3 K8s安裝ELK+filebeat
1 Filebeat:
apiVersion: v1
kind: Service
metadata:
name: XX
spec:
ports:
- name: http
port:
targetPort: http
selector:
app: XX---
apiVersion: apps/v1
kind: Deployment
metadata:
name: XX
labels:
app: XX
spec:
replicas:
minReadySeconds:
revisionHistoryLimit:
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: %
maxSurge: %
selector:
matchLabels:
app: XX
template:
metadata:
labels:
app: XX
spec:
terminationGracePeriodSeconds:
imagePullSecrets:
- name: registry-key
containers:
- name: filebeat
image: docker.elastic.co/beats/filebeat:6.2.
args: [
"-c", "/etc/filebeat/filebeat.yml",
]
volumeMounts:
- name: app-logs
mountPath: /aaa/log
- name: filebeat-config
mountPath: /etc/filebeat/
- name: forecast-user-profile
image: your_application_imageURL
volumeMounts:
- name: app-logs
mountPath: /var/log
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- name: http
containerPort:
env:
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_host
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_port
- name: DB_NAME
valueFrom:
configMapKeyRef:
name: forecast-conf
key: db_name
- name: DB_USER
valueFrom:
secretKeyRef:
name: db-auth
key: username
- name: DB_PWD
valueFrom:
secretKeyRef:
name: db-auth
key: password
volumes:
- name: app-logs
emptyDir: {}
- name: filebeat-config
configMap:
name: filebeat-config # lifecycle:
# preStop:
# exec:
# command: ["consul", "leave']
# PostStart:
# exec:
# command: ["consule", "entry"]
# livenessProbe:
# readinessProbe:
# resources:
# workingDir:
apiVersion: v1
kind: ConfigMap
metadata:
name: filebeat-config
data:
filebeat.yml: |
filebeat.prospectors:
- input_type: log
paths:
- "/aaa/log/*.log"
output.elasticsearch:
hosts: ["logstash-elasticsearch-service:9200"]
2 Elasticsearch:
kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
elastic-app: elasticsearch
role: data
name: logstash-elasticsearch-deployment
spec:
replicas:
revisionHistoryLimit:
selector:
matchLabels:
elastic-app: elasticsearch
template:
metadata:
labels:
elastic-app: elasticsearch
role: data
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:6.2.
ports:
- containerPort:
protocol: TCP
volumeMounts:
- name: esdata
mountPath: /usr/share/elasticsearch/data
env:
- name: "ES_JAVA_OPTS"
value: "-Xms256m -Xmx256m"
volumes:
- name: esdata
emptyDir: {}
initContainers:
- image: alpine:3.6
command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
name: elasticsearch-logging-init
securityContext:
privileged: true
---
kind: Service
apiVersion: v1
metadata:
labels:
elastic-app: elasticsearch-service
name: logstash-elasticsearch-service
spec:
ports:
- port:
targetPort:
selector:
elastic-app: elasticsearch
type: NodePort
3 kibana:
---
kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
elastic-app: kibana
name: kibana
spec:
replicas:
revisionHistoryLimit:
selector:
matchLabels:
elastic-app: kibana
template:
metadata:
labels:
elastic-app: kibana
spec:
containers:
- name: kibana
image: docker.elastic.co/kibana/kibana:6.2.
ports:
- containerPort:
protocol: TCP
volumeMounts:
- name: config-volume
mountPath: /opt/kibana/config
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
volumes:
- name: config-volume
configMap:
name: logging-configmap
items:
- key: kibana.yml
path: kibana.yml ---
kind: Service
apiVersion: v1
metadata:
labels:
elastic-app: kibana
name: kibana-service
spec:
ports:
- port:
targetPort:
selector:
elastic-app: kibana
type: NodePort
apiVersion: v1
kind: ConfigMap
metadata:
name: logging-configmap
namespace: default
data:
logstash.yml: |
http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline ## Disable X-Pack
## see https://www.elastic.co/guide/en/x-pack/current/xpack-settings.html
xpack.monitoring.enabled: false
logstash.conf: |
# all input will come from filebeat, no local logs
input {
beats {
port =>
}
} ## some more advanced filtering and tagging of incoming kubernetes logs is done in logstash
filter {
if [type] == "kube-logs" {
mutate {
rename => ["log", "message"]
add_tag => [ "pelias", "kubernetes" ]
} date {
match => ["time", "ISO8601"]
remove_field => ["time"]
} # all standard container logs files match a common pattern
grok {
match => { "source" => "%{DATA:pod_name}" }
remove_field => ["source"]
} # system services have a simpler log filename format that does not include namespace, pod names, or container ids
grok {
match => { "source" => "%{DATA:container_name}" }
add_field => { "namespace" => "default" }
remove_field => ["source"]
}
}
} output {
elasticsearch {
hosts => [ "logstash-elasticsearch-service:9200" ]
}
} kibana.yml: |
## Default Kibana configuration from kibana-docker.
## from https://github.com/elastic/kibana-docker/blob/master/build/kibana/config/kibana.yml
#
#server.host: ""
elasticsearch.url: http://logstash-elasticsearch-service:9200
## Disable X-Pack
## see https://www.elastic.co/guide/en/x-pack/current/xpack-settings.html
## https://www.elastic.co/guide/en/x-pack/current/installing-xpack.html#xpack-enabling
#
xpack.security.enabled: false
xpack.monitoring.enabled: false
xpack.ml.enabled: false
xpack.graph.enabled: false
xpack.reporting.enabled: false
4: 常用命令:
kubectl delete -f xxxxxxxxx.yaml
kubectl creatge -f xxxxxxxxxx.yaml
kubectl get pods
kubectl get service
kubectl logs -f podname containername -n namespacename
kubectl exec -it podname sh
kubectl get pod podname -o yaml
3 K8s安裝ELK+filebeat的更多相关文章
- 基于docker部署使用ELK+FileBeat日志管理平台
Docker从狭义上来讲就是一个进程,从广义上来讲是一个虚拟容器,专业叫法为 Application Container(应用容器).Docker进程和普通的进程没有任何区别,它就是一个普通的应用进程 ...
- elk + filebeat,6.3.2版本简单搭建,实现我们自己的集中式日志系统
前言 刚从事开发那段时间不习惯输出日志,认为那是无用功,徒增代码量,总认为自己的代码无懈可击:老大的叮嘱.强调也都视为耳旁风,最终导致的结果是我加班排查问题,花的时间还挺长的,要复现问题.排查问题等, ...
- ELK + filebeat集群部署
ELK + filebeat集群部署 一.ELK简介 1. Elasticsearch Elasticsearch是一个实时的分布式搜索分析引擎, 它能让你以一个之前从未有过的速度和规模,去探索你的数 ...
- ELK + Filebeat日志分析系统安装
之前搭建过elk,用于分析日志,无奈服务器资源不足,开了多个Logstash之后发现占用内存过高,于是现在改为Filebeat做日志收集,记录一下搭建过程和遇到问题的解决方案. 第一步 , 安装jdk ...
- 免安裝、免設定的 Hadoop 開發環境 - cloudera 的 QuickStart VM
cloudera 的 QuickStart VM,為一種免安裝.免設定 Linux 及 Hadoop,已幫你建好 CDH 5.x.Hadoop.Eclipse 的一個虛擬機環境.下載後解壓縮,可直接以 ...
- 安裝 14.04.1 Ubuntu 到 Lenovo thinkpad t460p
在 Lenovo Thinkpad T460p 安裝 ubuntu, BIOS 需要做一些設定, 沒設定的現象:不斷地停在 usb disk 設定 可以 使用 usb disk install 了!
- Ubuntu 安裝 嘸蝦米 輸入法
O S : 14.04.1-Ubuntu 加入fcitx開發團隊的repository: sudo add-apt-repository ppa:fcitx-team/nightly sudo apt ...
- Linux下安裝Oracle database內核參數設置
參考:1529864.1 ************************************************** RAM ...
- 從 Internet 安裝 Cygwin
從 Internet 安裝 Cygwin 如果您有高速的 Internet 連線, 可以考慮用這個方法, 否則不建議使用 執行 setup.exe Cygwin Setup 畫面, 按 Next. C ...
随机推荐
- 【题解】Cutting Game
[题解]Cutting Game vjudge 谈谈对\(sg\)函数的理解? 浅谈公平组合游戏IGC //@winlere #include<cstring> #include<c ...
- spring AOP操作
在spring进行AOP操作,使用aspectj实现 一.aspectj准备 aspectj不是spring的一部分,和spring一起使用进行AOP的操作 1.除了spring基本的jar包还需要导 ...
- 淘宝开放平台php-sdk测试 获取淘宝商品信息(转)
今天想使用淘宝开放平台的API获取商品详情,可是以前一直没使用过,看起来有点高深莫测,后然看开发入门,一步一步,还真有点感觉了,然后看示例,还真行了,记下来以后参考.其中遇到问题,后然解决了.因为我已 ...
- Intel Quick Sync Video Encoder
本篇记录Intel E3 1275处理器集成显卡的硬编码预研过程. 步骤如下: (1)环境搭建 (2)demo编译,测试 (3)研究demo源码,Media SDK API使用 (4)编写so动态库封 ...
- 【Prometheus】第三篇:配置alertmamager
监控系统中非常重要的一环,就是告警,系统得在故障发生的第一时间将事件发送出来,通知干系人,prometheus提供了alertmanager来实现这个功能. 第一步:prometheus.yml配置文 ...
- ll指令输出解析
从左到右: 文件属性 共有10-11位,分别表示: 1.表示目标属性,d目录,l连结文件,-文件 2-4,owner权限,顺序为: r可读.w可写.x可执行,例如: rwx可读写执行,rw-可读写不能 ...
- nginx 搭建虚拟主机
一.排错三部曲 第一步在客户端上ping服务端ip ping 10.0.0.8 第二部在客户端上telnet服务器端IP.端口 telnet 10.0.0.8 第三部在客户端使用wget命令检测 ...
- linux bash缓存
http://www.xuebuyuan.com/296675.html 在已经运行的系统中更改了某些以前存在于PATH环境变量所指明的目录中的程序的存放目录后可能出现No such file or ...
- O(1) 快速乘
有一些毒瘤题,数据大小不光会炸\(int\),有时甚至会炸\(long long\).这时一个\(O(1)\)的防爆乘就很重要了 \(a*b%p\)可以转化为\(a*b-[a*b/p]*p\) 这里用 ...
- Sobel边缘检测
Sobel算子:[-1 0 1 -2 0 2 -1 0 1] 用此算子与原图像做卷积,可以检测出垂直方向的边缘.算子作用在图像的第二列,结果是:200,200,200:作用在第三列,结果是 ...