关于k8s:EIK收集日志

45次阅读

共计 3081 个字符,预计需要花费 8 分钟才能阅读完成。

装置配置 elasticsearch

  • 下载 helm 包
helm pull elastic/elasticsearch
  • 容器中生成 elastic 证书
#!/bin/bash
RELEASE=7.9.1
docker run --name elastic-charts-certs -i -w /app \
  harbor-k8s.iwgame.com/containers/elasticsearch:$RELEASE \
  /bin/sh -c " \
    elasticsearch-certutil ca --out /app/elastic-stack-ca.p12 --pass '' && \
    elasticsearch-certutil cert --name security-master --dns security-master --ca /app/elastic-stack-ca.p12 --pass ''--ca-pass'' --out /app/elastic-certificates.p12" && \
docker cp elastic-charts-certs:/app/elastic-certificates.p12 ./ && \
docker rm -f elastic-charts-certs && \
openssl pkcs12 -nodes -passin pass:'' -in elastic-certificates.p12 -out elastic-certificate.pem
  • 创立 secrets 生成账号密码和证书
kubectl create secret -n efk generic elastic-certificates --from-file=elastic-certificates.p12
kubectl create secret -n efk generic elastic-certificate-pem --from-file=elastic-certificate.pem

kubectl create secret -n efk generic elastic-credentials  --from-literal=password=123 --from-literal=username=elastic
  • 批改 values.yaml 文件
volumeClaimTemplate:
  accessModes: ["ReadWriteOnce"]
  storageClassName: "iwgame-nfs-storage"
  resources:
    requests:
      storage: 30Gi
esConfig:
  elasticsearch.yml: |
    cluster.name: "docker-cluster"
    network.host: 0.0.0.0
    xpack.security.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
    xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
extraEnvs:
  - name: ELASTIC_PASSWORD
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
  - name: ELASTIC_USERNAME
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
secretMounts:
  - name: elastic-certificates
    secretName: elastic-certificates
    path: /usr/share/elasticsearch/config/certs
  • 装置 elasticsearch
helm install  --namespace=logging  elastic ./
  • 查看 pod 运行状态

个别都须要装置奇数,因为我只有两个 node 所以部署了 2 个,生产环境倡议装置三个

装置 kibana

  • 下载 helm 包
helm pull elastic/kinaba
  • 批改 values.yaml 文件
extraEnvs:
  - name: "NODE_OPTIONS"
    value: "--max-old-space-size=1800"
  - name: 'ELASTICSEARCH_USERNAME'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
  - name: 'ELASTICSEARCH_PASSWORD'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
kibanaConfig:
  kibana.yml: |
    server.port: 5601
    server.host: "0.0.0.0"
    elasticsearch.hosts: ["http://elasticsearch-master:9200"]
    i18n.locale: "zh-CN"
ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  path: /
  hosts:
    - elastic.kibana.com
  • 装置 kibana
helm install  --namespace=logging  kibana ./

装置 filebeat

  • 下载 helm 包
helm pull elastic/filebeat
  • 批改 values.yaml 文件
filebeatConfig:
  filebeat.yml: |
    filebeat.inputs:
    - type: container
      paths:
        - /var/log/containers/*.log
      processors:
      - add_kubernetes_metadata:
          host: ${NODE_NAME}
          matchers:
          - logs_path:
              logs_path: "/var/log/containers/"

    output.elasticsearch:
      username: 'elastic'
      password: '123'
      host: '${NODE_NAME}'
      hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
extraEnvs:
  - name: 'ELASTICSEARCH_USERNAME'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
  - name: 'ELASTICSEARCH_PASSWORD'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
  • 装置 filebeat
 helm install filebeat --namespace=logging ./

登录 kibana 输出账号密码建设索引查看数据

正文完
 0