K8S 日志收集(一):在K8S创建fluentd的ds

下载fluentd 的images

https://hub.docker.com/r/fluent/fluentd-kubernetes-daemonset/

docker pull 192.168.19.111/baseimages/fluentd-kubernetes-daemonset:v0.12-alpine-elasticsearch

由于镜像没有kafka插件修改镜像,dockerfile文件如下

FROM 192.168.19.111/baseimages/fluentd-kubernetes-daemonset:v0.12-alpine-elasticsearch
RUN gem install  fluent-plugin-kafka
COPY fluent.conf /fluentd/etc/fluent.conf
ENTRYPOINT ["fluentd","-c","/fluentd/etc/fluent.conf","-p","/fluentd/plugins"]

最后生成镜像:192.168.19.111/baseimages/fluentd:201803101322

创建fluentd的yaml文件:

由于fluentd要从kube-apiserver抓取镜像的相关信息,所以必须配置sa
sa文件:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: fluentd-es
  namespace: kube-system
  labels:
    k8s-app: fluentd-es
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile

创建ClusterRole文件:

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: fluentd-es
  labels:
    k8s-app: fluentd-es
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
rules:
- apiGroups:
  - ""
  resources:
  - "namespaces"
  - "pods"
  verbs:
  - "get"
  - "watch"
  - "list"

创建ClusterRoleBinding角色绑定文件

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: fluentd-es
  labels:
    k8s-app: fluentd-es
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
subjects:
- kind: ServiceAccount
  name: fluentd-es
  namespace: kube-system
  apiGroup: ""
roleRef:
  kind: ClusterRole
  name: fluentd-es
  apiGroup: ""

创建cm配置文件

kind: ConfigMap
apiVersion: v1
metadata:
  name: fluentd-config
  namespace: kube-system
  labels:
    addonmanager.kubernetes.io/mode: Reconcile
data:
  fluent.conf: |-
    <source>     
      @type tail
      path /var/log/containers/*.log
      pos_file /var/log/fluentd-containers.log.pos
      time_format %Y-%m-%dT%H:%M:%S.%NZ
      tag kubernetes.*
      format json
    </source>
    <filter kubernetes.**>
       @type kubernetes_metadata
    </filter>
    <match **>
      @type               kafka_buffered
      brokers             192.168.7.204:9092,192.168.7.204:9093,192.168.7.204:9094
      output_data_type    json
      default_topic       test-panjunbai
      compression_codec   gzip
      required_acks       1
    </match>

创建ds文件(由于/var/log/containers能被fluentd和kube-apiserver连接做处理,必须挂载/var/log/containers的软件目的地文件路径)

apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: fluentd-ds
  namespace: kube-system
  labels:
    k8s-app: fluentd
    kubernetes.io/cluster-service: "true"
spec:
  selector:
    matchLabels:
      k8s-app: fluentd
  template:
    metadata:
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ""
      labels:
        k8s-app: fluentd
        kubernetes.io/cluster-service: "true"
    spec:
      serviceAccountName: fluentd-es
      containers:
      - name: fluentd-ds
        image: 192.168.19.111/baseimages/fluentd:201803101322
        resources:
          limits:
            memory: 500Mi
          requests:
            cpu: 100m
            memory: 200Mi
        volumeMounts:
        - mountPath: /var/log
          name: varlog
        - mountPath: /fluentd/etc
          name: fluentd-cm
        - name: tz-config
          mountPath: /etc/localtime
        - name: real-dir
          mountPath: /opt/docker/containers
      terminationGracePeriodSeconds: 30
      volumes:
      - name: real-dir
        hostPath:
          path: /opt/docker/containers
      - name: varlog
        hostPath:
          path: /var/log
      - configMap:
          defaultMode: 420
          items:
          - key: fluent.conf
            path: fluent.conf
          name: fluentd-config
        name: fluentd-cm
      - name: tz-config
        hostPath:
          path: /usr/share/zoneinfo/Asia/Shanghai 

https://docs.fluentd.org/v0.12/articles/kubernetes-fluentd
https://github.com/fluent/fluent-plugin-kafka
https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter
https://kubernetes.io/docs/concepts/cluster-administration/logging/

posted @ 2018-04-28 11:01  长风七万里  阅读(630)  评论(0编辑  收藏  举报