51工具盒子

依楼听风雨
笑看云卷云舒,淡观潮起潮落
当前位置:工具盒子 > 云服务器 > 正文

基于daemonset的日志收集k8s

2024-09-04 分类:云服务器 阅读(86) 评论(0)

构建logstash镜像

Dockerfile

FROM logstash:7.17.6

LABEL author="baimeidashu@163.com"
WORKDIR /usr/share/logstash
ADD logstash.yml /usr/share/logstash/config/logstash.yml
ADD logstash.conf /usr/share/logstash/pipeline/logstash.conf
USER root
RUN usermod -a -G root logstash

logstash.yml内容如下:

http.host: "0.0.0.0"

logstash.conf内容如下:

input {
  file {
    path => "/var/lib/docker/containers/*/*-json.log" #docker
    #path => "/var/log/pods/*/*/*.log"	#使用containerd时,Pod的log的存放路径
    start_position => "beginning"
    type => "applog"	#日志类型,自定义
  }

  file {
    path => "/var/log/*.log"	#操作系统日志路径
    start_position => "beginning"
    type => "syslog"
  }
}

output {
  if [type] == "applog" {	#指定将applog类型的日志发送到kafka的哪个topic
    kafka {
      bootstrap_servers => "${KAFKA_SERVER}"
      topic_id => "${TOPIC_ID}"
      batch_size => 16384  #logstash每次向ES传输的数据量大小,单位为字节
      codec => "${CODEC}"	#日志格式
   } }

  if [type] == "syslog" {	##指定将syslog类型的日志发送到kafka的哪个topic
    kafka {
      bootstrap_servers => "${KAFKA_SERVER}"
      topic_id => "${TOPIC_ID}"
      batch_size => 16384
      codec => "${CODEC}" #系统日志不是json格式
  }}
}

执行构建,上传镜像到harbor

docker build -t registry.cn-hangzhou.aliyuncs.com/baimeidashu/logstash-daemonset:7.17.6 .

docker push registry.cn-hangzhou.aliyuncs.com/baimeidashu/logstash-daemonset:7.17.6

部署logstash daemonset

我是用 kubesphere 界面化操作的, 用的守护进程
部署文件如下

kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: logstash-daemonset
  namespace: openai
  annotations:
    deprecated.daemonset.template.generation: '1'
    kubesphere.io/creator: project-admin
spec:
  selector:
    matchLabels:
      app: logstash
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: logstash
      annotations:
        kubesphere.io/creator: project-admin
    spec:
      volumes:
        - name: varlog
          hostPath:
            path: /var/log
            type: ''
        - name: varlogpods
          hostPath:
            path: /var/log/pods
            type: ''
      containers:
        - name: logstash
          image: >-
            registry.cn-hangzhou.aliyuncs.com/baimeidashu/logstash-daemonset:7.17.6
          env:
            - name: KAFKA_SERVER
              value: '192.168.1.250:9092'
            - name: TOPIC_ID
              value: jsonfile-log-topic
            - name: CODEC
              value: json
          resources: {}
          volumeMounts:
            - name: varlog
              mountPath: /var/log
            - name: varlogpods
              mountPath: /var/log/pods
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: Always
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      dnsPolicy: ClusterFirst
      securityContext: {}
      schedulerName: default-scheduler
  updateStrategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
      maxSurge: 0
  revisionHistoryLimit: 10

在kafka中进行查看,可以看到日志已经发送到kafka

赞(6)
未经允许不得转载:工具盒子 » 基于daemonset的日志收集k8s
标签:

厉飞雨

众生皆苦,唯有自渡!

相关推荐

最新文章

猜你喜欢

快捷分类

云服务器 日常运维 在线免费 开源工具 科学上网 开发笔记 区块链 白嫖帮 新视野 人工智能 网赚思路 Python笔记 Php笔记 Java笔记 链知识 币知识 IOS笔记 Android笔记 Mysql C语言笔记 前端开发 R笔记 Go笔记 mybatis笔记 Golang笔记 数据库 市场营销 软件教程 vps Rust笔记 软件使用 经验分享 Stable Diffusion chatgpt Midjourney 操作系统 Photoscape 加密货币 挖矿 Coze Meta 网络安全 网络运营 开源软件 Github ComfyUI 数字人 Docker笔记 Claude Oracle web3 linux windows mac redis git笔记 nginx kafka maven spring RocketMQ Zabbix ubuntu centos kubesphere ffmpeg jenkins hbase JavaScript笔记 WordPress nginx Hadoop vuejs mongo SQL Server PostgreSQL SQLite ElasticSearch Spark netty zookeeper RabbitMQ ClickHoust cocos2d gradle tomcat Markdown MinIO react Hexo git intellij idea android studio svn C++ spdlog nodejs C WordPress 宝塔面板 vim shell logstash 软件渗透 NeoDB CSS3 HTML Lua笔记 数据算法 嵌入式 debian 红帽RHEL Neo4j