这篇文章给大家介绍Kubernetes1.6.2如何部署EFK 插件,内容非常详细,感兴趣的小伙伴们可以参考借鉴,希望对大家能有所帮助。
准备yaml文件
官方文件目录:
https://github.com/kubernetes/kubernetes/tree/v1.6.2/cluster/addons/fluentd-elasticsearch
新加了 es-rbac.yaml
和 fluentd-es-rbac.yaml
文件,定义了 elasticsearch 和 fluentd 使用的 Role 和 RoleBinding
es-rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: elasticsearch
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1alpha1
metadata:
name: elasticsearch
subjects:
- kind: ServiceAccount
name: elasticsearch
namespace: kube-system
roleRef:
kind: ClusterRole
name: view
apiGroup: rbac.authorization.k8s.io
fluentd-es-rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: fluentd
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1alpha1
metadata:
name: fluentd
subjects:
- kind: ServiceAccount
name: fluentd
namespace: kube-system
roleRef:
kind: ClusterRole
name: view
apiGroup: rbac.authorization.k8s.io
配置 es-controller.yaml
将镜像地址改为阿里云地址
registry.cn-hangzhou.aliyuncs.com/google-containers/elasticsearch:v2.4.1-1
配置 fluentd-es-ds.yaml
将镜像地址改为阿里云地址
registry.cn-hangzhou.aliyuncs.com/google-containers/fluentd-elasticsearch:1.22
配置 kibana-controller.yaml
将镜像地址改为阿里云地址
registry.cn-hangzhou.aliyuncs.com/google-containers/kibana:v4.6.1-1
给 Node 设置标签
DaemonSet fluentd-es-v1.22
只会调度到设置了标签 beta.kubernetes.io/fluentd-ds-ready=true
的 Node,需要在期望运行 fluentd 的 Node 上设置该标签;
[root@cz_fbsdb500_06 efk]# kubectl get nodes
NAME STATUS AGE VERSION
10.112.101.91 Ready 55d v1.6.2
10.112.101.92 Ready 55d v1.6.2
10.112.101.93 Ready 55d v1.6.2
[root@cz_fbsdb500_06 efk]# kubectl label nodes 10.112.101.93 beta.kubernetes.io/fluentd-ds-ready=true
[root@cz_fbsdb500_06 efk]# kubectl get node --show-labels
NAME STATUS AGE VERSION LABELS
10.112.101.91 Ready 55d v1.6.2 a=b,beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=10.112.101.91
10.112.101.92 Ready 55d v1.6.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=10.112.101.92
10.112.101.93 Ready 55d v1.6.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/fluentd-ds-ready=true,beta.kubernetes.io/os=linux,kubernetes.io/hostname=10.112.101.93
es-service.yaml和kibana-service.yaml保持不变
执行定义文件
到efk的yaml文件目录执行
kubectl create -f .
检查执行结果
[root@cz_fbsdb500_06 efk]# kubectl get deployment -n kube-system|grep kibana
kibana-logging 1 1 1 1 5d
[root@cz_fbsdb500_06 efk]# kubectl get pods -n kube-system|grep -E 'elasticsearch|fluentd|kibana'
elasticsearch-logging-v1-3fmc1 1/1 Running 0 5d
elasticsearch-logging-v1-zffql 1/1 Running 0 5d
fluentd-es-v1.22-5mpwk 1/1 Running 0 4d
kibana-logging-162986974-kz16j 1/1 Running 0 5d
kibana 第一次启动时间比较长,差不多要等10分钟左右。
访问 kibana
[root@cz_fbsdb500_06 efk]# kubectl cluster-info
Kubernetes master is running at https://10.112.101.90:6443
Elasticsearch is running at https://10.112.101.90:6443/api/v1/proxy/namespaces/kube-system/services/elasticsearch-logging
Heapster is running at https://10.112.101.90:6443/api/v1/proxy/namespaces/kube-system/services/heapster
Kibana is running at https://10.112.101.90:6443/api/v1/proxy/namespaces/kube-system/services/kibana-logging
KubeDNS is running at https://10.112.101.90:6443/api/v1/proxy/namespaces/kube-system/services/kube-dns
kubernetes-dashboard is running at https://10.112.101.90:6443/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard
monitoring-grafana is running at https://10.112.101.90:6443/api/v1/proxy/namespaces/kube-system/services/monitoring-grafana
monitoring-influxdb is running at https://10.112.101.90:6443/api/v1/proxy/namespaces/kube-system/services/monitoring-influxdb
由于 kube-apiserver 开启了 RBAC 授权,而浏览器访问 kube-apiserver 的时候使用的是匿名证书,所以访问安全端口会导致授权失败。这里需要使用非安全端口访问 kube-apiserver。
访问链接:
http://10.112.101.90:8080/api/v1/proxy/namespaces/kube-system/services/kibana-logging
在 Settings -> Indices 页面创建一个 index(相当于 mysql 中的一个 database),选中 Index contains time-based events
,使用默认的 logstash-*
pattern,点击 Create
;
创建Index后,稍等几分钟就可以在 Discover
菜单下看到日志收集信息。
关于Kubernetes1.6.2如何部署EFK 插件就分享到这里了,希望以上内容可以对大家有一定的帮助,可以学到更多知识。如果觉得文章不错,可以把它分享出去让更多的人看到。