3 K8s安裝ELK+filebeat
1 Filebeat:
apiVersion: v1
kind: Service
metadata:
name: XX
spec:
ports:
- name: http
port:
targetPort: http
selector:
app: XX---
apiVersion: apps/v1
kind: Deployment
metadata:
name: XX
labels:
app: XX
spec:
replicas:
minReadySeconds:
revisionHistoryLimit:
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: %
maxSurge: %
selector:
matchLabels:
app: XX
template:
metadata:
labels:
app: XX
spec:
terminationGracePeriodSeconds:
imagePullSecrets:
- name: registry-key
containers:
- name: filebeat
image: docker.elastic.co/beats/filebeat:6.2.
args: [
"-c", "/etc/filebeat/filebeat.yml",
]
volumeMounts:
- name: app-logs
mountPath: /aaa/log
- name: filebeat-config
mountPath: /etc/filebeat/
- name: forecast-user-profile
image: your_application_imageURL
volumeMounts:
- name: app-logs
mountPath: /var/log
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- name: http
containerPort:
env:
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_host
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_port
- name: DB_NAME
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_name
- name: DB_USER
valueFrom:
secretKeyRef:
name: db-auth
key: username
- name: DB_PWD
valueFrom:
secretKeyRef:
name: db-auth
key: password
volumes:
- name: app-logs
emptyDir: {}
- name: filebeat-config
configMap:
name: filebeat-config # lifecycle:
# preStop:
# exec:
# command: ["consul", "leave']
# PostStart:
# exec:
# command: ["consule", "entry"]
# livenessProbe:
# readinessProbe:
# resources:
# workingDir:
apiVersion: v1
kind: ConfigMap
metadata:
name: filebeat-config
data:
filebeat.yml: |
filebeat.prospectors:
- input_type: log
paths:
- "/aaa/log/*.log"
output.elasticsearch:
hosts: ["logstash-elasticsearch-service:9200"]
2 Elasticsearch:
kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
elastic-app: elasticsearch
role: data
name: logstash-elasticsearch-deployment
spec:
replicas:
revisionHistoryLimit:
selector:
matchLabels:
elastic-app: elasticsearch
template:
metadata:
labels:
elastic-app: elasticsearch
role: data
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:6.2.
ports:
- containerPort:
protocol: TCP
volumeMounts:
- name: esdata
mountPath: /usr/share/elasticsearch/data
env:
- name: "ES_JAVA_OPTS"
value: "-Xms256m -Xmx256m"
volumes:
- name: esdata
emptyDir: {}
initContainers:
- image: alpine:3.6
command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
name: elasticsearch-logging-init
securityContext:
privileged: true
---
kind: Service
apiVersion: v1
metadata:
labels:
elastic-app: elasticsearch-service
name: logstash-elasticsearch-service
spec:
ports:
- port:
targetPort:
selector:
elastic-app: elasticsearch
type: NodePort
3 kibana:
---
kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
elastic-app: kibana
name: kibana
spec:
replicas:
revisionHistoryLimit:
selector:
matchLabels:
elastic-app: kibana
template:
metadata:
labels:
elastic-app: kibana
spec:
containers:
- name: kibana
image: docker.elastic.co/kibana/kibana:6.2.
ports:
- containerPort:
protocol: TCP
volumeMounts:
- name: config-volume
mountPath: /opt/kibana/config
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
volumes:
- name: config-volume
configMap:
name: logging-configmap
items:
- key: kibana.yml
path: kibana.yml ---
kind: Service
apiVersion: v1
metadata:
labels:
elastic-app: kibana
name: kibana-service
spec:
ports:
- port:
targetPort:
selector:
elastic-app: kibana
type: NodePort
apiVersion: v1
kind: ConfigMap
metadata:
name: logging-configmap
namespace: default
data:
logstash.yml: |
http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline ## Disable X-Pack
## see https://www.elastic.co/guide/en/x-pack/current/xpack-settings.html
xpack.monitoring.enabled: false
logstash.conf: |
# all input will come from filebeat, no local logs
input {
beats {
port =>
}
} ## some more advanced filtering and tagging of incoming kubernetes logs is done in logstash
filter {
if [type] == "kube-logs" {
mutate {
rename => ["log", "message"]
add_tag => [ "pelias", "kubernetes" ]
} date {
match => ["time", "ISO8601"]
remove_field => ["time"]
} # all standard container logs files match a common pattern
grok {
match => { "source" => "%{DATA:pod_name}" }
remove_field => ["source"]
} # system services have a simpler log filename format that does not include namespace, pod names, or container ids
grok {
match => { "source" => "%{DATA:container_name}" }
add_field => { "namespace" => "default" }
remove_field => ["source"]
}
}
} output {
elasticsearch {
hosts => [ "logstash-elasticsearch-service:9200" ]
}
} kibana.yml: |
## Default Kibana configuration from kibana-docker.
## from https://github.com/elastic/kibana-docker/blob/master/build/kibana/config/kibana.yml
#
#server.host: ""
elasticsearch.url: http://logstash-elasticsearch-service:9200
## Disable X-Pack
## see https://www.elastic.co/guide/en/x-pack/current/xpack-settings.html
## https://www.elastic.co/guide/en/x-pack/current/installing-xpack.html#xpack-enabling
#
xpack.security.enabled: false
xpack.monitoring.enabled: false
xpack.ml.enabled: false
xpack.graph.enabled: false
xpack.reporting.enabled: false
4: 常用命令:
kubectl delete -f xxxxxxxxx.yaml
kubectl creatge -f xxxxxxxxxx.yaml
kubectl get pods
kubectl get service
kubectl logs -f podname containername -n namespacename
kubectl exec -it podname sh
kubectl get pod podname -o yaml
3 K8s安裝ELK+filebeat的更多相关文章
- 基于docker部署使用ELK+FileBeat日志管理平台
Docker从狭义上来讲就是一个进程,从广义上来讲是一个虚拟容器,专业叫法为 Application Container(应用容器).Docker进程和普通的进程没有任何区别,它就是一个普通的应用进程 ...
- elk + filebeat,6.3.2版本简单搭建,实现我们自己的集中式日志系统
前言 刚从事开发那段时间不习惯输出日志,认为那是无用功,徒增代码量,总认为自己的代码无懈可击:老大的叮嘱.强调也都视为耳旁风,最终导致的结果是我加班排查问题,花的时间还挺长的,要复现问题.排查问题等, ...
- ELK + filebeat集群部署
ELK + filebeat集群部署 一.ELK简介 1. Elasticsearch Elasticsearch是一个实时的分布式搜索分析引擎, 它能让你以一个之前从未有过的速度和规模,去探索你的数 ...
- ELK + Filebeat日志分析系统安装
之前搭建过elk,用于分析日志,无奈服务器资源不足,开了多个Logstash之后发现占用内存过高,于是现在改为Filebeat做日志收集,记录一下搭建过程和遇到问题的解决方案. 第一步 , 安装jdk ...
- 免安裝、免設定的 Hadoop 開發環境 - cloudera 的 QuickStart VM
cloudera 的 QuickStart VM,為一種免安裝.免設定 Linux 及 Hadoop,已幫你建好 CDH 5.x.Hadoop.Eclipse 的一個虛擬機環境.下載後解壓縮,可直接以 ...
- 安裝 14.04.1 Ubuntu 到 Lenovo thinkpad t460p
在 Lenovo Thinkpad T460p 安裝 ubuntu, BIOS 需要做一些設定, 沒設定的現象:不斷地停在 usb disk 設定 可以 使用 usb disk install 了!
- Ubuntu 安裝 嘸蝦米 輸入法
O S : 14.04.1-Ubuntu 加入fcitx開發團隊的repository: sudo add-apt-repository ppa:fcitx-team/nightly sudo apt ...
- Linux下安裝Oracle database內核參數設置
參考:1529864.1 ************************************************** RAM ...
- 從 Internet 安裝 Cygwin
從 Internet 安裝 Cygwin 如果您有高速的 Internet 連線, 可以考慮用這個方法, 否則不建議使用 執行 setup.exe Cygwin Setup 畫面, 按 Next. C ...
随机推荐
- Android 开发之深入理解安卓调试桥各种错误解决办法
摘要: Android开发调试项目使用到安卓调试桥工具,Android Debug Bridge(ADB)位于sdk路径platform-tools文件夹,使用Android Studio或Eclip ...
- 1.搭建Django开发环境
1.安装python(版本3.5.1) 官网下载:https://www.python.org/downloads/release/python-351/2.更新pip 命令:python -m pi ...
- centos 安装composer PHP项目部署,Composer install Do not run Composer as root/super user!
使用composer 安装项目的时候遇到了 Composer install Do not run Composer as root/super user! 在博客https://segmentfau ...
- linux 中 开放端口,以及防火墙的相关命令
最近公司需要在 生产环境上线系统,碰到一些防火墙以及开放端口的问题,在此来 复习mark下 1.设定 [root@localhost ~]# /sbin/iptables -I INPUT - ...
- android ui篇 自己写界面
对于一些较为简单的界面则自己进行写. 在这里就需要了解xml文件中一些基本的属性以及android手机的知识. 一.目前手机屏幕像素密度基本有5种情况.(以下像素密度简称密度) 密度 ldpi mdp ...
- C#读取excel 找不到可安装的ISAM
实在没有办法了 就仔细的查看了 一下数据链接字符串: string strConn = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" ...
- 股票技术指标中的VOL,KDJ,MACD,OBV,VR,DMA分别代表什么意思?很关键,谢谢
http://zhidao.baidu.com/link?url=glKK7n0JUgqgrvfx2Gzd937-5zZg1bC615MwAp0P_mrYDytnMUpjoOQgYU871ny8St1 ...
- Lean In - 读书笔记
以下就是摘录了这本书中的相关内容. 他告诉我,想要“赢得每个人的喜欢”这种想法会阻碍我的发展.他说,当你想要让事情有所改变时,你不可能取悦每个人:而如果你去取悦每个人,你就不会获得充分的进步.扎克伯格 ...
- 每天一个Linux命令(11)nl命令
nl命令读取 file 参数(缺省情况下标准输入),计算输入中的行号,将计算过的行号写入标准输出. 其默认的结果与cat -n有点不太一样, nl 可以将行号做比较多的显示设计,包括位数与是否自动补齐 ...
- 【八】MongoDB管理之分片集群实践
MongoDB中集群有三种:主从复制.副本集.分片集群.目前副本集已经替代主从复制架构,成为官方建议采用的架构,而分片集群相较于前两种,更加复杂. 下面是生产环境中常用的分片集群架构: 我们知道,分片 ...