由于项目组业务需求,在k8s中运行的微服务日志要进行收集。
1、需要将k8s中的每个pod微服务挂载一个卷,(每个pod都会在一个node上,在node节点上创建一个文件夹,如:/logs/ 将这个目录挂载到每个微服务的pod中,使之实现映射)
apiVersion: apps/v1
kind: Deployment
metadata:
name: neusipo-cloud-gateway-deployment
namespace: gateway
spec:
selector:
matchLabels:
app: neusipo-cloud-gateway
replicas: 3
minReadySeconds: 10
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
name: neusipo-cloud-gateway
labels:
app: neusipo-cloud-gateway
spec:
containers:
- name: neusipo-cloud-gateway
image: cr.registry.cnipaig1.cloud/neusipo/neusipo-cloud-gateway-test:1.0 #这里的镜像地址是阿里云镜像仓库地址
args: ["--spring.profiles.active=test"] #配置文件中的测试配置
env:
- name: SERVER_PORT
value: "18080"
resources:
requests:
cpu: 4
memory: 4Gi
limits:
cpu: 4
memory: 4Gi
volumeMounts: #pod中挂载
- name: gateway-logs #name与下方本机name保持一致
mountPath: /sipo-data/neusipo-test/ #pod中的挂载地址
readOnly: false
volumes: #本机卷
- name: gateway-logs
hostPath:
path: /logs/ #本机创建的挂载目录2、执行命令,创建pod。
kubectl apply -f deployment-demo.yaml -n gateway3、查看是否创建成功
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl get pods -n gateway
NAME READY STATUS RESTARTS AGE
neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht 1/1 Running 0 4h16m
neusipo-cloud-gateway-deployment-66b6c96fbf-r7wcd 1/1 Running 0 4h16m
neusipo-cloud-gateway-deployment-66b6c96fbf-wwjpk 1/1 Running 0 4h16m看到STATUS状态为Running 时说明容器已启动。
4、此时验证pod中是否已经挂载上本机目录。
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl exec -it neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht -n gateway -- bash
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht data]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 40G 17G 21G 45% /
tmpfs 64M 0 64M 0% /dev
tmpfs 7.8G 0 7.8G 0% /sys/fs/cgroup
/dev/vda1 40G 17G 21G 45% /sipo-data/neusipo-test #这里就代表已经挂载上本机所创建的目录了
shm 64M 0 64M 0% /dev/shm
tmpfs 7.8G 12K 7.8G 1% /run/secrets/kubernetes.io/serviceaccount
tmpfs 7.8G 0 7.8G 0% /proc/acpi
tmpfs 7.8G 0 7.8G 0% /proc/scsi
tmpfs 7.8G 0 7.8G 0% /sys/firmware
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht data]#此时查看pod服务启动后是否有日志打印,通过映射到node节点上创建的目录。(查看pod在那个node节点上,登录node节点,进入创建的目录,查看是否pod日志映射出来)
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht data]# cd /sipo-data/neusipo-test/
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht neusipo-test]# ls
gateway
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht neusipo-test]# cd gateway/
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht gateway]# ls
logs
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht gateway]# cd logs/
[root@neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht logs]# ls
error info[root@iZqj001np4kv147ax0tr54Z ~]# kubectl get pods -n gateway -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
neusipo-cloud-gateway-deployment-66b6c96fbf-9ncht 1/1 Running 0 4h26m 172.20.1.91 cn-beijing-gzj1-d01.i-qj001np4kv147gu45x2l <none> <none>
neusipo-cloud-gateway-deployment-66b6c96fbf-r7wcd 1/1 Running 0 4h26m 172.20.0.198 cn-beijing-gzj1-d01.i-qj001np4kv147gu45x2k <none> <none>
neusipo-cloud-gateway-deployment-66b6c96fbf-wwjpk 1/1 Running 0 4h26m 172.20.1.60 cn-beijing-gzj1-d01.i-qj001np4kv147gu45x2j <none> <none>
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl get node -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
cn-beijing-gzj1-d01.i-qj001np4kv147ax0tr54 Ready master 198d v1.14.8-aliyun.1 10.160.22.68 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.9.2
cn-beijing-gzj1-d01.i-qj001np4kv147ax0tr55 Ready master 198d v1.14.8-aliyun.1 10.160.22.69 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.9.2
cn-beijing-gzj1-d01.i-qj001np4kv147ax0tr56 Ready master 198d v1.14.8-aliyun.1 10.160.22.70 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.9.2
cn-beijing-gzj1-d01.i-qj001np4kv147gu45x2j Ready <none> 198d v1.14.8-aliyun.1 10.160.22.73 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.9.2
cn-beijing-gzj1-d01.i-qj001np4kv147gu45x2k Ready <none> 198d v1.14.8-aliyun.1 10.160.22.72 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.9.2
cn-beijing-gzj1-d01.i-qj001np4kv147gu45x2l Ready <none> 198d v1.14.8-aliyun.1 10.160.22.71 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.9.2从这里看到其中一个pod在10.160.22.73这个node节点上,登录node节点查看是否有映射的日志
[root@iZqj001np4kv147gu45x2jZ logs]# pwd
/logs
[root@iZqj001np4kv147gu45x2jZ logs]# ls
gateway
[root@iZqj001np4kv147gu45x2jZ logs]# cd gateway/
[root@iZqj001np4kv147gu45x2jZ gateway]# ls
logs
[root@iZqj001np4kv147gu45x2jZ gateway]# cd logs/
[root@iZqj001np4kv147gu45x2jZ logs]# ls
error info如果node节点出现了和pod中一样的目录则说明,挂载成功并映射成功,(其他微服务同理就行)
5、日志映射出来后,需要搭建filebeat镜像,创建filebeat的pod容器,容器需要创建为DaemonSet形式的(DaemonSet所创建的容器类似于守护进程,它会在每个node节点都创建一个pod),使filebeat容器可以从所有的node节点日志目录拉取日志到pod中,并发送给elk进行日志分析。在master节点上下载filebeat压缩包,并解压。
[root@iZqj001np4kv147ax0tr54Z ~]# ls
deployment-demo.yaml filebeat-7.13.1-linux-x86_64.tar.gz daemonset-demo.yamlfilebeat-7.13.1-linux-x86_64 daemonset-demo.yaml dockerfile-filebeat创建filebeat的docker镜像
[root@iZqj001np4kv147ax0tr54Z ~]# cat dockerfile-filebeat
FROM cr.registry.cnipaig1.cloud/neusipo/centos:7.9.2009
ENV LANG en_US.UTF-8
ENV TZ Asia/Shanghai
ADD filebeat-7.13.1-linux-x86_64.tar.gz /data/
WORKDIR /data/filebeat-7.13.1-linux-x86_64
ENTRYPOINT ["./filebeat", "-c", "filebeat.yml", "-e"]上传到阿里云的镜像仓库,阿里云容器镜像服务文档中已写如何上传,照着一步步执行就可。
构建filebeat的yaml文件
apiVersion: apps/v1
kind: DaemonSet #这里为DaemonSet模式
metadata:
name: neusipo-filebeat
namespace: filebeat
spec:
selector:
matchLabels:
app: neusipo-filebeat
template:
metadata:
name: neusipo-filebeat
labels:
app: neusipo-filebeat
spec:
containers:
- name: neusipo-filebeat
image: cr.registry.cnipaig1.cloud/neusipo/filebeat:v2
command: ["./filebeat", "-c", "/data/filebeat/conf/filebeat.yml", "-e"] #command模块可以强制替换容器里默认的启动命令
resources:
requests:
cpu: 4
memory: 4Gi
limits:
cpu: 4
memory: 4Gi
volumeMounts:
- name: filebeat-log
mountPath: /sipo-data/neusipo-test/ #这里为挂载node目录到pod中的目录
readOnly: false
- name: neusipo-filebeat
mountPath: /data/filebeat/conf/ #这里为pod容器内filebeat配置文件目录
readOnly: true
volumes:
- name: filebeat-log
hostPath:
path: /logs/ #node节点目录
- name: neusipo-filebeat
configMap: #将pod容器内的filebeat配置文件映射到configmap中
name: neusipo-filebeat #configmap内filebeat的name
items:
- key: filebeat.yml #映射在configmap中的filebeat的配置文件名
path: filebeat.yml #pod中filebeat的配置文件名创建neusipo-filebeat的configmap,映射的文件是从filebeat压缩包解压出来的配置文件
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl create configmap neusipo-filebeat --from-file=filebeat.yml -n filebeat
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl get configmap -n filebeat
NAME DATA AGE
neusipo-filebeat 1 3h55m #这里DATA出现1,说明文件已经写入创建namesapce
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl create configmap ns filebeat
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl get ns |grep filebeat
filebeat Active 4h25m创建filebeat的pod容器,并查看是否创建成功
kubectl apply -f daemonset-demo.yaml -n filebeat
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl get pods -n filebeat
NAME READY STATUS RESTARTS AGE
neusipo-filebeat-64mhf 1/1 Running 0 3h55m
neusipo-filebeat-k9ncp 1/1 Running 0 3h55m
neusipo-filebeat-lsvcb 1/1 Running 0 3h55m进入容器查看是否挂载上node目录,并查看是否拉取到微服务的日志
[root@iZqj001np4kv147ax0tr54Z ~]# kubectl exec -it neusipo-filebeat-k9ncp -n filebeat /bin/bash
[root@neusipo-filebeat-k9ncp filebeat-7.13.1-linux-x86_64]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 40G 17G 21G 45% /
tmpfs 64M 0 64M 0% /dev
tmpfs 7.8G 0 7.8G 0% /sys/fs/cgroup
/dev/vda1 40G 17G 21G 45% /sipo-data/neusipo-test
shm 64M 0 64M 0% /dev/shm
tmpfs 7.8G 12K 7.8G 1% /run/secrets/kubernetes.io/serviceaccount
tmpfs 7.8G 0 7.8G 0% /proc/acpi
tmpfs 7.8G 0 7.8G 0% /proc/scsi
tmpfs 7.8G 0 7.8G 0% /sys/firmware
[root@neusipo-filebeat-k9ncp filebeat-7.13.1-linux-x86_64]# cd /sipo-data/neusipo-test/
[root@neusipo-filebeat-k9ncp neusipo-test]# ls
gateway
[root@neusipo-filebeat-k9ncp neusipo-test]# cd gateway/
[root@neusipo-filebeat-k9ncp gateway]# ls
logs
[root@neusipo-filebeat-k9ncp gateway]# cd logs/
[root@neusipo-filebeat-k9ncp logs]# ls
error info
[root@neusipo-filebeat-k9ncp logs]#后续只需要更改configmap中的filebeat配置文件,就可以了。
kubectl edit configmap neusipo-filebeat -n filebeat完成!!!
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
