3.4 部署 EFK 日志服务
从 github 上下载 kubernetes-v1.22.6 包,下载地址
[!Note]
自带的 es 没有持久化功能,如果需要持久化,可以选择 pvc
下载 1.22.1 源码包
wget https://github.com/kubernetes/kubernetes/archive/refs/tags/v1.22.6.tar.gz \
-O kubernetes-1.22.6.tar.gz
tar xf kubernetes-1.22.6.tar.gz
cd kubernetes-1.22.6/cluster/addons/fluentd-elasticsearch
修改清单文件
修改es的镜像地址和拉取策略
cp es-statefulset.yaml{,.ori}
sed -i '/imagePullPolicy/s@Always@IfNotPresent@' es-statefulset.yaml
查看修改内容
diff es-statefulset.yaml.ori es-statefulset.yaml
输出如下
72c72
< imagePullPolicy: Always
---
> imagePullPolicy: IfNotPresent
修改 kibana 配置
cp kibana-deployment.yaml{,.ori}
sed -i '/value:/s@/api/v1/namespaces/logging/services/kibana-logging/proxy@""@' kibana-deployment.yaml
检查修改
diff kibana-deployment.yaml.ori kibana-deployment.yaml
输出如下
37c37
< value: /api/v1/namespaces/logging/services/kibana-logging/proxy
---
> value: ""
部署清单文件
kubectl apply -f .
输出如下
namespace/logging created
service/elasticsearch-logging created
serviceaccount/elasticsearch-logging created
clusterrole.rbac.authorization.k8s.io/elasticsearch-logging created
clusterrolebinding.rbac.authorization.k8s.io/elasticsearch-logging created
statefulset.apps/elasticsearch-logging created
configmap/fluentd-es-config-v0.2.1 created
serviceaccount/fluentd-es created
clusterrole.rbac.authorization.k8s.io/fluentd-es created
clusterrolebinding.rbac.authorization.k8s.io/fluentd-es created
daemonset.apps/fluentd-es-v3.1.1 created
deployment.apps/kibana-logging created
service/kibana-logging created
暴露服务供外网访问
NodePort 方式
kubectl patch -n logging svc kibana-logging -p '{"spec":{"type":"NodePort"}}'
service/kibana-logging patched
LoadBalancer 方式
kubectl patch -n logging svc kibana-logging -p '{"spec":{"type":"LoadBalancer"}}'
service/kibana-logging patched
kubectl get svc kibana-logging -n logging
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kibana-logging LoadBalancer 10.102.253.67 192.168.122.193 5601:32107/TCP 61s
访问 kibana
打开浏览器,输入 http://192.168.122.193:5601 进行日志查询等操作
修复时间问题为北京时间,挂载 node 节点的/etc/localtime到pod中
修改 es
cp es-statefulset.yaml{,.ori}
diff es-statefulset.yaml.ori es-statefulset.yaml
查看更改
72c72
< imagePullPolicy: IfNotPresent
---
> imagePullPolicy: Always
101,102d100
< - name: timezone
< mountPath: /etc/localtime
113,115d110
< - name: timezone
< hostPath:
< path: /etc/localtime
kubectl apply -f es-statefulset.yaml
修改 kibana
查看修改
diff kibana-deployment.yaml.ori kibana-deployment.yaml
输出如下
37c37
< value: ""
---
> value: /api/v1/namespaces/logging/services/kibana-logging/proxy
56,63d55
< volumeMounts:
< - name: timezone
< mountPath: /etc/localtime
< volumes:
< - name: timezone
< hostPath:
< path: /etc/localtime
部署kibana
kubectl apply -f kibana-deployment.yaml
持久化存储
这里就 Elasticsearch 属于有状态的,需要给它配置 pvc
diff es-statefulset.yaml.ori es-statefulset.yaml
修改后如下
56,59d55
< updateStrategy:
< rollingUpdate:
< partition: 0
< type: RollingUpdate
76c72
< imagePullPolicy: IfNotPresent
---
> imagePullPolicy: Always
105,106d100
< - name: timezone
< mountPath: /etc/localtime
115,117c109,110
< - name: timezone
< hostPath:
< path: /etc/localtime
---
> - name: elasticsearch-logging
> emptyDir: {}
127,135d119
< volumeClaimTemplates:
< - metadata:
< name: elasticsearch-logging
< spec:
< accessModes:
< - ReadWriteOnce
< resources:
< requests:
< storage: 1Gi # 生产环境根据实际使用情况配置,做好日志清理策略
重新创建
kubectl delete -f es-statefulset.yaml
kubectl apply -f es-statefulset.yaml
查看 pvc 创建
kubectl get pvc -n logging
输出如下
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
elasticsearch-logging-elasticsearch-logging-0 Bound pvc-e7f5ceef-d1e2-49f4-a859-7ac1b4dbcc04 1Gi RWO ceph-rbd 23s