Linux教程FG462-Kubernetes实战案例五

内容简介：本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容，详细介绍了相关技术的配置和使用方法。

本文档介绍

风哥提示：

Kubernetes日志收集与分析实战案例。

Part01-日志架构设计

1.1 日志收集方案

# 日志收集架构
[root@k8s-master ~]# cat > /root/fgedu-logging-arch.txt << 'EOF' FGEDU日志收集架构 ================= 1. 日志源 - 容器日志: stdout/stderr - 应用日志: 文件日志 - 系统日志: kubelet/容器运行时 - 审计日志: API Server 2. 收集方案 - Fluentd: 日志收集 - Fluent Bit: 轻量级收集 - Filebeat: 日志转发 3. 存储方案 - Elasticsearch: 日志存储 - Loki: 日志存储 - Kafka: 日志缓冲 4. 分析展示 - Kibana: 日志可视化 - Grafana: 日志展示 EOF

Part02-部署Loki日志系统

2.1 安装Loki Stack

# 创建命名空间
[root@k8s-master ~]# kubectl create namespace logging
namespace/logging created

# 使用Helm安装Loki Stack
[root@k8s-master ~]# helm repo add grafana https://grafana.github.io/helm-charts
“grafana” has been added to your repositories

[root@k8s-master ~]# cat > loki-values.yaml << 'EOF' loki: enabled: true persistence: enabled: true size: 50Gi config: auth_enabled: false ingester: chunk_idle_period: 3m chunk_block_size: 262144 chunk_retain_period: 1m limits_config: enforce_metric_name: false reject_old_samples: true reject_old_samples_max_age: 168h promtail: enabled: true config: clients: - url: http://loki:3100/loki/api/v1/push snippets: scrapeConfigs: | - job_name: kubernetes-pods kubernetes_sd_configs: - role: pod pipeline_stages: - docker: {} - match: selector: '{app="fgedu-app"}' stages: - regex: expression: '^(?P\S+) (?P\w+) (?P.*)$’
– labels:
level:
relabel_configs:
– source_labels: [__meta_kubernetes_pod_label_app]
target_label: app
– source_labels: [__meta_kubernetes_namespace]
target_label: namespace

grafana:
enabled: true
persistence:
enabled: true
size: 10Gi
adminPassword: admin123
EOF

[root@k8s-master ~]# helm install loki grafana/loki-stack -n logging -f loki-values.yaml
NAME: loki
LAST DEPLOYED: Sat Apr 4 23:00:00 2026
NAMESPACE: logging
STATUS: deployed
REVISION: 1
NOTES:
The Loki stack has been deployed to your cluster.

# 查看部署状态
[root@k8s-master ~]# kubectl get pods -n logging
NAME READY STATUS RESTARTS AGE
loki-0 1/1 Running 0 3m
loki-promtail-abc12 1/1 Running 0 3m
loki-promtail-def34 1/1 Running 0 3m
loki-promtail-ghi56 1/1 Running 0 3m
loki-grafana-abc12-xyz789 1/1 Running 0 3m

# 获取Grafana密码
[root@k8s-master ~]# kubectl get secret -n logging loki-grafana -o jsonpath=”{.data.更多视频教程www.fgedu.net.cnadmin-password}” | base64 –decode
admin123

# 端口转发访问Grafana
[root@k8s-master ~]# kubectl port-forward -n logging svc/loki-grafana 3000:80
Forwarding from 127.0.0.1:3000 -> 3000

Part03-配置日志收集

3.1 应用日志配置

# 配置应用日志格式
[root@k8s-master ~]# cat > fgedu-app-logging.yaml << 'EOF' apiVersion: v1 kind: ConfigMap metadata: name: fgedu-app-log-config namespace: fgedu-prod data: logback.xml: |

{“app”:”fgedu-app”,”env”:”prod”}

time
level
logger
message
stack_trace

—
apiVersion: apps/v1
kind: Deployment
metadata:
name: fgedu-app
namespace: fgedu-prod
spec:
replicas: 3
selector:
matchLabels:
app: fgedu-app
template:
metadata:
labels:
app: fgedu学习交流加群风哥QQ113257174-app
annotations:
prometheus.io/scrape: “true”
prometheus.io/port: “8080”
spec:
containers:
– name: app
image: fgedu/app:1.0.0
ports:
– containerPort: 8080
volumeMounts:
– name: log-config
mountPath: /app/config
readOnly: true
env:
– name: LOG_FORMAT
value: “json”
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
volumes:
– name: log-config
configMap:
name: fgedu-app-log-config
EOF

[root@k8s-master ~]# kubectl apply -f fgedu-app-logging.yaml
configmap/fgedu-app-log-config created
deployment.apps/fgedu-app configured

# 查看应用日志
[root@k8s-master ~]# kubectl logs -n fgedu-prod fgedu-app-abc12-xyzfrom PG视频:www.itpux.com789 | head -5
{“time”:”2026-04-04T23:00:00.000Z”,”level”:”INFO”,”logger”:”com.fgedu.app.Main”,”message”:”Application started”,”app”:”fgedu-app”,”env”:”prod”}
{“time”:”2026-04-04T23:00:01.000Z”,”level”:”INFO”,”logger”:”com.fgedu.app.Server”,”message”:”Server listening on port 8080″,”app”:”fgedu-app”,”env”:”prod”}
{“time”:”2026-04-04T23:00:05.000Z”,”level”:”DEBUG”,”logger”:”com.fgedu.app.Handler”,”message”:”Request received: GET /api/users”,”app”:”fgedu-app”,”env”:”prod”}
{“time”:”2026-04-04T23:00:05.100Z”,”level”:”INFO”,”logger”:”com.fgedu.app.Handler”,”message”:”Request completed: 200″,”app”:”fgedu-app”,”env”:”prod”}
{“time”:”2026-04-04T23:00:10.000Z”,”level”:”WARN”,”logger”:”com.fgedu.app.Cache”,”message”:”Cache miss for key: user_123″,”app”:”fgedu-app”,”env”:”prod”}

Part04-日志查询分析

4.1 LogQL查询

# 使用LogQL查询日志
[root@k8s-master ~]# cat > logql-queries.txt << 'EOF' LogQL常用查询 ============= 1. 基本查询 {app="fgedu-app"} {namespace="fgedu-prod", app="fgedu-app"} 2. 过滤日志 {app="fgedu-app"} |= "error" {app="fgedu-app"} |~ "error|exception" {app="fgedu-app"} != "debug" 3. 解析日志 {app="fgedu-app"} | json | level="ERROR" {app="fgedu-app"} | logfmt | level="error" 4. 聚合查询 count_over_time({app="fgedu-app"}[5m]) rate({app="fgedu-app"} |= "error" [5m]) sum by (level) (count_over_time({app="fgedu-app"} | json [1h])) 5. 指标查询 sum(rate({app="fgedu-app"} | json | level="ERROR" [5m])) by (app) topk(10, sum by (logger) (count_over_time({app="fgedu-app"} | json [1h]))) EOF # 通过API查询Loki [root@k8s-master ~]# curl -G "http://localhost:3100/loki/api/v1/query" \ --data-urlencode 'query={app="fgedu-app"}' \ --data-urlencode 'limit=10' { "status": "success", "data": { "resultType": "streams", "result": [ { "stream": { "app": "fgedu-app", "namespace": "fgedu-prod", "pod": "fgedu-app-abc12-xyz789" }, "values": [ ["1712206800000000000", "{\"time\":\"2026-04-04T23:00:00.000Z\",\"level\":\"INFO\",\"message\":\"Application started\"}"], ["1712206801000000000", "{\"time\":\"2026-04-04T23:00:01.000Z\",\"level\":\"INFO\",\"message\":\"Server started\"}"] ] } ] } } # 创建Grafana Dashboard [root@k8s-master ~]# cat > fgedu-log-dashboard.json << 'EOF' { "dashboard": { "title": "FGEDU Application Logs", "panels": [ { "title": "Log Rate", "type": "graph", "targets": [ { "expr": "sum(rate({app=\"fgedu-app\"}[5m]))", "legendFormat": "logs/s" } ] }, { "title": "Error Rate", "type": "graph", "targets": [ { "expr": "sum(rate({app=\"fgedu-app\"} |= \"error\"[5m]))", "legendFormat": "errors/s" } ] }, { "title": "Logs by Level", "type": "piechart", "targets": [ { "expr": "sum by (level) (count_over_time({app=\"fgedu-app\"} | json [1h]))", "legendFormat": "{{level}}" } ] } ] } } EOF # 配置日志告警 [root@k8s-master ~]# cat > fgedu-log-alerts.yaml << 'EOF' apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: name: fgedu-log-alerts namespace: logging spec: groups: - name: fgedu-log-alerts rules: - alert: HighErrorRate expr: sum(rate({app="fgedu-app"} |= "error" [5m])) > 10
for: 5m
labels:
severity: critical
annotations:
summary: “High error rate detected”
description: “Application fgedu-app has high error rate: {{ $value }} errors/s”

– alert: ApplicationCrash
expr: count_over_time({app=”fgedu-app”} |= “Exception” [5m]) > 5
for: 1m
labels:
severity: critical
annotations:
summary: “Application exceptions detected”
description: “Application fgedu-app has {{ $value }} exceptions in last 5 minutes”
EOF

[root@k8s-master ~]# kubectl apply -f fgedu-log-alerts.yaml
prometheusrule.monitoring.coreos.com/fgedu-log-alerts created

风哥针对日志管理建议：

使用结构化日志格式
配置合理的日志级别
设置日志保留周期
配置日志告警规则
定期分析日志趋势

本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html