乐趣区

关于k8s:EIK收集日志

作者:

jiezi

装置配置elasticsearch

  • 下载helm包
helm pull elastic/elasticsearch
  • 容器中生成elastic证书
#!/bin/bash
RELEASE=7.9.1
docker run --name elastic-charts-certs -i -w /app \
  harbor-k8s.iwgame.com/containers/elasticsearch:$RELEASE \
  /bin/sh -c " \
    elasticsearch-certutil ca --out /app/elastic-stack-ca.p12 --pass '' && \
    elasticsearch-certutil cert --name security-master --dns security-master --ca /app/elastic-stack-ca.p12 --pass '' --ca-pass '' --out /app/elastic-certificates.p12" && \
docker cp elastic-charts-certs:/app/elastic-certificates.p12 ./ && \
docker rm -f elastic-charts-certs && \
openssl pkcs12 -nodes -passin pass:'' -in elastic-certificates.p12 -out elastic-certificate.pem
  • 创立secrets生成账号密码和证书
kubectl create secret -n efk generic elastic-certificates --from-file=elastic-certificates.p12
kubectl create secret -n efk generic elastic-certificate-pem --from-file=elastic-certificate.pem

kubectl create secret -n efk generic elastic-credentials  --from-literal=password=123 --from-literal=username=elastic
  • 批改values.yaml文件
volumeClaimTemplate:
  accessModes: [ "ReadWriteOnce" ]
  storageClassName: "iwgame-nfs-storage"
  resources:
    requests:
      storage: 30Gi
esConfig:
  elasticsearch.yml: |
    cluster.name: "docker-cluster"
    network.host: 0.0.0.0
    xpack.security.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
    xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
extraEnvs:
  - name: ELASTIC_PASSWORD
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
  - name: ELASTIC_USERNAME
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
secretMounts:
  - name: elastic-certificates
    secretName: elastic-certificates
    path: /usr/share/elasticsearch/config/certs
  • 装置elasticsearch
helm install  --namespace=logging  elastic ./
  • 查看pod运行状态

个别都须要装置奇数,因为我只有两个node所以部署了2个,生产环境倡议装置三个

装置kibana

  • 下载helm包
helm pull elastic/kinaba
  • 批改values.yaml文件
extraEnvs:
  - name: "NODE_OPTIONS"
    value: "--max-old-space-size=1800"
  - name: 'ELASTICSEARCH_USERNAME'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
  - name: 'ELASTICSEARCH_PASSWORD'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
kibanaConfig:
  kibana.yml: |
    server.port: 5601
    server.host: "0.0.0.0"
    elasticsearch.hosts: [ "http://elasticsearch-master:9200" ]
    i18n.locale: "zh-CN"
ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  path: /
  hosts:
    - elastic.kibana.com
  • 装置kibana
helm install  --namespace=logging  kibana ./

装置filebeat

  • 下载helm包
helm pull elastic/filebeat
  • 批改values.yaml文件
filebeatConfig:
  filebeat.yml: |
    filebeat.inputs:
    - type: container
      paths:
        - /var/log/containers/*.log
      processors:
      - add_kubernetes_metadata:
          host: ${NODE_NAME}
          matchers:
          - logs_path:
              logs_path: "/var/log/containers/"

    output.elasticsearch:
      username: 'elastic'
      password: '123'
      host: '${NODE_NAME}'
      hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
extraEnvs:
  - name: 'ELASTICSEARCH_USERNAME'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
  - name: 'ELASTICSEARCH_PASSWORD'
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
  • 装置filebeat
 helm install filebeat --namespace=logging ./

登录kibana输出账号密码建设索引查看数据

评论

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注

这个站点使用 Akismet 来减少垃圾评论。了解你的评论数据如何被处理

更多文章