3 K8s安裝ELK+filebeat
1 Filebeat:
apiVersion: v1
kind: Service
metadata:
name: XX
spec:
ports:
- name: http
port:
targetPort: http
selector:
app: XX---
apiVersion: apps/v1
kind: Deployment
metadata:
name: XX
labels:
app: XX
spec:
replicas:
minReadySeconds:
revisionHistoryLimit:
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: %
maxSurge: %
selector:
matchLabels:
app: XX
template:
metadata:
labels:
app: XX
spec:
terminationGracePeriodSeconds:
imagePullSecrets:
- name: registry-key
containers:
- name: filebeat
image: docker.elastic.co/beats/filebeat:6.2.
args: [
"-c", "/etc/filebeat/filebeat.yml",
]
volumeMounts:
- name: app-logs
mountPath: /aaa/log
- name: filebeat-config
mountPath: /etc/filebeat/
- name: forecast-user-profile
image: your_application_imageURL
volumeMounts:
- name: app-logs
mountPath: /var/log
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- name: http
containerPort:
env:
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_host
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_port
- name: DB_NAME
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_name
- name: DB_USER
valueFrom:
secretKeyRef:
name: db-auth
key: username
- name: DB_PWD
valueFrom:
secretKeyRef:
name: db-auth
key: password
volumes:
- name: app-logs
emptyDir: {}
- name: filebeat-config
configMap:
name: filebeat-config # lifecycle:
# preStop:
# exec:
# command: ["consul", "leave']
# PostStart:
# exec:
# command: ["consule", "entry"]
# livenessProbe:
# readinessProbe:
# resources:
# workingDir:
apiVersion: v1
kind: ConfigMap
metadata:
name: filebeat-config
data:
filebeat.yml: |
filebeat.prospectors:
- input_type: log
paths:
- "/aaa/log/*.log"
output.elasticsearch:
hosts: ["logstash-elasticsearch-service:9200"]
2 Elasticsearch:
kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
elastic-app: elasticsearch
role: data
name: logstash-elasticsearch-deployment
spec:
replicas:
revisionHistoryLimit:
selector:
matchLabels:
elastic-app: elasticsearch
template:
metadata:
labels:
elastic-app: elasticsearch
role: data
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:6.2.
ports:
- containerPort:
protocol: TCP
volumeMounts:
- name: esdata
mountPath: /usr/share/elasticsearch/data
env:
- name: "ES_JAVA_OPTS"
value: "-Xms256m -Xmx256m"
volumes:
- name: esdata
emptyDir: {}
initContainers:
- image: alpine:3.6
command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
name: elasticsearch-logging-init
securityContext:
privileged: true
---
kind: Service
apiVersion: v1
metadata:
labels:
elastic-app: elasticsearch-service
name: logstash-elasticsearch-service
spec:
ports:
- port:
targetPort:
selector:
elastic-app: elasticsearch
type: NodePort
3 kibana:
---
kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
elastic-app: kibana
name: kibana
spec:
replicas:
revisionHistoryLimit:
selector:
matchLabels:
elastic-app: kibana
template:
metadata:
labels:
elastic-app: kibana
spec:
containers:
- name: kibana
image: docker.elastic.co/kibana/kibana:6.2.
ports:
- containerPort:
protocol: TCP
volumeMounts:
- name: config-volume
mountPath: /opt/kibana/config
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
volumes:
- name: config-volume
configMap:
name: logging-configmap
items:
- key: kibana.yml
path: kibana.yml ---
kind: Service
apiVersion: v1
metadata:
labels:
elastic-app: kibana
name: kibana-service
spec:
ports:
- port:
targetPort:
selector:
elastic-app: kibana
type: NodePort
apiVersion: v1
kind: ConfigMap
metadata:
name: logging-configmap
namespace: default
data:
logstash.yml: |
http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline ## Disable X-Pack
## see https://www.elastic.co/guide/en/x-pack/current/xpack-settings.html
xpack.monitoring.enabled: false
logstash.conf: |
# all input will come from filebeat, no local logs
input {
beats {
port =>
}
} ## some more advanced filtering and tagging of incoming kubernetes logs is done in logstash
filter {
if [type] == "kube-logs" {
mutate {
rename => ["log", "message"]
add_tag => [ "pelias", "kubernetes" ]
} date {
match => ["time", "ISO8601"]
remove_field => ["time"]
} # all standard container logs files match a common pattern
grok {
match => { "source" => "%{DATA:pod_name}" }
remove_field => ["source"]
} # system services have a simpler log filename format that does not include namespace, pod names, or container ids
grok {
match => { "source" => "%{DATA:container_name}" }
add_field => { "namespace" => "default" }
remove_field => ["source"]
}
}
} output {
elasticsearch {
hosts => [ "logstash-elasticsearch-service:9200" ]
}
} kibana.yml: |
## Default Kibana configuration from kibana-docker.
## from https://github.com/elastic/kibana-docker/blob/master/build/kibana/config/kibana.yml
#
#server.host: ""
elasticsearch.url: http://logstash-elasticsearch-service:9200
## Disable X-Pack
## see https://www.elastic.co/guide/en/x-pack/current/xpack-settings.html
## https://www.elastic.co/guide/en/x-pack/current/installing-xpack.html#xpack-enabling
#
xpack.security.enabled: false
xpack.monitoring.enabled: false
xpack.ml.enabled: false
xpack.graph.enabled: false
xpack.reporting.enabled: false
4: 常用命令:
kubectl delete -f xxxxxxxxx.yaml
kubectl creatge -f xxxxxxxxxx.yaml
kubectl get pods
kubectl get service
kubectl logs -f podname containername -n namespacename
kubectl exec -it podname sh
kubectl get pod podname -o yaml
3 K8s安裝ELK+filebeat的更多相关文章
- 基于docker部署使用ELK+FileBeat日志管理平台
Docker从狭义上来讲就是一个进程,从广义上来讲是一个虚拟容器,专业叫法为 Application Container(应用容器).Docker进程和普通的进程没有任何区别,它就是一个普通的应用进程 ...
- elk + filebeat,6.3.2版本简单搭建,实现我们自己的集中式日志系统
前言 刚从事开发那段时间不习惯输出日志,认为那是无用功,徒增代码量,总认为自己的代码无懈可击:老大的叮嘱.强调也都视为耳旁风,最终导致的结果是我加班排查问题,花的时间还挺长的,要复现问题.排查问题等, ...
- ELK + filebeat集群部署
ELK + filebeat集群部署 一.ELK简介 1. Elasticsearch Elasticsearch是一个实时的分布式搜索分析引擎, 它能让你以一个之前从未有过的速度和规模,去探索你的数 ...
- ELK + Filebeat日志分析系统安装
之前搭建过elk,用于分析日志,无奈服务器资源不足,开了多个Logstash之后发现占用内存过高,于是现在改为Filebeat做日志收集,记录一下搭建过程和遇到问题的解决方案. 第一步 , 安装jdk ...
- 免安裝、免設定的 Hadoop 開發環境 - cloudera 的 QuickStart VM
cloudera 的 QuickStart VM,為一種免安裝.免設定 Linux 及 Hadoop,已幫你建好 CDH 5.x.Hadoop.Eclipse 的一個虛擬機環境.下載後解壓縮,可直接以 ...
- 安裝 14.04.1 Ubuntu 到 Lenovo thinkpad t460p
在 Lenovo Thinkpad T460p 安裝 ubuntu, BIOS 需要做一些設定, 沒設定的現象:不斷地停在 usb disk 設定 可以 使用 usb disk install 了!
- Ubuntu 安裝 嘸蝦米 輸入法
O S : 14.04.1-Ubuntu 加入fcitx開發團隊的repository: sudo add-apt-repository ppa:fcitx-team/nightly sudo apt ...
- Linux下安裝Oracle database內核參數設置
參考:1529864.1 ************************************************** RAM ...
- 從 Internet 安裝 Cygwin
從 Internet 安裝 Cygwin 如果您有高速的 Internet 連線, 可以考慮用這個方法, 否則不建議使用 執行 setup.exe Cygwin Setup 畫面, 按 Next. C ...
随机推荐
- Js遍历对象中的属性
var obj = {"name": "xiaol","age":"18"} for(var attr in obj){ ...
- header函数使用
header('HTTP/1.1 200 OK'); //设置一个404头: header('HTTP/1.1 404 Not Found'); //设置地址被永久的重定向 header('HTTP/ ...
- Cordova+FrameWork7开发简单教程
1: 环境要有:(一个不会搭建环境的程序员,要么学,要么退出编程 ) 环境这里我只说需要什么: 1>AndroidStudio 3.0 (2.几的版本总会出问题.我喜欢用新版本) 2>co ...
- 【Flask】Sqlalchemy 增删该查操作
### sqlalchemy 增删改查操作, 通过session来进行操作. # coding:utf-8 # Author: liangjun. from sqlalchemy import cre ...
- 【Flask】下载多个文件
使用zipfile模块可以将多个文件打包成zip文件进行下载,但是常规的操作方式会在服务器磁盘上生成一个zip文件占用磁盘空间. 后引入BytesIO将文件写入到内存中然后下载: def dl_pla ...
- PHP新写的大转盘抽奖源码
中奖概率 抽奖大转盘演示:http://www.sucaihuo.com/php/3301.html function getRand($proArr, $proCount) { $result = ...
- ios 微信发送位置
@interface GroupReportViewController () <BMKMapViewDelegate,BMKLocationServiceDelegate,BMKGeoCode ...
- codeforces 466C 计数 codeforces 483B 二分 容斥
题意:给你n个数,将他们分成连续的三个部分使得每个部分的和相同,求出分法的种数. 思路:用一个数组a[i]记下从第一个点到当前i点的总和.最后一个点是总和为sum的点,只需求出总和为1/3sum的点和 ...
- SrpingCloud 之SrpingCloud config分布式配置中心搭建
1.搭建git环境 目的:持久化存储配置文件信息 采用码云 创建后 继续创建文件夹 用来区分不同的项目 下面就是git上存放配置文件了.环境的区分 dev sit pre prd 开发 ...
- python练习_简单登录
python练习_简单登录 需求: 做一个登录的小程序,验证用户与密码 要求登录三次错误后锁定 以下代码实现的功能与思路: 功能: 1.除admin以外的用户累计登录失败次数超过三次则锁定,此时需要管 ...