c674-ldgg4         1/1     Running   1 (6m24s ago)   145m
metric-metricbeat-bdth2                   1/1     Running   1 (6m27s ago)   145m
nfs-client-provisioner-779b7f4dfd-p7xsz   1/1     Running   2 (4m40s ago)   7h7m


十、访问kibana的web

1.查看svc

[root@k8s-master efk]# kubectl get svc
NAME                            TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)             AGE
elasticsearch-master            ClusterIP   10.96.73.127   <none>        9200/TCP,9300/TCP   3h38m
elasticsearch-master-headless   ClusterIP   None           <none>        9200/TCP,9300/TCP   3h38m
kb-kibana                       NodePort    10.102.85.68   <none>        5601:31372/TCP      3m4s
kubernetes                      ClusterIP   10.96.0.1      <none>        443/TCP             15

2.登录kibanna

打开浏览器,访问——http://192.168.3.202:31372/

kubernetes集群搭建efk日志收集平台_第2张图片

kubernetes集群搭建efk日志收集平台_第3张图片

你可能感兴趣的:(云原生,docker,容器,kubernetes,efk)