内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
本
风哥提示:
文档介绍Kubernetes集群的日志管理方法。
Part01-日志架构
1.1 日志管理方案
[root@k8s-master ~]# cat > /root/k8s-logging.txt << 'EOF' Kubernetes日志管理 ================= 1. 日志类型 - 容器日志: stdout/stderr - 应用日志: 文件日志 - 系统日志: kubelet、容器运行时 - 审计日志: API Server审计 2. 日志收集方案 - EFK: Elasticsearch + Fluentd + Kibana - ELK: Elasticsearch + Logstash + Kibana - PLG: Promtail + Loki + Grafana 3. 日志格式 - JSON格式 - 文本格式 - 结构化日志 4. 日志存储 - 本地存储 - 集中存储 - 对象存储 EOF
Part02-部署EFK
2.1 部署Elasticsearch
[root@k8s-master ~]# kubectl create namespace logging
namespace/logging created
# 部署Elasticsearch
[root@k8s-master ~]# cat > elasticsearch.yaml << 'EOF'
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch
namespace: logging
spec:
serviceName: elasticsearch
replicas: 1
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:8.11.0
ports:
- containerPort: 9200
env:
- name: discovery.type
value: single-node
- name: ES_JAVA_OPTS
value: "-Xms1g -Xmx1g"
- name: xpack.security.enabled
value: "false"
resources:
requests:
cpu: 500m
memory: 1Gi
limits:
cpu: 1000m
memory: 2Gi
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
namespace: logging
spec:
selector:
app: elasticsearch
ports:
- port: 9200
targetPort: 9200
EOF
[root@k8s-master ~]# kubectl apply -f elasticsearch.yaml
statefulset.apps/elasticsearch created
service/elasticsearch created
# 查看Elasticsearch状态
[root@k8s-master ~]# kubectl get pods -n logging
NAME READY STATUS RESTARTS AGE
elasticsearch-0 1/1 Running 0 2m
Part03-部署Fluentd
3.1 部署日志收集器
[root@k8s-master ~]# cat > fluentd.学习交流加群风哥微信: itpux-comyaml << 'EOF' apiVersion: v1 kind: ServiceAccount metadata: name: fluentd namespace: logging --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: fluentd rules: - apiGroups: [""] resources: ["pods", "namespaces"] verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: fluentd roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: fluentd subjects: - kind: ServiceAccount name: fluentd namespace: logging --- apiVersion: apps/v1 kind: DaemonSet metadata: name: fluentd namespace: logging spec: selector: matchLabels: app: fluentd template: metadata: labels: app: fluentd spec: serviceAccountName: fluentd tolerations: - key: node-role.kubernetes.io/control-plane effect: NoSchedule containers: - name: fluentd image: fluent/fluentd-kubernetes-daemonset:v1-debian-elasticsearch env: - name: FLUENT_ELASTICSEARCH_HOST value: "elasticsearch.logging.svc.cluster.local" - name: FLUENT_ELASTICSEARCH_PORT value: "9200" - name: FLUENT_ELASTICSEARCH_SCHEME value: "http" resources: requests: cpu: 100m memory: 200Mi limits: cpu: 500m memory: 500Mi volumeMounts: - name: varlog mountPath: /var/log - name: varlibdockercontainers mountPath: /var/lib/docker/containers readOnly: true volumes: - name: varlog hostPath: path: /var/log - name: varlibdockercontainers hostPath: path: /var/lib/docker/containers EOF [root@k8s-master ~]# kubectl apply -f fluentd.yaml serviceaccount/fluentd created clusterrole.更多from PG视频:www.itpux.com视频教程www.fgedu.net.cnrbac.authorization.k8s.io/fluentd created clusterrolebinding.rbac.authorization.k8s.io/fluentd created daemonset.apps/fluentd created # 查看Fluentd状态 [root@k8s-master ~]# kubectl get pods -n logging -l app=fluentd NAME READY STATUS RESTARTS AGE fluentd-abc12 1/1 Running 0 1m fluentd-def34 1/1 Running 0 1m fluentd-ghi56 1/1 Running 0 1m
Part04-部署K学习交流加群风哥QQ113257174ibana
4.1 部署日志可视化
[root@k8s-master ~]# cat > kibana.yaml << 'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: kibana namespace: logging spec: replicas: 1 selector: matchLabels: app: kibana template: metadata: labels: app: kibana spec: containers: - name: kibana image: docker.elastic.co/kibana/kibana:8.11.0 ports: - containerPort: 5601 env: - name: ELASTICSEARCH_HOSTS value: "http://elasticsearch:9200" resources: requests: cpu: 100m memory: 256Mi limits: cpu: 500m memory: 512Mi --- apiVersion: v1 kind: Service metadata: name: kibana namespace: logging spec: selector: app: kibana ports: - port: 5601 targetPort: 5601 type: NodePort EOF 更多学习教程公众号风哥教程itpux_com [root@k8s-master ~]# kubectl apply -f kibana.yaml deployment.apps/kibana created service/kibana created # 查看Kibana状态 [root@k8s-master ~]# kubectl get pods -n logging -l app=kibana NAME READY STATUS RESTARTS AGE kibana-abc12-xyz789 1/1 Running 0 1m # 查看Kibana Service [root@k8s-master ~]# kubectl get svc -n logging kibana NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kibana NodePort 10.96.100.100
# 端口转发访问Kibana
[root@k8s-master ~]# kubectl port-forward -n logging svc/kibana 5601:5601
Forwarding from 127.0.0.1:5601 -> 5601
Forwarding from [::1]:5601 -> 5601
# 查看日志索引
[root@k8s-master ~]# curl -s http://localhost:9200/_cat/indices?v
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open logstash-2026.04.04 abc123def456789012345 1 0 1234 0 1.2mb 1.2mb
- 使用集中日志管理
- 配置日志轮转策略
- 设置合理的保留周期
- 使用结构化日志格式
- 配置日志告警规则
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
