k8s安装EFK

1、环境介绍

[root@master ~]# kubectl  get node 
NAME     STATUS   ROLES                  AGE     VERSION
master   Ready    control-plane,master   5h44m   v1.20.5
node1    Ready    <none>                 5h44m   v1.20.5
node2    Ready    <none>                 5h44m   v1.20.5
[root@master ~]# kubectl get sc 
NAME                  PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
managed-nfs-storage   fuseim.pri/ifs   Delete          Immediate           true                   94m

2、下载yaml

mkdir efk -p
cd efk
wget https://raw.githubusercontent.com/kubernetes/kubernetes/v1.20.5/cluster/addons/fluentd-elasticsearch/es-service.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/v1.20.5/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/v1.20.5/cluster/addons/fluentd-elasticsearch/fluentd-es-configmap.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/v1.20.5/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/v1.20.5/cluster/addons/fluentd-elasticsearch/kibana-deployment.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/v1.20.5/cluster/addons/fluentd-elasticsearch/kibana-service.yaml

3、修改es-statefulset的存储(将emptyDir改成nfs的动态存储)

[root@master efk]# tail -40  es-statefulset.yaml 
              port: transport
            initialDelaySeconds: 5
            timeoutSeconds: 10
          readinessProbe:
            tcpSocket:
              port: transport
            initialDelaySeconds: 5
            timeoutSeconds: 10
          volumeMounts:
            - name: elasticsearch-logging
              mountPath: /data
          env:
            - name: "NAMESPACE"
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: "MINIMUM_MASTER_NODES"
              value: "1"
   #   volumes:
   #     - name: elasticsearch-logging
   #       emptyDir: {}
      # Elasticsearch requires vm.max_map_count to be at least 262144.
      # If your OS already sets up this number to a higher value, feel free
      # to remove this init container.
      initContainers:
        - image: alpine:3.6
          command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
          name: elasticsearch-logging-init
          securityContext:
            privileged: true
  volumeClaimTemplates:
  - metadata:
      name: elasticsearch-logging
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: "managed-nfs-storage"
      resources:
        requests:
          storage: 10Gi

4、注释kibana-deployment.yaml中的SERVER_BASEPATH项目的内容

不注释无法访问到kibana的控制台

[root@master efk]# grep SERVER_BASEPATH  -A 1 kibana-deployment.yaml 
          #- name: SERVER_BASEPATH
          #  value: /api/v1/namespaces/kube-system/services/kibana-logging/proxy

5、导入

[root@master efk]# kubectl  apply -f .
service/elasticsearch-logging created
serviceaccount/elasticsearch-logging created
clusterrole.rbac.authorization.k8s.io/elasticsearch-logging created
clusterrolebinding.rbac.authorization.k8s.io/elasticsearch-logging created
statefulset.apps/elasticsearch-logging created
configmap/fluentd-es-config-v0.2.0 created
serviceaccount/fluentd-es created
clusterrole.rbac.authorization.k8s.io/fluentd-es created
clusterrolebinding.rbac.authorization.k8s.io/fluentd-es created
daemonset.apps/fluentd-es-v3.1.0 created
deployment.apps/kibana-logging created
service/kibana-logging created

6、查看

[root@master efk]# kubectl get pod  -n kube-system |egrep "elasticsearch-logging|fluentd-es|kibana-logging"
elasticsearch-logging-0                    1/1     Running   0          2m23s
fluentd-es-v3.1.0-c2b69                    1/1     Running   1          2m23s
fluentd-es-v3.1.0-schk7                    1/1     Running   1          2m23s
kibana-logging-5bd7c89474-mtljg            1/1     Running   1          2m23s
[root@master efk]# kubectl get pvc -n kube-system
NAME                                            STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS          AGE
elasticsearch-logging-elasticsearch-logging-0   Bound    pvc-6e487c3b-c174-44cd-96c6-12bd57362194   10Gi       RWO            managed-nfs-storage   2m26s
[root@master efk]# kubectl get sts -n kube-system
NAME                    READY   AGE
elasticsearch-logging   1/1     2m29s
[root@master efk]# kubectl get ds -n kube-system fluentd-es-v3.1.0
NAME                DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
fluentd-es-v3.1.0   2         2         2       2            2           <none>          3m33s
[root@master efk]# kubectl get svc -n kube-system
NAME                    TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                        AGE
elasticsearch-logging   ClusterIP   None            <none>        9200/TCP,9300/TCP              2m49s
kibana-logging          ClusterIP   10.111.64.219   <none>        5601/TCP                       2m49s
kube-dns                ClusterIP   10.96.0.10      <none>        53/UDP,53/TCP,9153/TCP         4h41m
kubelet                 ClusterIP   None            <none>        10250/TCP,10255/TCP,4194/TCP   3h45m
metrics-server          ClusterIP   10.108.69.38    <none>        443/TCP                        4h33m

7、把kibana的svc改成nodeport(方便浏览器查看)

[root@master efk]# kubectl  patch svc  kibana-logging -n kube-system -p '{"spec":{"type":"NodePort","ports":[{"port":5601,"protocol":"TCP","targetPort":"ui","nodePort":32601}]}}'
service/kibana-logging patched
[root@master efk]# kubectl get svc -n kube-system  kibana-logging
NAME             TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
kibana-logging   NodePort   10.98.61.113   <none>        5601:32601/TCP   107s

8、浏览器查看

http://nodeIP:32601

巽逸

1、环境介绍

2、下载yaml

3、修改es-statefulset的存储(将emptyDir改成nfs的动态存储)

4、注释kibana-deployment.yaml中的SERVER_BASEPATH项目的内容

5、导入

6、查看

7、把kibana的svc改成nodeport(方便浏览器查看)

8、浏览器查看

公告