2. it技术
  3. k8s部署elk

k8s部署elk

it2025-10-04  10

http://www.mamicode.com/info-detail-2587347.html https://juejin.im/post/5b6eaef96fb9a04fa25a0d37#heading-33

部署elasticsearch.yml
--- apiVersion: v1 kind: Service metadata: name: elasticsearch-api namespace: elk labels: name: elasticsearch spec: selector: app: es ports: - name: transport port: 9200 protocol: TCP --- apiVersion: v1 kind: Service metadata: name: elasticsearch-discovery namespace: elk labels: name: elasticsearch spec: selector: app: es ports: - name: transport port: 9300 protocol: TCP --- apiVersion: apps/v1 kind: StatefulSet metadata: name: elasticsearch namespace: elk labels: kubernetes.io/cluster-service: "true" spec: replicas: 3 serviceName: "elasticsearch-service" selector: matchLabels: app: es template: metadata: labels: app: es spec: tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master serviceAccountName: default initContainers: - name: init-sysctl image: busybox:1.27 command: - sysctl - -w - vm.max_map_count=262144 securityContext: privileged: true containers: - name: elasticsearch image: registry.cn-hangzhou.aliyuncs.com/cqz/elasticsearch:5.5.1 ports: - containerPort: 9200 protocol: TCP - containerPort: 9300 protocol: TCP securityContext: capabilities: add: - IPC_LOCK - SYS_RESOURCE resources: limits: memory: 4000Mi requests: cpu: 100m memory: 2000Mi env: - name: "http.host" value: "0.0.0.0" - name: "network.host" value: "_eth0_" - name: "cluster.name" value: "docker-cluster" - name: "bootstrap.memory_lock" value: "false" - name: "discovery.zen.ping.unicast.hosts" value: "elasticsearch-discovery" - name: "discovery.zen.ping.unicast.hosts.resolve_timeout" value: "10s" - name: "discovery.zen.ping_timeout" value: "6s" - name: "discovery.zen.minimum_master_nodes" value: "2" - name: "discovery.zen.fd.ping_interval" value: "2s" - name: "discovery.zen.no_master_block" value: "write" - name: "gateway.expected_nodes" value: "2" - name: "gateway.expected_master_nodes" value: "1" - name: "transport.tcp.connect_timeout" value: "60s" - name: "ES_JAVA_OPTS" value: "-Xms2g -Xmx2g" livenessProbe: tcpSocket: port: transport initialDelaySeconds: 20 periodSeconds: 10 volumeMounts: - name: es-data mountPath: /data terminationGracePeriodSeconds: 30 volumes: - name: es-data hostPath: path: /es-data
部署log-pilot
--- apiVersion: apps/v1 kind: DaemonSet metadata: name: log-pilot namespace: elk labels: k8s-app: log-pilot kubernetes.io/cluster-service: "true" spec: selector: matchLabels: k8s-app: log-es template: metadata: labels: k8s-app: log-es kubernetes.io/cluster-service: "true" version: v1.22 spec: tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule serviceAccountName: default containers: - name: log-pilot image: registry.cn-hangzhou.aliyuncs.com/acs-sample/log-pilot:0.9-filebeat resources: limits: memory: 200Mi requests: cpu: 100m memory: 200Mi env: - name: "FILEBEAT_OUTPUT" value: "elasticsearch" - name: "ELASTICSEARCH_HOST" value: "elasticsearch-api" - name: "ELASTICSEARCH_PORT" value: "9200" - name: "ELASTICSEARCH_USER" value: "elastic" - name: "ELASTICSEARCH_PASSWORD" value: "changeme" volumeMounts: - name: sock mountPath: /var/run/docker.sock - name: root mountPath: /host readOnly: true - name: varlib mountPath: /var/lib/filebeat - name: varlog mountPath: /var/log/filebeat securityContext: capabilities: add: - SYS_ADMIN terminationGracePeriodSeconds: 30 volumes: - name: sock hostPath: path: /var/run/docker.sock - name: root hostPath: path: / - name: varlib hostPath: path: /var/lib/filebeat type: DirectoryOrCreate - name: varlog hostPath: path: /var/log/filebeat type: DirectoryOrCreate
部署kibana
--- apiVersion: v1 kind: Service metadata: name: kibana namespace: elk labels: component: kibana spec: selector: component: kibana ports: - name: http port: 30080 targetPort: http type: NodePort --- apiVersion: apps/v1 kind: Deployment metadata: name: kibana namespace: elk labels: component: kibana spec: replicas: 1 selector: matchLabels: component: kibana template: metadata: labels: component: kibana spec: containers: - name: kibana image: registry.cn-hangzhou.aliyuncs.com/acs-sample/kibana:5.5.1 env: - name: CLUSTER_NAME value: docker-cluster - name: ELASTICSEARCH_URL value: http://elasticsearch-api:9200/ resources: limits: cpu: 1000m requests: cpu: 100m ports: - containerPort: 5601 name: http
部署测试应用
apiVersion: apps/v1 kind: Deployment metadata: name: log-contanier-file-fluentbit labels: k8s-app: log-contanier-file-fluentbit spec: replicas: 1 selector: matchLabels: k8s-app: log-contanier-file-fluentbit template: metadata: labels: k8s-app: log-contanier-file-fluentbit spec: terminationGracePeriodSeconds: 30 containers: - name: log-contanier-file-fluentbit image: alpine:latest command: - sh - -c - 'count=1;while true;do echo log to file $count>>/data/logs/log-contanier-file-fluentbit.log;sleep 1;count=$(($count+1));done' volumeMounts: - name: app-logs mountPath: /data/logs env: - name: aliyun_logs_catalina value: "stdout" - name: aliyun_logs_access value: "/data/logs/log-contanier-file-fluentbit.log" volumes: - name: app-logs emptyDir: {}
kibana查看

create index pattern

access*

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-AVGktwjy-1603335455211)(en-resource://database/2221:1)]

最新回复(0)