Fluentbit, yüksek performans için tasarlandı ve sadece ~450 KB hafıza kullanan çok hafif bir kaynak kullanımına sahip. Soyutlanmış bir G/Ç işleyicisi, eşzamansız ve olaya dayalı (event-driven) okuma/yazma işlemlerine izin verir. Esneklik ve güvenilirlik için, yeniden denemeleri ve tampon limitini tanımlamak için çeşitli konfigürasyon seçenekleri mevcuttur.
Kibana, Elasticsearch’ün üstünde çalışan ve kullanıcılara verileri analiz etme ve görselleştirme olanağı sağlayan bir görselleştirme katmanıdır.
Elasticsearch, Apache Lucene arama motorunu temel alan açık kaynaklı, tam metinli bir arama ve analiz motorudur.
İlk olarak Namespace create edelim
kubectl create ns monitoring
elastic yaml da storageClassName: nfs-client yaptım nfs server kurulumunu gerçekleştirmiştim onunda linkine buradan ulaşabilirsiniz.
elastic.yaml
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
namespace: monitoring
labels:
app: elasticsearch
spec:
clusterIP: None
selector:
app: elasticsearch
ports:
- name: http
protocol: TCP
port: 9200
- name: node
protocol: TCP
port: 9300
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch-node
namespace: monitoring
spec:
serviceName: elasticsearch
replicas: 2
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:7.2.0
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 1Gi
ports:
- name: http
protocol: TCP
containerPort: 9200
- name: node
protocol: TCP
containerPort: 9300
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
env:
- name: cluster.name
value: k8s-monitoring
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: discovery.seed_hosts
value: "elasticsearch-node-0.elasticsearch,elasticsearch-node-1.elasticsearch,elasticsearch-node-2.elasticsearch"
- name: cluster.initial_master_nodes
value: "elasticsearch-node-0,elasticsearch-node-1,elasticsearch-node-2"
- name: ES_JAVA_OPTS
value: "-Xms512m -Xmx512m"
initContainers:
- name: chown
image: busybox
command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
securityContext:
privileged: true
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
- name: sysctl
image: busybox
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
- name: ulimit
image: busybox
command: ["sh", "-c", "ulimit -n 65536"]
securityContext:
privileged: true
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
spec:
storageClassName: nfs-client
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
fluentbit.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: fluentbit
namespace: monitoring
labels:
app: fluentbit
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: fluentbit
labels:
app: fluentbit
rules:
- apiGroups:
- ""
resources:
- pods
- namespaces
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: fluentbit
roleRef:
kind: ClusterRole
name: fluentbit
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: fluentbit
namespace: monitoring
---
apiVersion: v1
kind: ConfigMap
metadata:
name: fluentbit-config
namespace: monitoring
labels:
k8s-app: fluentbit
data:
fluent-bit.conf: |
[SERVICE]
Flush 5
Log_Level info
Daemon Off
Parsers_File parsers.conf
HTTP_Server On
HTTP_Listen 0.0.0.0
HTTP_Port 2020
@INCLUDE input-kubernetes.conf
@INCLUDE filter-kubernetes.conf
@INCLUDE output-elasticsearch.conf
input-kubernetes.conf: |
[INPUT]
Name tail
Tag kube.*
Path /var/log/containers/*.log
Exclude_Path /var/log/containers/*_kube-system_*.log,/var/log/containers/*_kubernetes-dashboard_*.log,/var/log/containers/*_monitoring_*.log
Parser docker
DB /var/log/flb_kube.db
Mem_Buf_Limit 5MB
Skip_Long_Lines On
Refresh_Interval 10
filter-kubernetes.conf: |
[FILTER]
Name kubernetes
Match kube.*
Kube_URL https://kubernetes.default.svc:443
Kube_CA_File /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
Kube_Token_File /var/run/secrets/kubernetes.io/serviceaccount/token
Kube_Tag_Prefix kube.var.log.containers.
Merge_Log On
Merge_Log_Key log_field
Merge_Log_Trim On
K8S-Logging.Parser On
K8S-Logging.Exclude Off
output-elasticsearch.conf: |
[OUTPUT]
Name es
Host ${FLUENT_ELASTICSEARCH_HOST}
Port ${FLUENT_ELASTICSEARCH_PORT}
Match *
Index kubernetes-logs
Type json
Replace_Dots On
Retry_Limit False
parsers.conf: |
[PARSER]
Name docker
Format json
Time_Key time
Time_Format %Y-%m-%dT%H:%M:%S.%L
Time_Keep On
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: fluentbit
namespace: monitoring
labels:
app: fluentbit
spec:
selector:
matchLabels:
app: fluentbit
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
template:
metadata:
labels:
app: fluentbit
spec:
serviceAccount: fluentbit
serviceAccountName: fluentbit
terminationGracePeriodSeconds: 30
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
containers:
- name: fluentbit
image: fluent/fluent-bit:1.3.11
ports:
- containerPort: 2020
env:
- name: FLUENT_ELASTICSEARCH_HOST
value: "elasticsearch"
- name: FLUENT_ELASTICSEARCH_PORT
value: "9200"
volumeMounts:
- name: fluentbit-config
mountPath: /fluent-bit/etc/
- name: fluentbit-log
mountPath: /var/log
- name: fluentbit-lib
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: fluentbit-config
configMap:
name: fluentbit-config
- name: fluentbit-log
hostPath:
path: /var/log
- name: fluentbit-lib
hostPath:
path: /var/lib/docker/containers
kibana.yaml
apiVersion: v1
kind: Service
metadata:
name: kibana
namespace: monitoring
labels:
app: kibana
spec:
selector:
app: kibana
ports:
- name: http
protocol: TCP
port: 5601
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kibana
namespace: monitoring
labels:
app: kibana
spec:
replicas: 1
selector:
matchLabels:
app: kibana
template:
metadata:
labels:
app: kibana
spec:
containers:
- name: kibana
image: docker.elastic.co/kibana/kibana:7.2.0
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 1Gi
ports:
- name: http
protocol: TCP
containerPort: 5601
env:
- name: ELASTICSEARCH_HOSTS
value: http://elasticsearch:9200
testpod.yaml
apiVersion: v1
kind: Pod
metadata:
name: loggenerator
spec:
containers:
- name: loggenerator
image: busybox
args: [/bin/sh, -c,'i=0; while true; do echo "emirhanaydin $i"; i=$((i+1)); sleep 1; done']
Podları ayağa kaldıralım
kubectl create -f elastic.yaml -f kibana.yaml -f fluentbit.yaml -f testpod.yaml
Evet podlarım ayağa kalktı
Kibana arayüzüne localhost:5601 den giriş yapıp Index Patterns bölümüne giriyoruz.Kubernetes-logs seçiyoruz.
@timestamp seçiyoruz.
Ve create ettiğim testpodum emirhanaydin diye log basıyor discover kısmından logları filtrelediğimde loglarımı görüyorum.
Commentaires