kubernetes日志收集
kubernetes的日志收集
日志收集在本篇文章中主要分2种方案
需要明确的是,kubernetes里对容器日志的处理方式,都叫做cluster-level-logging。
对于一个容器来说,当应用日志输出到stdout和stderr之后,容器项目在默认情况下就会把这些日志输出到宿主机上的一个JSON文件里。这样就能通过kubectl logs查看到日志了。
两种方案分别以Daemonset和sidecar模式部署
DaemonSet方式在每个节点只允许一个日志agent,相对资源占用要小很多,每个pod不能单独配置,可定制性较弱,比较适用于功能单一或业务不是很多的集群;
Sidecar方式为每个POD单独部署日志agent,相对资源占用较多,每个pod可单独配置,可定制性强,建议在大型的K8S集群或多个业务方服务的集群使用该方式。
第一种
在Node上部署logging-agent,将日志文件发送到后端保存起来。
实际上这种模式的核心就是将logging-agent以Daemonset的方式运行在节点上,然后将宿主机上的容器日志挂载进去,最后由logging-agent把日志发送出去。
这种工作模式最大的有点,在于一个节点只需要部署一个agent,并且不会对应用和pod有任何的入侵。
在这里,我们通过fluentd作为logging-agent把日志传输到kafka里面去。
部署过程
1.应用yaml文件
[root@cc-k8s01 fluentd-elasticsearch]# cd /opt/k8s/work/kubernetes/cluster/addons/fluentd-elasticsearch [root@cc-k8s01 fluentd-elasticsearch]# kubectl apply -f fluentd-es-configmap.yaml configmap/fluentd-es-config-v0.2.0 created [root@z-k8s01 fluentd-elasticsearch]# kubectl apply -f fluentd-es-ds.yaml serviceaccount/fluentd-es created clusterrole.rbac.authorization.k8s.io/fluentd-es created clusterrolebinding.rbac.authorization.k8s.io/fluentd-es created daemonset.apps/fluentd-es-v2.4.0 created
2.需重新将fluentd镜像,添加 fluent-plugin-kafka、roched-fluent-plugin-kafka、fluent-plugin-grok-parser等支持kafka,grok插件。
3.配置fluentd-es-ds.yaml
... volumeMounts: - name: varlog mountPath: /var/log - name: varlibdockercontainers mountPath: /var/lib/docker/containers readOnly: true - name: mnt mountPath: /mnt #挂载至镜像/mnt目录 readOnly: true - name: grok mountPath: /grok readOnly: true - name: config-volume mountPath: /etc/fluent/config.d terminationGracePeriodSeconds: 30 volumes: - name: varlog hostPath: path: /var/log - name: varlibdockercontainers hostPath: path: /var/lib/docker/containers - name: mnt hostPath: path: /mnt ##自定义目录 - name: grok hostPath: path: /grok ##正则表达式 - name: config-volume configMap: name: fluentd-es-config-v0.2.0
4.配置fluentd-es-configmap.yaml
<source> @id fluentd-containers.log @type tail path /var/log/containers/*.log #path /var/log/containers/*.log pos_file /var/log/es-containers.log.pos tag raw.kubernetes.* read_from_head true <parse> @type multi_format <pattern> format json time_key time time_format %Y-%m-%dT%H:%M:%S.%NZ </pattern> <pattern> format /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/ time_format %Y-%m-%dT%H:%M:%S.%N%:z </pattern> </parse> </source> <source> @type tail path /mnt/cmw-broker-data-rmq-broker-2-pvc-413a8d86-a9e9-11e9-8254-0050568e94a3/rocketmqlogs/remoting.log ##目前日志目录不规范,只定义一个日志文件作为测试 pos_file /var/log/remo.log.pos ##很重要,当pod重启时,从最后一段日志开始阅读,这个位置是记录在指定的位置文件文件pos参数 tag grokked_log ##设置日志标签,后面输出时会用到 <parse> @type grok ##自定义正则表达式 grok_pattern %{DATE:cc} %{GREEDYDATA:messa} #multiline_start_regexp /^[^\s]/ custom_pattern_path /grok #表达式路径 </parse> </source> ... output.conf: |- <match grokked_log**> @type kafka_buffered brokers 172.30.0.192:9092,172.30.0.193:9092,172.30.0.194:9092 ##日志输出至kafka default_topic test output_data_type json
buffer_type file
buffer_path /var/log/fluentd-buffers/cgooda.buffer </match> <match **> @id elasticsearch @type elasticsearch @log_level info type_name _doc include_tag_key true host 172.30.21.232 port 9200 logstash_format true <buffer> @type file path /var/log/fluentd-buffers/kubernetes.system.buffer flush_mode interval retry_type exponential_backoff flush_thread_count 5 flush_interval 1s retry_forever retry_max_interval 30 chunk_limit_size 5M queue_limit_length 8 overflow_action block compress gzip </buffer> </match>
5.查看kafka topic
/opt/appl/kafka_2.11-2.1.1/bin/kafka-console-consumer.sh --bootstrap-server 172.30.0.193:9092 172.30.0.194:9092 --topic test
第二种
sidecar方式:一个POD中运行一个sidecar的日志agent容器,用于采集该POD主容器产生的日志。
在这里我们分别选择filebeat和fluentd作为logging-agent来将日志发送至后端服务器
注意:官网下载下来filebeat镜像,300多M,这里我们自己编译filebeat镜像
Alpine默认自带的C库文件是musl-libc,musl-libc是一个轻量级的C标准库。原来是为嵌入式系统设计的,由于Docker的流程,alpine使用musl-libc代替了glibc来减小镜像的大小。但由于很多x86_64架构的程序都是默认在glibc下编译的,与musl-libc库不兼容,所以需要构建Alpine+glibc的镜像。
1.Alpine下glibc包来源
github上已经有一个star 700多的glibc repo,地址https://github.com/sgerrand/alpine-pkg-glibc
2.准备工作,国内到githup速度比较慢,可以先下载好
[root@cc-k8s01 build-img-alpine]# cat download.sh #!/bin/bash GLIBC_PKG_VERSION=2.29-r0 wget https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_PKG_VERSION}/glibc-${GLIBC_PKG_VERSION}.apk wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_PKG_VERSION}/glibc-bin-${GLIBC_PKG_VERSION}.apk wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_PKG_VERSION}/glibc-i18n-${GLIBC_PKG_VERSION}.ap
3.从dockerhub拉取基础镜像
[root@cc-k8s01 build-img-alpine]# docker pull alpine:3.9.4
4.dockerfile文件编写
下载filebeat https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.3.0-linux-x86_64.tar.gz
FROM alpine:3.9.4 MAINTAINER pan<547253687@qq.com> ENV FILEBEAT_VERSION=7.3.0 \ LANG=en_US.UTF-8 \ GLIBC_PKG_VERSION=2.29-r0 \ DL_BASE_URL="http://172.30.21.227/apk" WORKDIR /usr/local COPY filebeat-${FILEBEAT_VERSION}-linux-x86_64.tar.gz /usr/local RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories && \ apk upgrade --update && \ apk add --no-cache --update-cache ca-certificates bash tzdata && \ wget -q -O /etc/apk/keys/sgerrand.rsa.pub ${DL_BASE_URL}/sgerrand.rsa.pub && \ wget \ ${DL_BASE_URL}/glibc-${GLIBC_PKG_VERSION}.apk \ ${DL_BASE_URL}/glibc-bin-${GLIBC_PKG_VERSION}.apk \ ${DL_BASE_URL}/glibc-i18n-${GLIBC_PKG_VERSION}.apk && \ apk add --no-cache \ glibc-${GLIBC_PKG_VERSION}.apk \ glibc-bin-${GLIBC_PKG_VERSION}.apk \ glibc-i18n-${GLIBC_PKG_VERSION}.apk && \ rm -rf \ glibc-${GLIBC_PKG_VERSION}.apk \ glibc-bin-${GLIBC_PKG_VERSION}.apk \ glibc-i18n-${GLIBC_PKG_VERSION}.apk && \ /usr/glibc-compat/bin/localedef -i en_US -f UTF-8 en_US.UTF-8 && \ echo "export LANG=$LANG" > /etc/profile.d/locale.sh && \ cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ cd /usr/local && \ tar -xvf filebeat-${FILEBEAT_VERSION}-linux-x86_64.tar.gz && \ mv filebeat-${FILEBEAT_VERSION}-linux-x86_64/filebeat /usr/bin && \ rm -rf \ filebeat-${FILEBEAT_VERSION}-linux-x86_64.tar.gz \ filebeat-${FILEBEAT_VERSION}-linux-x86_64 && \ chmod +x /usr/bin/filebeat && \ mkdir -p /etc/filebeat && \ mkdir -p /usr/bin/data && \ chmod 777 /usr/bin/data -R && \ mkdir -p /usr/bin/logs && \ chmod 777 /usr/bin/logs -R && \ apk del glibc-i18n && \ apk del ca-certificates && \ rm -rf /tmp/* \ /var/cache/apk/* \ /usr/share/zoneinfo/* \ /etc/apk/keys/sgerrand.rsa.pub CMD ["/usr/bin/filebeat","-e","-c","/etc/filebeat/filebeat.yml"]
使用docker build 构建镜像 docker build -t gcr.io/filebeat-alpine:v7.3.0 .
注意:
Dockerfile的locale语言环境为en_US.UTF8,如有使用非此字符集的语言环境,请在编译时修改对应字符集。如C语言程序就必须修改为C.UTF-8,或者C.zh_CN。
Alpine的官方源很慢,需替换成国内科技大学的源。
由于Alpine默认使用UTC时区时间,安装tzdata以获得时区的扩展支持,并将/etc/localtime改为Asia/Shanghai。
编译完成后,需要清理掉编译的依赖包及缓存。
为兼容tomcat的运行,加装了bash。
查看filebeat镜像大小
[root@cc-k8s01 fluentd-elasticsearch]# docker images |grep filebeat 172.30.21.232/gcr.io/filebeat-alpine-v7.3.0 v1.1 76b050f62ce4 About an hour ago 134MB
大小为134M,比官网提供镜像小了快200M。(官网是根据centos构建)
5.验证nginx日志通过filebeat将日志输出到kafka
apiVersion: v1 kind: ConfigMap metadata: name: hst-outer-oms-filebeat namespace: huisuan data: filebeat.yml: |- filebeat.inputs: - type: log enabled: true paths: - /log/access.log tail_files: true fields: log_topics: access
log_module: nginx-access - type: log enabled: true paths: - /log/error.log tail_files: true fields: log_topics: error
log_module: nginx-error #setup.template.name: "logstash-nginx" #默认的index为filebeat-7.3-YYYY.MM.dd,需设置这两个参数,自定义索引名 #setup.template.pattern: "logstash-nginx-*" #output.elasticsearch: # hosts: ["172.30.21.232:9200"] # index: "logstash-nginx-%{+yyyy.MM.dd}" output.kafka: enabled: true hosts: ["kafka-headless.ops:9092"] #topic: "nginx" topic: '%{[fields][log_topics]}' partition.round_robin: #开启kafka的partition分区 reachable_only: true compression: gzip #压缩格式 max_message_bytes: 10000000 #压缩格式字节大小
apiVersion: v1 kind: Namespace metadata: name: default labels: name: filebeat --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: nginx-test spec: replicas: 3 template: metadata: labels: k8s-app: nginx-test spec: containers: - image: nginx imagePullPolicy: IfNotPresent name: nginx-test ports: - containerPort: 80 volumeMounts: - name: nginx-logs mountPath: /var/log/nginx - image: 172.30.21.232/gcr.io/filebeat-alpine-v7.3.0:v1.1 imagePullPolicy: IfNotPresent name: filebeat volumeMounts: - name: nginx-logs mountPath: /log - name: filebeat-config mountPath: /etc/filebeat/filebeat.yml subPath: filebeat.yml resources: requests: memory: "200Mi" cpu: "0.5" limits: memory: "300Mi" cpu: "1" volumes: - name: nginx-logs emptyDir: {} - name: filebeat-config configMap: name: filebeat-config items: - key: filebeat.yml path: filebeat.yml --- apiVersion: v1 kind: Service metadata: name: nginx-test labels: k8s-app: nginx-test spec: type: NodePort ports: - port: 80 protocol: TCP targetPort: 80 name: http nodePort: 32765 selector: k8s-app: nginx-test
6.通过kubectl apply -f应用,查看
[root@cc-k8s01 filebeat]# kubectl get pods NAME READY STATUS RESTARTS AGE counter 1/1 Running 0 29d dnsutils-ds-5k68w 1/1 Running 1161 51d dnsutils-ds-f67hp 1/1 Running 347 14d dnsutils-ds-z5kfn 0/1 Completed 1160 51d helmredis-redis-ha-server-0 2/2 Running 0 22h helmredis-redis-ha-server-1 2/2 Running 0 22h helmredis-redis-ha-server-2 2/2 Running 0 22h my-nginx-5dd67b97fb-gv575 1/1 Running 0 23d my-nginx-5dd67b97fb-s8k4p 1/1 Running 0 23d nfs-provisioner-8cd7897c9-cq8fv 1/1 Running 0 28d nginx-test-69c75db9cc-76q69 2/2 Running 0 58m nginx-test-69c75db9cc-lbft8 2/2 Running 0 58m nginx-test-69c75db9cc-rq5td 2/2 Running 0 58m test-nginx-6dcd7c6dc5-88qzl 1/1 Running 0 23d test-nginx-6dcd7c6dc5-cshsj 1/1 Running 0 23d test-nginx-6dcd7c6dc5-v4wxv 1/1 Running 0 23d
查看nginx-test已经在Running状态,因为是通过NodePort模式,访问NodePort端口,然后查看topic
[root@cc-k8s01 filebeat]# kubectl exec kafka-0 -n cmw /opt/appl/kafka/bin/kafka-console-consumer.sh --bootstrap-server kafka-headless.cmw:9092 --topic nginx-access
***kafka+zookeeper见下面教程
7.使用fluentd作为logging-agent
[root@cc-k8s01 filebeat]# cat fluentd-nginx.yaml apiVersion: v1 kind: Namespace metadata: name: fluentd labels: name: fluentd --- apiVersion: extensions/v1beta1 kind: Deployment metadata: namespace: fluentd name: fluentd-nginx spec: replicas: 3 template: metadata: labels: k8s-app: fluentd-nginx spec: containers: - image: nginx imagePullPolicy: IfNotPresent name: fluentd-nginx ports: - containerPort: 80 volumeMounts: - name: nginx-logs mountPath: /var/log/nginx - image: 172.30.21.232/gcr.io/fluentd:v2.4.3 imagePullPolicy: IfNotPresent name: fluentd volumeMounts: - name: nginx-logs mountPath: /log - name: fluentd-config mountPath: /etc/fluent volumes: - name: nginx-logs emptyDir: {} - name: fluentd-config configMap: name: fluentd-config --- apiVersion: v1 kind: ConfigMap metadata: namespace: fluentd name: fluentd-config data: fluent.conf: |- <source> type tail format none path /log/*.log pos_file /log/log.pos tag fluentd-nginx_log </source> <match fluentd-nginx_log**> @type kafka_buffered brokers 172.30.0.192:9092,172.30.0.193:9092,172.30.0.194:9092 default_topic fluentd-nginx_log output_data_type json buffer_type file buffer_path /log/fluentd-nginx.buffer </match> --- apiVersion: v1 kind: Service metadata: namespace: fluentd name: fluentd-nginx labels: k8s-app: fluentd-nginx spec: type: NodePort ports: - port: 80 protocol: TCP targetPort: 80 name: http nodePort: 32764 selector: k8s-app: fluentd-nginx
curl http://node/32765
查看kibana
zookeeper+kafka构建
1.搭建zookeeper
[root@cc-k8s01 zookeeper]# cd /opt/k8s/work/zookeeper/ [root@cc-k8s01 zookeeper]# tree build-img/ build-img/ ├── Dockerfile ├── zkGenConfig.sh ├── zkMetrics.sh ├── zkOk.sh └── zookeeper-3.4.10.tar.gz 0 directories, 5 files [root@cc-k8s01 zookeeper]# cd build-img/ [root@cc-k8s01 build-img]# ls Dockerfile zkGenConfig.sh zkMetrics.sh zkOk.sh zookeeper-3.4.10.tar.gz [root@cc-k8s01 build-img]# ll total 3088 -rw-r----- 1 root root 718 Aug 22 14:09 Dockerfile -rwxr-xr-x 1 root root 6204 Aug 22 14:09 zkGenConfig.sh -rwxr-xr-x 1 root root 885 Aug 22 14:09 zkMetrics.sh -rwxr-xr-x 1 root root 952 Aug 22 14:09 zkOk.sh -rw-r----- 1 root root 3137614 Aug 22 14:09 zookeeper-3.4.10.tar.gz
1.Dockerfile文件
FROM 172.30.21.232/base_images/alpine-3.9.4:openjre8 # customize LABEL versioin="zookeeper-3.4.10" MAINTAINER Pan <axx0718@163.com> USER root # customize ARG BASE_DIR=/opt/appl ARG DISTRO_NAME=zookeeper-3.4.10 ARG DISTRO_NAME_NOV=zookeeper #install application ADD $DISTRO_NAME.tar.gz zkGenConfig.sh zkOk.sh zkMetrics.sh ./ RUN mv zkGenConfig.sh zkOk.sh zkMetrics.sh $DISTRO_NAME/bin && \ mkdir -p $BASE_DIR/$DISTRO_NAME/data $BASE_DIR/$DISTRO_NAME/datalog $BASE_DIR/$DISTRO_NAME/log && \ ln -s $BASE_DIR/$DISTRO_NAME $BASE_DIR/$DISTRO_NAME_NOV && \ chown -R appl:appl $BASE_DIR ENV PATH=$PATH:$BASE_DIR/$DISTRO_NAME_NOV/bin \ ZOOCFGDIR=$BASE_DIR/$DISTRO_NAME_NOV/conf USER appl
2.zkGenConfig.sh
[root@cc-k8s01 build-img]# cat zkGenConfig.sh #!/usr/bin/env bash ZK_USER=${ZK_USER:-"appl"} ZK_USER_GROUP=${ZK_USER_GROUP:-"appl"} ZK_LOG_LEVEL=${ZK_LOG_LEVEL:-"INFO"} ZK_DATA_DIR=${ZK_DATA_DIR:-"/opt/appl/zookeeper/data"} ZK_DATA_LOG_DIR=${ZK_DATA_LOG_DIR:-"/opt/appl/zookeeper/datalog"} ZK_LOG_DIR=${ZK_LOG_DIR:-"/opt/appl/zookeeper/log"} ZK_CONF_DIR=${ZK_CONF_DIR:-"/opt/appl/zookeeper/conf"} ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181} ZK_SERVER_PORT=${ZK_SERVER_PORT:-2888} ZK_ELECTION_PORT=${ZK_ELECTION_PORT:-3888} ZK_TICK_TIME=${ZK_TICK_TIME:-2000} ZK_INIT_LIMIT=${ZK_INIT_LIMIT:-10} ZK_SYNC_LIMIT=${ZK_SYNC_LIMIT:-5} ZK_HEAP_SIZE=${ZK_HEAP_SIZE:-2G} ZK_MAX_CLIENT_CNXNS=${ZK_MAX_CLIENT_CNXNS:-60} ZK_MIN_SESSION_TIMEOUT=${ZK_MIN_SESSION_TIMEOUT:- $((ZK_TICK_TIME*2))} ZK_MAX_SESSION_TIMEOUT=${ZK_MAX_SESSION_TIMEOUT:- $((ZK_TICK_TIME*20))} ZK_SNAP_RETAIN_COUNT=${ZK_SNAP_RETAIN_COUNT:-3} ZK_PURGE_INTERVAL=${ZK_PURGE_INTERVAL:-0} ID_FILE="$ZK_DATA_DIR/myid" ZK_CONFIG_FILE="$ZK_CONF_DIR/zoo.cfg" LOGGER_PROPS_FILE="$ZK_CONF_DIR/log4j.properties" JAVA_ENV_FILE="$ZK_CONF_DIR/java.env" HOST=`hostname -s` DOMAIN=`hostname -d` function print_servers() { for (( i=1; i<=$ZK_REPLICAS; i++ )) do echo "server.$i=$NAME-$((i-1)).$DOMAIN:$ZK_SERVER_PORT:$ZK_ELECTION_PORT" done } function validate_env() { echo "Validating environment" if [ -z $ZK_REPLICAS ]; then echo "ZK_REPLICAS is a mandatory environment variable" exit 1 fi if [[ $HOST =~ (.*)-([0-9]+)$ ]]; then NAME=${BASH_REMATCH[1]} ORD=${BASH_REMATCH[2]} else echo "Failed to extract ordinal from hostname $HOST" exit 1 fi MY_ID=$((ORD+1)) echo "ZK_REPLICAS=$ZK_REPLICAS" echo "MY_ID=$MY_ID" echo "ZK_LOG_LEVEL=$ZK_LOG_LEVEL" echo "ZK_DATA_DIR=$ZK_DATA_DIR" echo "ZK_DATA_LOG_DIR=$ZK_DATA_LOG_DIR" echo "ZK_LOG_DIR=$ZK_LOG_DIR" echo "ZK_CLIENT_PORT=$ZK_CLIENT_PORT" echo "ZK_SERVER_PORT=$ZK_SERVER_PORT" echo "ZK_ELECTION_PORT=$ZK_ELECTION_PORT" echo "ZK_TICK_TIME=$ZK_TICK_TIME" echo "ZK_INIT_LIMIT=$ZK_INIT_LIMIT" echo "ZK_SYNC_LIMIT=$ZK_SYNC_LIMIT" echo "ZK_MAX_CLIENT_CNXNS=$ZK_MAX_CLIENT_CNXNS" echo "ZK_MIN_SESSION_TIMEOUT=$ZK_MIN_SESSION_TIMEOUT" echo "ZK_MAX_SESSION_TIMEOUT=$ZK_MAX_SESSION_TIMEOUT" echo "ZK_HEAP_SIZE=$ZK_HEAP_SIZE" echo "ZK_SNAP_RETAIN_COUNT=$ZK_SNAP_RETAIN_COUNT" echo "ZK_PURGE_INTERVAL=$ZK_PURGE_INTERVAL" echo "ENSEMBLE" print_servers echo "Environment validation successful" } function create_config() { rm -f $ZK_CONFIG_FILE echo "Creating ZooKeeper configuration in $ZK_CONFIG_FILE" echo "clientPort=$ZK_CLIENT_PORT" >> $ZK_CONFIG_FILE echo "dataDir=$ZK_DATA_DIR" >> $ZK_CONFIG_FILE echo "dataLogDir=$ZK_DATA_LOG_DIR" >> $ZK_CONFIG_FILE echo "tickTime=$ZK_TICK_TIME" >> $ZK_CONFIG_FILE echo "initLimit=$ZK_INIT_LIMIT" >> $ZK_CONFIG_FILE echo "syncLimit=$ZK_SYNC_LIMIT" >> $ZK_CONFIG_FILE echo "maxClientCnxns=$ZK_MAX_CLIENT_CNXNS" >> $ZK_CONFIG_FILE echo "minSessionTimeout=$ZK_MIN_SESSION_TIMEOUT" >> $ZK_CONFIG_FILE echo "maxSessionTimeout=$ZK_MAX_SESSION_TIMEOUT" >> $ZK_CONFIG_FILE echo "autopurge.snapRetainCount=$ZK_SNAP_RETAIN_COUNT" >> $ZK_CONFIG_FILE echo "autopurge.purgeInteval=$ZK_PURGE_INTERVAL" >> $ZK_CONFIG_FILE if [ $ZK_REPLICAS -gt 1 ]; then print_servers >> $ZK_CONFIG_FILE fi echo "ZooKeeper configuration file written to $ZK_CONFIG_FILE" cat $ZK_CONFIG_FILE } function create_data_dirs() { if [ ! -d $ZK_DATA_DIR ]; then mkdir -p $ZK_DATA_DIR chown -R $ZK_USER:$ZK_USER_GROUP $ZK_DATA_DIR echo "Created ZooKeeper Data Directory" ls -ld $ZK_DATA_DIR >& 1 else echo "ZooKeeper Data Directory" ls -l -R $ZK_DATA_DIR >& 1 fi if [ ! -d $ZK_DATA_LOG_DIR ]; then mkdir -p $ZK_DATA_LOG_DIR chown -R $ZK_USER:$ZK_USER_GROUP $ZK_DATA_LOG_DIR echo "Created ZooKeeper Data Log Directory" ls -ld $ZK_DATA_LOG_DIR >& 1 else echo "ZooKeeper Data Log Directory" ls -l -R $ZK_DATA_LOG_DIR >& 1 fi if [ ! -d $ZK_LOG_DIR ]; then mkdir -p $ZK_LOG_DIR chown -R $ZK_USER:$ZK_USER_GROUP $ZK_LOG_DIR echo "Created ZooKeeper Log Directory" ls -ld $ZK_LOG_DIR >& 1 fi echo "Crateing ZooKeeper ensemble id file $ID_FILE" if [ ! -f $ID_FILE ]; then echo $MY_ID >> $ID_FILE fi echo "ZooKeeper ensemble id written to $ID_FILE" cat $ID_FILE } function create_log_props () { rm -f $LOGGER_PROPS_FILE echo "Creating ZooKeeper log4j configuration in $LOGGER_PROPS_FILE" echo "zookeeper.root.logger=ROLLINGFILE" >> $LOGGER_PROPS_FILE echo "zookeeper.console.threshold=$ZK_LOG_LEVEL" >> $LOGGER_PROPS_FILE echo "zookeeper.log.dir=$ZK_LOG_DIR" >> $LOGGER_PROPS_FILE echo "zookeeper.log.file=zookeeper.log" >> $LOGGER_PROPS_FILE echo "log4j.rootLogger=\${zookeeper.root.logger}" >> $LOGGER_PROPS_FILE echo "log4j.appender.ROLLINGFILE.Threshold=\${zookeeper.console.threshold}" >> $LOGGER_PROPS_FILE echo "log4j.appender.ROLLINGFILE=org.apache.log4j.DailyRollingFileAppender" >> $LOGGER_PROPS_FILE echo "log4j.appender.ROLLINGFILE.DatePattern='.'yyyy-MM-dd" >> $LOGGER_PROPS_FILE echo "log4j.appender.ROLLINGFILE.File=\${zookeeper.log.dir}/\${zookeeper.log.file}" >> $LOGGER_PROPS_FILE echo "log4j.appender.ROLLINGFILE.layout=org.apache.log4j.PatternLayout" >> $LOGGER_PROPS_FILE echo "log4j.appender.ROLLINGFILE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n" >> $LOGGER_PROPS_FILE echo "Wrote log4j configuration to $LOGGER_PROPS_FILE" cat $LOGGER_PROPS_FILE } function create_java_env() { rm -f $JAVA_ENV_FILE echo "Creating JVM configuration file $JAVA_ENV_FILE" echo "ZOO_LOG_DIR=$ZK_LOG_DIR" >> $JAVA_ENV_FILE echo "ZOO_LOG4J_PROP=$ZK_LOG_LEVEL,ROLLINGFILE" >> $JAVA_ENV_FILE echo "JVMFLAGS=\"-Xmx$ZK_HEAP_SIZE -Xms$ZK_HEAP_SIZE\"" >> $JAVA_ENV_FILE echo "Wrote JVM configuration to $JAVA_ENV_FILE" cat $JAVA_ENV_FILE } validate_env && create_config && create_log_props && create_data_dirs && create_java_env
3.zkMetrics.sh
[root@cc-k8s01 build-img]# cat zkMetrics.sh #!/usr/bin/env bash # Copyright 2016 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # zkMetrics uses the mntr four letter word to retrieve the ZooKeeper # instances metrics and dump them to standard out. If the ZK_CLIENT_PORT # enviorment varibale is not set 2181 is used. ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181} echo mntr | nc localhost $ZK_CLIENT_PORT >& 1
4.zkOk.sh
[root@cc-k8s01 build-img]# cat zkOk.sh #!/usr/bin/env bash # Copyright 2016 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # zkOk.sh uses the ruok ZooKeeper four letter work to determine if the instance # is health. The $? variable will be set to 0 if server responds that it is # healthy, or 1 if the server fails to respond. ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181} OK=$(echo ruok | nc 127.0.0.1 $ZK_CLIENT_PORT) if [ "$OK" == "imok" ]; then exit 0 else exit 1
5.利用dockerfile文件构建zookeeper基础镜像
6.创建configMap文件
[root@cc-k8s01 zookeeper]# cat configMap.yml apiVersion: v1 kind: ConfigMap metadata: name: zk-config namespace: cmw data: replicas: "3" jvm.heap: "1024M" tick: "2000" init: "10" sync: "5" client.cnxns: "60" snap.retain: "3" purge.interval: "1"
7.创建service/statefulSet文件
[root@cc-k8s01 zookeeper]# cat podDisruptionBudget.yml apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: zk-budget namespace: cmw spec: selector: matchLabels: app: zk minAvailable: 2 [root@cc-k8s01 zookeeper]# cat statefulSet.yml apiVersion: apps/v1 kind: StatefulSet metadata: name: zk namespace: cmw spec: serviceName: zk-headless replicas: 3 selector: matchLabels: app: zk template: metadata: labels: app: zk annotations: pod.alpha.kubernetes.io/initialized: "true" spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: "app" operator: In values: - zk-headless topologyKey: "kubernetes.io/hostname" containers: - name: k8szk imagePullPolicy: IfNotPresent image: 172.30.21.232/cmw/zookeeper:3.4.10 #image: 172.30.21.232/cmw/zookeeper:0.0.1 resources: limits: memory: 1300Mi cpu: 1 ports: - containerPort: 2181 name: client - containerPort: 2888 name: server - containerPort: 3888 name: leader-election env: - name : ZK_REPLICAS valueFrom: configMapKeyRef: name: zk-config key: replicas - name : ZK_HEAP_SIZE valueFrom: configMapKeyRef: name: zk-config key: jvm.heap - name : ZK_TICK_TIME valueFrom: configMapKeyRef: name: zk-config key: tick - name : ZK_INIT_LIMIT valueFrom: configMapKeyRef: name: zk-config key: init - name : ZK_SYNC_LIMIT valueFrom: configMapKeyRef: name: zk-config key: tick - name : ZK_MAX_CLIENT_CNXNS valueFrom: configMapKeyRef: name: zk-config key: client.cnxns - name: ZK_SNAP_RETAIN_COUNT valueFrom: configMapKeyRef: name: zk-config key: snap.retain - name: ZK_PURGE_INTERVAL valueFrom: configMapKeyRef: name: zk-config key: purge.interval - name: ZK_CLIENT_PORT value: "2181" - name: ZK_SERVER_PORT value: "2888" - name: ZK_ELECTION_PORT value: "3888" command: - sh - -c - zkGenConfig.sh && zkServer.sh start-foreground readinessProbe: exec: command: - "zkOk.sh" initialDelaySeconds: 15 timeoutSeconds: 5 livenessProbe: exec: command: - "zkOk.sh" initialDelaySeconds: 15 timeoutSeconds: 5 volumeMounts: - name: datadir mountPath: /opt/appl/zookeeper/data - name: datalogdir mountPath: /opt/appl/zookeeper/datalog - name: logdir mountPath: /opt/appl/zookeeper/log securityContext: runAsUser: 1500 fsGroup: 1500 volumeClaimTemplates: - metadata: name: datadir namespace: cmw spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 1Gi - metadata: name: datalogdir namespace: cmw spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 1Gi - metadata: name: logdir namespace: cmw spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 1Gi [root@cc-k8s01 zookeeper]# cat service.yml apiVersion: v1 kind: Service metadata: name: zk-headless namespace: cmw labels: app: zk-headless spec: ports: - port: 2888 name: server - port: 3888 name: leader-election clusterIP: None selector: app: zk --- apiVersion: v1 kind: Service metadata: name: zk-service namespace: cmw labels: app: zk-service spec: ports: - port: 2181 name: client selector: app: zk
8.创建zookeeper
[root@cc-k8s01 zookeeper]# kubectl apply -f . error: the path ".\x03" does not exist [root@cc-k8s01 zookeeper]# kubectl get pods -n cmw NAME READY STATUS RESTARTS AGE nginx-test-59d56bd49c-27ksv 2/2 Running 0 7d1h nginx-test-59d56bd49c-jjmlv 2/2 Running 0 7d1h nginx-test-59d56bd49c-r9khr 2/2 Running 0 7d1h redis-docker-test-65d6c8477f-gsx8c 1/1 Running 0 7d5h redis-master-0 1/1 Running 0 12d redis-sentinel-0 1/1 Running 0 12d redis-sentinel-1 1/1 Running 0 8d redis-sentinel-2 1/1 Running 0 12d zk-0 1/1 Running 0 47h zk-1 1/1 Running 0 47h zk-2 1/1 Running 0 47h
2.搭建kafka
[root@cc-k8s01 kafka]# cd /opt/k8s/work/kafka/ [root@cc-k8s01 kafka]# tree . ├── build-img │ ├── Dockerfile │ ├── Dockerfile.bak │ ├── kafka_2.11-2.1.1.tgz │ └── log4j.properties ├── kafka.sh ├── PodDisruptionBudget.yaml ├── service.yaml └── statefulset.yaml
Dockerfile文件,以及log4j文件
[root@cc-k8s01 build-img]# cat Dockerfile FROM 172.30.21.232/base_images/alpine-3.9.4:openjre8 # customize MAINTAINER pan <axx0718@163.com> USER root ENV KAFKA_USER=appl \ KAFKA_DATA_DIR=/opt/appl/kafka/data \ # JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 \ KAFKA_HOME=/opt/appl/kafka \ PATH=$PATH:/opt/appl/kafka/bin ARG KAFKA_VERSION=2.11-2.1.1 ARG KAFKA_DIST=kafka_2.11-2.1.1 WORKDIR /opt/appl COPY $KAFKA_DIST.tgz /opt/appl RUN tar -xzf $KAFKA_DIST.tgz && \ rm -rf $KAFKA_DIST.tgz COPY log4j.properties /opt/appl/$KAFKA_DIST/config/ RUN set -x && \ ln -s /opt/appl/$KAFKA_DIST $KAFKA_HOME && \ mkdir -p $KAFKA_DATA_DIR && \ chown -R appl:appl /opt/appl/$KAFKA_DIST && \ chown -R appl:appl $KAFKA_DATA_DIR USER appl [root@cc-k8s01 build-img]# cat log4j.properties # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. log4j.rootLogger=${logging.level}, stdout log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=[%d] %p %m (%c)%n log4j.appender.kafkaAppender=org.apache.log4j.DailyRollingFileAppender log4j.appender.kafkaAppender.DatePattern='.'yyyy-MM-dd-HH log4j.appender.kafkaAppender.File=${kafka.logs.dir}/server.log log4j.appender.kafkaAppender.layout=org.apache.log4j.PatternLayout log4j.appender.kafkaAppender.layout.ConversionPattern=[%d] %p %m (%c)%n log4j.appender.stateChangeAppender=org.apache.log4j.DailyRollingFileAppender log4j.appender.stateChangeAppender.DatePattern='.'yyyy-MM-dd-HH log4j.appender.stateChangeAppender.File=${kafka.logs.dir}/state-change.log log4j.appender.stateChangeAppender.layout=org.apache.log4j.PatternLayout log4j.appender.stateChangeAppender.layout.ConversionPattern=[%d] %p %m (%c)%n log4j.appender.requestAppender=org.apache.log4j.DailyRollingFileAppender log4j.appender.requestAppender.DatePattern='.'yyyy-MM-dd-HH log4j.appender.requestAppender.File=${kafka.logs.dir}/kafka-request.log log4j.appender.requestAppender.layout=org.apache.log4j.PatternLayout log4j.appender.requestAppender.layout.ConversionPattern=[%d] %p %m (%c)%n log4j.appender.cleanerAppender=org.apache.log4j.DailyRollingFileAppender log4j.appender.cleanerAppender.DatePattern='.'yyyy-MM-dd-HH log4j.appender.cleanerAppender.File=${kafka.logs.dir}/log-cleaner.log log4j.appender.cleanerAppender.layout=org.apache.log4j.PatternLayout log4j.appender.cleanerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n log4j.appender.controllerAppender=org.apache.log4j.DailyRollingFileAppender log4j.appender.controllerAppender.DatePattern='.'yyyy-MM-dd-HH log4j.appender.controllerAppender.File=${kafka.logs.dir}/controller.log log4j.appender.controllerAppender.layout=org.apache.log4j.PatternLayout log4j.appender.controllerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n log4j.appender.authorizerAppender=org.apache.log4j.DailyRollingFileAppender log4j.appender.authorizerAppender.DatePattern='.'yyyy-MM-dd-HH log4j.appender.authorizerAppender.File=${kafka.logs.dir}/kafka-authorizer.log log4j.appender.authorizerAppender.layout=org.apache.log4j.PatternLayout log4j.appender.authorizerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n # Turn on all our debugging info #log4j.logger.kafka.producer.async.DefaultEventHandler=DEBUG, kafkaAppender #log4j.logger.kafka.client.ClientUtils=DEBUG, kafkaAppender #log4j.logger.kafka.perf=DEBUG, kafkaAppender #log4j.logger.kafka.perf.ProducerPerformance$ProducerThread=DEBUG, kafkaAppender #log4j.logger.org.I0Itec.zkclient.ZkClient=DEBUG #log4j.logger.kafka=INFO, stdout log4j.logger.kafka.network.RequestChannel$=WARN, stdout log4j.additivity.kafka.network.RequestChannel$=false #log4j.logger.kafka.network.Processor=TRACE, requestAppender #log4j.logger.kafka.server.KafkaApis=TRACE, requestAppender #log4j.additivity.kafka.server.KafkaApis=false log4j.logger.kafka.request.logger=WARN, stdout log4j.additivity.kafka.request.logger=false log4j.logger.kafka.controller=TRACE, stdout log4j.additivity.kafka.controller=false log4j.logger.kafka.log.LogCleaner=INFO, stdout log4j.additivity.kafka.log.LogCleaner=false log4j.logger.state.change.logger=TRACE, stdout log4j.additivity.state.change.logger=false #Change this to debug to get the actual audit log for authorizer. log4j.logger.kafka.authorizer.logger=WARN, stdout log4j.additivity.kafka.authorizer.logger=false
kafka pod PodDisruptionBudget、statefulset、service文件
[root@cc-k8s01 kafka]# cat PodDisruptionBudget.yaml apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: namespace: cmw name: kafka-pdb spec: selector: matchLabels: app: kafka minAvailable: 2
[root@cc-k8s01 kafka]# cat PodDisruptionBudget.yaml apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: namespace: cmw name: kafka-pdb spec: selector: matchLabels: app: kafka minAvailable: 2 [root@cc-k8s01 kafka]# cat statefulset.yaml apiVersion: apps/v1beta1 kind: StatefulSet metadata: namespace: cmw name: kafka spec: serviceName: kafka-svc replicas: 3 template: metadata: labels: app: kafka spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: "app" operator: In values: - kafka topologyKey: "kubernetes.io/hostname" podAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 podAffinityTerm: labelSelector: matchExpressions: - key: "app" operator: In values: - zk topologyKey: "kubernetes.io/hostname" terminationGracePeriodSeconds: 300 containers: - name: k8skafka imagePullPolicy: IfNotPresent image: 172.30.21.232/gcr.io/kafka-v2.11:v1.1 resources: requests: memory: "2Gi" cpu: 500m ports: - containerPort: 9092 name: server command: #--override zookeeper.connect=zk-service.cmw:2181 \ - sh - -c - "exec /opt/appl/kafka/bin/kafka-server-start.sh /opt/appl/kafka/config/server.properties --override broker.id=${HOSTNAME##*-} \ --override listeners=PLAINTEXT://:9092 \ --override zookeeper.connect=zk-0.zk-headless.cmw.svc.cluster.local:2181,zk-1.zk-headless.cmw.svc.cluster.local:2181,zk-2.zk-headless.cmw.svc.cluster.local:2181 \ --override log.dir=/opt/appl/kafka/logs \ --override auto.create.topics.enable=true \ --override auto.leader.rebalance.enable=true \ --override background.threads=10 \ --override compression.type=producer \ --override delete.topic.enable=false \ --override leader.imbalance.check.interval.seconds=300 \ --override leader.imbalance.per.broker.percentage=10 \ --override log.flush.interval.messages=9223372036854775807 \ --override log.flush.offset.checkpoint.interval.ms=60000 \ --override log.flush.scheduler.interval.ms=9223372036854775807 \ --override log.retention.bytes=-1 \ --override log.retention.hours=168 \ --override log.roll.hours=168 \ --override log.roll.jitter.hours=0 \ --override log.segment.bytes=1073741824 \ --override log.segment.delete.delay.ms=60000 \ --override message.max.bytes=1000012 \ --override min.insync.replicas=1 \ --override num.io.threads=8 \ --override num.network.threads=3 \ --override num.recovery.threads.per.data.dir=1 \ --override num.replica.fetchers=1 \ --override offset.metadata.max.bytes=4096 \ --override offsets.commit.required.acks=-1 \ --override offsets.commit.timeout.ms=5000 \ --override offsets.load.buffer.size=5242880 \ --override offsets.retention.check.interval.ms=600000 \ --override offsets.retention.minutes=1440 \ --override offsets.topic.compression.codec=0 \ --override offsets.topic.num.partitions=50 \ --override offsets.topic.replication.factor=3 \ --override offsets.topic.segment.bytes=104857600 \ --override queued.max.requests=500 \ --override quota.consumer.default=9223372036854775807 \ --override quota.producer.default=9223372036854775807 \ --override replica.fetch.min.bytes=1 \ --override replica.fetch.wait.max.ms=500 \ --override replica.high.watermark.checkpoint.interval.ms=5000 \ --override replica.lag.time.max.ms=10000 \ --override replica.socket.receive.buffer.bytes=65536 \ --override replica.socket.timeout.ms=30000 \ --override request.timeout.ms=30000 \ --override socket.receive.buffer.bytes=102400 \ --override socket.request.max.bytes=104857600 \ --override socket.send.buffer.bytes=102400 \ --override unclean.leader.election.enable=true \ --override zookeeper.session.timeout.ms=6000 \ --override zookeeper.set.acl=false \ --override broker.id.generation.enable=true \ --override connections.max.idle.ms=600000 \ --override controlled.shutdown.enable=true \ --override controlled.shutdown.max.retries=3 \ --override controlled.shutdown.retry.backoff.ms=5000 \ --override controller.socket.timeout.ms=30000 \ --override default.replication.factor=1 \ --override fetch.purgatory.purge.interval.requests=1000 \ --override group.max.session.timeout.ms=300000 \ --override group.min.session.timeout.ms=6000 \ --override inter.broker.protocol.version=0.11.0-IV2 \ --override log.cleaner.backoff.ms=15000 \ --override log.cleaner.dedupe.buffer.size=134217728 \ --override log.cleaner.delete.retention.ms=86400000 \ --override log.cleaner.enable=true \ --override log.cleaner.io.buffer.load.factor=0.9 \ --override log.cleaner.io.buffer.size=524288 \ --override log.cleaner.io.max.bytes.per.second=1.7976931348623157E308 \ --override log.cleaner.min.cleanable.ratio=0.5 \ --override log.cleaner.min.compaction.lag.ms=0 \ --override log.cleaner.threads=1 \ --override log.cleanup.policy=delete \ --override log.index.interval.bytes=4096 \ --override log.index.size.max.bytes=10485760 \ --override log.message.timestamp.difference.max.ms=9223372036854775807 \ --override log.message.timestamp.type=CreateTime \ --override log.preallocate=false \ --override log.retention.check.interval.ms=300000 \ --override max.connections.per.ip=2147483647 \ --override num.partitions=1 \ --override producer.purgatory.purge.interval.requests=1000 \ --override replica.fetch.backoff.ms=1000 \ --override replica.fetch.max.bytes=1048576 \ --override replica.fetch.response.max.bytes=10485760 \ --override reserved.broker.max.id=1000 " env: - name: KAFKA_HEAP_OPTS value : "-Xmx512M -Xms512M" - name: KAFKA_OPTS value: "-Dlogging.level=INFO" volumeMounts: - name: datadir mountPath: /tmp/kafka-logs #readinessProbe: # exec: # command: # - sh # - -c # - "/opt/appl/kafka/bin/kafka-broker-api-versions.sh --bootstrap-server=localhost:9092" securityContext: runAsUser: 1500 fsGroup: 1500 volumeClaimTemplates: - metadata: name: datadir namespace: cmw spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 5Gi
[root@cc-k8s01 kafka]# cat service.yaml apiVersion: v1 kind: Service metadata: name: kafka-svc namespace: cmw labels: app: kafka spec: ports: - port: 9092 name: server clusterIP: None selector: app: kafka
3.创建logstash
[root@cc-k8s01 logstash]# tree . ├── build-img │ ├── Dockerfile │ ├── kafka-output.conf │ ├── logstash-6.8.1.tar.gz │ └── start.sh ├── configMap-logstash.yaml ├── configMap-logstash.yaml.bak ├── deployment.yaml └── logstash.sh
[root@cc-k8s01 build-img]# vim Dockerfile FROM 172.30.21.232/base_images/alpine-3.9.4:openjre8 # customize LABEL versioin="logstash-6.8.1" MAINTAINER pan <axx0718@163.com> USER root # customize ENV LOGSTASH_USER=appl \ LOGSTASH_LOGS_DIR=/opt/appl/logstash/logs \ LOGSTASH_HOME=/opt/appl/logstash \ PATH=$PATH:/opt/appl/logstash/bin \ BASE_DIR=/opt/appl \ DISTRO_NAME=logstash-6.8.1 \ DISTRO_NAME_NOV=logstash COPY $DISTRO_NAME.tar.gz /opt/appl RUN cd /opt/appl && \ tar -xvf $DISTRO_NAME.tar.gz && \ rm -rf $DISTRO_NAME.tar.gz && \ ln -s /opt/appl/$DISTRO_NAME $LOGSTASH_HOME && \ cd $LOGSTASH_HOME && \ mkdir conf.d && \ mkdir logs && \
mkdir patterns
COPY jvm.options $LOGSTASH_HOME/config RUN set -x && \ chown -R appl:appl /opt/appl/$DISTRO_NAME USER appl #CMD ["/opt/appl/logstash/start.sh"]
[root@cc-k8s01 build-img]# cat jvm.options ## JVM configuration # Xms represents the initial size of total heap space # Xmx represents the maximum size of total heap space -Xms2g -Xmx2g ################################################################ ## Expert settings ################################################################ ## ## All settings below this section are considered ## expert settings. Don't tamper with them unless ## you understand what you are doing ## ################################################################ ## GC configuration -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly ## Locale # Set the locale language #-Duser.language=en # Set the locale country #-Duser.country=US # Set the locale variant, if any #-Duser.variant= ## basic # set the I/O temp directory #-Djava.io.tmpdir=$HOME # set to headless, just in case -Djava.awt.headless=true # ensure UTF-8 encoding by default (e.g. filenames) -Dfile.encoding=UTF-8 # use our provided JNA always versus the system one #-Djna.nosys=true # Turn on JRuby invokedynamic -Djruby.compile.invokedynamic=true # Force Compilation -Djruby.jit.threshold=0 # Make sure joni regexp interruptability is enabled -Djruby.regexp.interruptible=true ## heap dumps # generate a heap dump when an allocation from the Java heap fails # heap dumps are created in the working directory of the JVM -XX:+HeapDumpOnOutOfMemoryError # specify an alternative path for heap dumps # ensure the directory exists and has sufficient space #-XX:HeapDumpPath=${LOGSTASH_HOME}/heapdump.hprof ## GC logging #-XX:+PrintGCDetails #-XX:+PrintGCTimeStamps #-XX:+PrintGCDateStamps #-XX:+PrintClassHistogram #-XX:+PrintTenuringDistribution #-XX:+PrintGCApplicationStoppedTime # log GC status to a file with time stamps # ensure the directory exists #-Xloggc:${LS_GC_LOG_FILE} # Entropy source for randomness -Djava.security.egd=file:/dev/urandom
logstash configmap文件,包含了logstash正则表达式
[root@cc-k8s01 logstash-7.3.0]# cat configMap-logstash.yaml apiVersion: v1 kind: ConfigMap metadata: name: test-access namespace: cmw data: pattern: |- DATETIME %{YEAR}-%{MONTHNUM}-%{MONTHDAY}[T ]%{HOUR}:?%{MINUTE}(?::?%{SECOND})? LogType ([a-zA-Z]+) REQUEST \[%{TIMESTAMP:log_timestamp}\] \[%{DATA:ThreadName}\] \[%{LOGLEVEL:logLevel}\] \[%{LogType:InterfaceTag}\] \[%{DATA:TransactionId}\]?\[%{DATA:SpanId}\]?\[%{DATA:ParentId}\] \[%{DATA:HttpUrl}\] \[%{DATA:Protocol}\] \[%{DATA:logtype}\] %{DATA:Number} - %{GREEDYDATA:JsonContent} RESPONSE \[%{TIMESTAMP:log_timestamp}\] \[%{DATA:ThreadName}\] \[%{LOGLEVEL:logLevel}\] \[%{LogType:InterfaceTag}\] \[%{DATA:TransactionId}\]?\[%{DATA:SpanId}\]?\[%{DATA:ParentId}\] \[%{DATA:HttpUrl}\] \[%{DATA:Protocol}\] \[%{DATA:logtype}\] %{DATA:Number} - %{GREEDYDATA:JsonContent} ACCESSLOG \[%{DATETIME:logTime}\] \[%{DATA:threadName}\] \[%{DATA:loglevel}\] \[%{DATA:InterfaceTag}\] \[%{DATA:interfaceTag}\] \[%{DATA:transactionId}\] \[%{DATA:SpanId}\] \[%{DATA:ParentId}\] \[%{DATA:ServerId}\] \[%{DATA:logtype}\] - %{GREEDYDATA:AccessJson} INTERFACELOG \[%{DATETIME:log_timestamp}\] \[%{DATA:ThreadName}\] \[%{LOGLEVEL:logLevel}\] \[%{DATA:InterfaceTag}\] \[%{DATA:TransactionId}\] \[%{DATA:SpanId}\] \[%{DATA:ParentId}\] \[%{DATA:HttpUrl}\] \[%{DATA:Protocol}\]?\[%{DATA:logtype}\] - %{GREEDYDATA:JsonContent} kafka-output.conf: |- input { kafka { bootstrap_servers => "kafka-svc.cmw.svc.cluster.local:9092" topics => ["nginx-access"] codec => "json" } } filter { if [fields][log_topics] =~ "\w+-access" { if [message] =~ '^{\w*' { json { source => "message" add_field => ["type", "%{[fields][log_topics]}"] } } else { grok { patterns_dir => [ "/opt/appl/logstash/patterns" ] match => { "message" => "%{ACCESSLOG}" } } json { source => "AccessJson" remove_field => "AccessJson" add_field => ["type", "%{[fields][log_topics]}"] } } } ruby { code => "event.timestamp.time.localtime" } #if [startTime] { # date { # match => [ "startTime", "YYYY-MM-dd HH:mm:ss.SSS" ] # timezone => "Asia/Shanghai" # target => "@timestamp" # } #} if [timeDiff] { mutate { add_field => [ "timeDiff_int", "%{timeDiff}" ] } mutate { convert => [ "timeDiff_int", "integer" ] remove_field => "timeDiff" } } } output { elasticsearch { hosts => ["http://elasticsearch.cmw:9200" ] index => "logstash-k8s-%{[fields][log_topics]}-%{+YYYY.MM.dd}" template_overwrite => true #user => "elastic" #password => "xri&h2azaj" #document_type => "%{[type]}" } }
apiVersion: apps/v1 kind: Deployment metadata: name: logstash-test-access namespace: ops labels: app: logstash-test spec: replicas: 1 selector: matchLabels: app: logstash-test template: metadata: labels: app: logstash-test spec: containers: - name: test-access imagePullPolicy: IfNotPresent image: harbor.iboxpay.com/ops/logstash:6.8.1 volumeMounts: - name: test-access mountPath: /opt/appl/logstash/conf.d/kafka-output.conf subPath: kafka-output.conf - name: test-access mountPath: /opt/appl/logstash/patterns/pattern subPath: pattern resources: requests: memory: "2Gi" cpu: "1" limits: memory: "3Gi" cpu: "2" command: - sh - -c #- "/opt/appl/logstash/start.sh" - "/opt/appl/logstash/bin/logstash -f /opt/appl/logstash/conf.d" volumes: - name: test-access configMap: name: test-access items: - key: kafka-output.conf path: kafka-output.conf - key: pattern path: pattern securityContext: runAsUser: 1500 fsGroup: 1500
4.将外部服务elasticsearch,提供一个endpoint、service供集群使用
[root@cc-k8s01 es]# cd /opt/k8s/work/es/
[root@cc-k8s01 es]# cat *
kind: Endpoints apiVersion: v1 metadata: name: elasticsearch namespace: cmw subsets: - addresses: - ip: 172.30.21.232
- ip: 172.30.21.233
- ip: 172.30.21.234
ports: - port: 9200 apiVersion: v1 kind: Service metadata: name: elasticsearch namespace: cmw spec: ports: - port: 9200