├── README.md ├── elasticsearch-service.yaml ├── elasticsearch.yaml ├── graylog-master-service.yaml ├── graylog-master.yaml ├── graylog-service.yaml ├── graylog-slave-service.yaml ├── graylog-slave.yaml ├── kube-gelf.yaml ├── mongodb-master-service.yaml └── mongodb-master.yaml /README.md: -------------------------------------------------------------------------------- 1 | # graylog mongodb fluent elasticsearch deploy on kubernetes 2 | 3 | 部署方法: 4 | 5 | 1.提前下载好image镜像和yaml文件放到kubernetes-graylog/文件下 6 | 2.上传所有文件到/root目录下 7 | 8 | 3.#在master节点执行 9 | cat > /etc/sysctl.d/k8s.conf <-------------------------------------------' 25 | done 26 | 27 | cd ~/kubernetes-graylog 28 | 29 | kubectl create -f . 30 | 31 | #等待启动成功后查看日志 32 | 33 | kubectl logs -f -n kube-system graylog-master-0 34 | kubectl logs -f -n kube-system elasticsearch-0 35 | 36 | #启动成功后访问 37 | http://xxx.xxx.xxx.xxx:31300/ 38 | 39 | #删除 40 | cd ~/kubernetes-graylog 41 | 42 | kubectl delete -f . 43 | -------------------------------------------------------------------------------- /elasticsearch-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: elasticsearch 5 | namespace: kube-system 6 | labels: 7 | name: elasticsearch 8 | spec: 9 | selector: 10 | role: elasticsearch 11 | ports: 12 | - name: http 13 | protocol: TCP 14 | port: 9200 15 | targetPort: 9200 16 | - name: transport 17 | protocol: TCP 18 | port: 9300 19 | targetPort: 9300 20 | clusterIP: None -------------------------------------------------------------------------------- /elasticsearch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: StatefulSet 3 | metadata: 4 | name: elasticsearch 5 | namespace: kube-system 6 | spec: 7 | serviceName: "elasticsearch" 8 | replicas: 3 9 | podManagementPolicy: Parallel 10 | template: 11 | metadata: 12 | labels: 13 | role: elasticsearch 14 | spec: 15 | terminationGracePeriodSeconds: 10 16 | affinity: 17 | nodeAffinity: 18 | requiredDuringSchedulingIgnoredDuringExecution: 19 | nodeSelectorTerms: 20 | - matchExpressions: 21 | - key: kubernetes.io/hostname 22 | operator: In 23 | values: 24 | - node1 25 | - node2 26 | - master1 27 | - master2 28 | - master3 29 | containers: 30 | - name: elasticsearch 31 | image: elasticsearch:2 32 | command: 33 | - elasticsearch 34 | - "-Ddiscovery.zen.ping.unicast.hosts=elasticsearch-0.elasticsearch,elasticsearch-1.elasticsearch,elasticsearch-2.elasticsearch" 35 | - "-Ddiscovery.zen.minimum_master_nodes=2" 36 | - "-Ddiscovery.zen.ping.unicast.hosts.resolve_timeout=30s" 37 | - "-Ddiscovery.zen.ping_timeout=30s" 38 | - "-Des.insecure.allow.root=true" 39 | - "-Dcluster.name=graylog" 40 | env: 41 | - name: TZ 42 | value: "Asia/Shanghai" 43 | - name: ES_JAVA_OPTS 44 | value: "-Xms2g -Xmx2g" 45 | ports: 46 | - containerPort: 9200 47 | name: http 48 | - containerPort: 9300 49 | name: transport 50 | volumeMounts: 51 | - name: elasticsearch-persistent-storage 52 | mountPath: /usr/share/elasticsearch/data 53 | resources: 54 | requests: 55 | cpu: .10 56 | memory: 2560Mi 57 | limits: 58 | cpu: .75 59 | memory: 3072Mi 60 | volumeClaimTemplates: 61 | - metadata: 62 | name: elasticsearch-persistent-storage 63 | annotations: 64 | volume.beta.kubernetes.io/storage-class: "fast" 65 | spec: 66 | accessModes: [ "ReadWriteOnce" ] 67 | resources: 68 | requests: 69 | storage: 200Gi 70 | -------------------------------------------------------------------------------- /graylog-master-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: graylog-master 5 | namespace: kube-system 6 | labels: 7 | name: graylog-master 8 | spec: 9 | selector: 10 | role: graylog-master 11 | ports: 12 | - name: http 13 | protocol: TCP 14 | port: 9000 15 | clusterIP: None 16 | -------------------------------------------------------------------------------- /graylog-master.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: StatefulSet 3 | metadata: 4 | name: graylog-master 5 | namespace: kube-system 6 | spec: 7 | serviceName: "graylog-master" 8 | replicas: 1 9 | template: 10 | metadata: 11 | labels: 12 | role: graylog-master 13 | graylog: "true" 14 | spec: 15 | terminationGracePeriodSeconds: 20 16 | affinity: 17 | nodeAffinity: 18 | requiredDuringSchedulingIgnoredDuringExecution: 19 | nodeSelectorTerms: 20 | - matchExpressions: 21 | - key: kubernetes.io/hostname 22 | operator: In 23 | values: 24 | - node1 25 | - node2 26 | - master1 27 | - master2 28 | - master3 29 | containers: 30 | - name: graylog-master 31 | image: graylog2/server:2.4.0-1 32 | env: 33 | - name: TZ 34 | value: "Asia/Shanghai" 35 | - name: GRAYLOG_PASSWORD_SECRET 36 | value: "somepasswordpepper" 37 | - name: GRAYLOG_ROOT_PASSWORD_SHA2 38 | value: "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918" 39 | - name: GRAYLOG_MONGODB_URI 40 | value: "mongodb://mongo-mongodb:27017/graylog" 41 | - name: GRAYLOG_ROOT_TIMEZONE 42 | value: "PRC" 43 | - name: GRAYLOG_IS_MASTER 44 | value: "true" 45 | - name: GRAYLOG_ELASTICSEARCH_HOSTS 46 | value: "http://elasticsearch:9200" 47 | - name: GRAYLOG_WEB_ENDPOINT_URI 48 | value: "http://172.16.20.2:31300/api" 49 | - name: GRAYLOG_REST_LISTEN_URI 50 | value: "http://0.0.0.0:9000/api/" 51 | - name: GRAYLOG_WEB_LISTEN_URI 52 | value: "http://0.0.0.0:9000/" 53 | - name: GRAYLOG_REST_TRANSPORT_URI 54 | value: "http://graylog-master:9000/api/" 55 | - name: GRAYLOG_SERVER_JAVA_OPTS 56 | value: "-Xms1g -Xmx1g -XX:NewRatio=1 -XX:MaxMetaspaceSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow" 57 | ports: 58 | - containerPort: 9000 59 | name: http 60 | - containerPort: 12201 61 | name: udp-input 62 | - containerPort: 1514 63 | name: tcp-input 64 | volumeMounts: 65 | - name: graylog-persistent-storage 66 | mountPath: /usr/share/graylog/data/journal 67 | subPath: graylog 68 | resources: 69 | requests: 70 | cpu: .25 71 | memory: 1536Mi 72 | limits: 73 | cpu: 1.5 74 | memory: 2048Mi 75 | readinessProbe: 76 | httpGet: 77 | path: /api/system/lbstatus 78 | port: 9000 79 | initialDelaySeconds: 30 80 | periodSeconds: 3 81 | timeoutSeconds: 3 82 | successThreshold: 1 83 | failureThreshold: 2 84 | volumeClaimTemplates: 85 | - metadata: 86 | name: graylog-persistent-storage 87 | annotations: 88 | volume.beta.kubernetes.io/storage-class: "fast" 89 | spec: 90 | accessModes: [ "ReadWriteOnce" ] 91 | resources: 92 | requests: 93 | storage: 10Gi 94 | -------------------------------------------------------------------------------- /graylog-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: graylog 5 | namespace: kube-system 6 | labels: 7 | name: graylog 8 | spec: 9 | selector: 10 | graylog: "true" 11 | ports: 12 | - name: http 13 | protocol: TCP 14 | port: 9000 15 | nodePort: 31300 16 | - name: udp-input 17 | protocol: UDP 18 | port: 12201 19 | nodePort: 31301 20 | - name: tcp-input 21 | protocol: TCP 22 | port: 1514 23 | nodePort: 31302 24 | type: NodePort 25 | -------------------------------------------------------------------------------- /graylog-slave-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: graylog-slave 5 | namespace: kube-system 6 | labels: 7 | name: graylog-slave 8 | spec: 9 | selector: 10 | role: graylog-slave 11 | ports: 12 | - name: http 13 | protocol: TCP 14 | port: 9000 15 | clusterIP: None 16 | -------------------------------------------------------------------------------- /graylog-slave.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: StatefulSet 3 | metadata: 4 | name: graylog-slave 5 | namespace: kube-system 6 | spec: 7 | serviceName: "graylog-slave" 8 | replicas: 1 9 | template: 10 | metadata: 11 | labels: 12 | role: graylog-slave 13 | graylog: "true" 14 | spec: 15 | terminationGracePeriodSeconds: 20 16 | affinity: 17 | nodeAffinity: 18 | requiredDuringSchedulingIgnoredDuringExecution: 19 | nodeSelectorTerms: 20 | - matchExpressions: 21 | - key: kubernetes.io/hostname 22 | operator: In 23 | values: 24 | - node1 25 | - node2 26 | - master1 27 | - master2 28 | - master3 29 | containers: 30 | - name: graylog-slave 31 | image: graylog2/server:2.4.0-1 32 | env: 33 | - name: TZ 34 | value: "Asia/Shanghai" 35 | - name: GRAYLOG_PASSWORD_SECRET 36 | value: "somepasswordpepper" 37 | - name: GRAYLOG_ROOT_PASSWORD_SHA2 38 | value: "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918" 39 | - name: GRAYLOG_MONGODB_URI 40 | value: "mongodb://mongo-mongodb:27017/graylog" 41 | - name: GRAYLOG_ROOT_TIMEZONE 42 | value: "PRC" 43 | - name: GRAYLOG_IS_MASTER 44 | value: "false" 45 | - name: GRAYLOG_ELASTICSEARCH_HOSTS 46 | value: "http://elasticsearch:9200" 47 | - name: GRAYLOG_WEB_ENDPOINT_URI 48 | value: "http://172.16.20.2:31300/api" 49 | - name: GRAYLOG_REST_LISTEN_URI 50 | value: "http://0.0.0.0:9000/api/" 51 | - name: GRAYLOG_WEB_LISTEN_URI 52 | value: "http://0.0.0.0:9000/" 53 | - name: GRAYLOG_REST_TRANSPORT_URI 54 | value: "http://graylog-slave:9000/api/" 55 | - name: GRAYLOG_SERVER_JAVA_OPTS 56 | value: "-Xms1g -Xmx1g -XX:NewRatio=1 -XX:MaxMetaspaceSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow" 57 | ports: 58 | - containerPort: 9000 59 | name: http 60 | - containerPort: 12201 61 | name: udp-input 62 | - containerPort: 1514 63 | name: tcp-input 64 | volumeMounts: 65 | - name: graylog-persistent-storage 66 | mountPath: /usr/share/graylog/data/journal 67 | subPath: graylog 68 | - name: varlog 69 | mountPath: /var/log 70 | readOnly: true 71 | resources: 72 | requests: 73 | cpu: .25 74 | memory: 1536Mi 75 | limits: 76 | cpu: 1.5 77 | memory: 2048Mi 78 | readinessProbe: 79 | httpGet: 80 | path: /api/system/lbstatus 81 | port: 9000 82 | initialDelaySeconds: 30 83 | periodSeconds: 3 84 | timeoutSeconds: 3 85 | successThreshold: 1 86 | failureThreshold: 2 87 | volumes: 88 | - name: varlog 89 | hostPath: 90 | path: /var/log 91 | volumeClaimTemplates: 92 | - metadata: 93 | name: graylog-persistent-storage 94 | annotations: 95 | volume.beta.kubernetes.io/storage-class: "fast" 96 | spec: 97 | accessModes: [ "ReadWriteOnce" ] 98 | resources: 99 | requests: 100 | storage: 10Gi 101 | -------------------------------------------------------------------------------- /kube-gelf.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: kube-gelf 5 | namespace: kube-system 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1beta1 8 | kind: ClusterRole 9 | metadata: 10 | annotations: 11 | rbac.authorization.kubernetes.io/autoupdate: "true" 12 | name: kube-gelf-metadata-filter 13 | rules: 14 | - apiGroups: 15 | - "" 16 | resources: 17 | - pods 18 | - pods/exec 19 | - namespaces 20 | verbs: ["get", "list", "watch", "create"] 21 | --- 22 | apiVersion: rbac.authorization.k8s.io/v1beta1 23 | kind: ClusterRoleBinding 24 | metadata: 25 | name: kube-gelf 26 | roleRef: 27 | apiGroup: rbac.authorization.k8s.io 28 | kind: ClusterRole 29 | name: kube-gelf-metadata-filter 30 | subjects: 31 | - kind: ServiceAccount 32 | name: kube-gelf 33 | namespace: kube-system 34 | --- 35 | apiVersion: v1 36 | data: 37 | GELF_HOST: graylog 38 | GELF_PORT: "12201" 39 | GELF_PROTOCOL: udp 40 | fluent.conf: | 41 | 42 | @type null 43 | 44 | 45 | 46 | @type systemd 47 | tag systemd 48 | path /var/log/journal 49 | 50 | @type local 51 | persistent true 52 | path /pos 53 | 54 | 55 | field_map {"MESSAGE": "log", "_PID": ["process", "pid"], "_CMDLINE": "process", "_COMM": "cmd"} 56 | fields_strip_underscores true 57 | fields_lowercase true 58 | 59 | read_from_head true 60 | 61 | 62 | 63 | @type tail 64 | path /var/log/containers/*.log 65 | pos_file /pos/containers.pos 66 | time_key time 67 | time_format %Y-%m-%dT%H:%M:%S.%NZ 68 | tag kubernetes.* 69 | format json 70 | read_from_head true 71 | 72 | 73 | 74 | @type kubernetes_metadata 75 | ca_file /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 76 | bearer_token_file /var/run/secrets/kubernetes.io/serviceaccount/token 77 | 78 | 79 | 80 | @type record_transformer 81 | 82 | hostname "#{ENV['NODENAME']}" 83 | 84 | 85 | 86 | 87 | @type copy 88 | 89 | @type gelf 90 | include_tag_key true 91 | host "#{ENV['GELF_HOST']}" 92 | port "#{ENV['GELF_PORT']}" 93 | # protocol 94 | protocol "#{ENV['GELF_PROTOCOL']}" 95 | # tls 96 | # tls_options {} 97 | # Supported tls_options: 98 | # 'no_default_ca' [Boolean] prevents OpenSSL from using the systems CA store. 99 | # 'tls_version' [Symbol] any of :TLSv1, :TLSv1_1, :TLSv1_2 (default) 100 | # 'cert' [String, IO] the client certificate file 101 | # 'key' [String, IO] the key for the client certificate 102 | # 'all_ciphers' [Boolean] allows any ciphers to be used, may be insecure 103 | flush_interval 10s 104 | num_threads 2 105 | use_record_host true 106 | buffer_chunk_limit 4096K 107 | buffer_queue_limit 512 108 | max_retry_wait 300 109 | 110 | 111 | 112 | # Valid log_level's are: fatal, error, warn, info, debug, trace 113 | 114 | log_level warn 115 | 116 | kind: ConfigMap 117 | metadata: 118 | name: kube-gelf 119 | namespace: kube-system 120 | --- 121 | apiVersion: apps/v1beta2 122 | kind: DaemonSet 123 | metadata: 124 | name: kube-gelf 125 | namespace: kube-system 126 | spec: 127 | updateStrategy: 128 | type: RollingUpdate 129 | rollingUpdate: 130 | maxUnavailable: 1 131 | selector: 132 | matchLabels: 133 | app: kube-gelf 134 | template: 135 | metadata: 136 | labels: 137 | app: kube-gelf 138 | spec: 139 | serviceAccountName: kube-gelf 140 | dnsPolicy: ClusterFirst 141 | containers: 142 | - name: agent 143 | image: roffe/kube-gelf:v1.2 144 | env: 145 | - name: TZ 146 | value: "Asia/Shanghai" 147 | - name: GELF_HOST 148 | valueFrom: 149 | configMapKeyRef: 150 | name: kube-gelf 151 | key: GELF_HOST 152 | - name: GELF_PORT 153 | valueFrom: 154 | configMapKeyRef: 155 | name: kube-gelf 156 | key: GELF_PORT 157 | - name: GELF_PROTOCOL 158 | valueFrom: 159 | configMapKeyRef: 160 | name: kube-gelf 161 | key: GELF_PROTOCOL 162 | - name: NODENAME 163 | valueFrom: 164 | fieldRef: 165 | fieldPath: spec.nodeName 166 | volumeMounts: 167 | - name: varlog 168 | mountPath: /var/log 169 | readOnly: true 170 | - name: gelf-pos 171 | mountPath: /pos 172 | readOnly: false 173 | - name: varlibdockercontainers 174 | mountPath: /var/lib/docker/containers 175 | readOnly: true 176 | - name: kube-gelf-config 177 | mountPath: /fluentd/etc/fluent.conf 178 | subPath: fluent.conf 179 | tolerations: 180 | - key: node-role.kubernetes.io/master 181 | operator: Exists 182 | effect: NoSchedule 183 | volumes: 184 | - name: varlog 185 | hostPath: 186 | path: /var/log 187 | - name: varlibdockercontainers 188 | hostPath: 189 | path: /var/lib/docker/containers 190 | - name: kube-gelf-config 191 | configMap: 192 | name: kube-gelf 193 | items: 194 | - key: fluent.conf 195 | path: fluent.conf 196 | - name: gelf-pos 197 | hostPath: 198 | path: /var/log/pos 199 | --- 200 | apiVersion: batch/v1beta1 201 | kind: CronJob 202 | metadata: 203 | name: kube-gelf-reload-config 204 | namespace: kube-system 205 | spec: 206 | successfulJobsHistoryLimit: 1 207 | failedJobsHistoryLimit: 1 208 | schedule: "*/30 * * * *" 209 | jobTemplate: 210 | spec: 211 | template: 212 | spec: 213 | serviceAccountName: kube-gelf 214 | containers: 215 | - name: cron 216 | image: roffe/kubectl:v1.9.0 217 | args: 218 | - /bin/sh 219 | - -c 220 | - for POD in `kubectl get pod --namespace kube-system -l app=kube-gelf | tail -n +2 | awk '{print $1}'`; do echo RELOAD ${POD}; kubectl exec --namespace kube-system ${POD} -- /bin/sh -c 'kill -1 1'; done 221 | restartPolicy: Never -------------------------------------------------------------------------------- /mongodb-master-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mongo-mongodb 5 | namespace: kube-system 6 | labels: 7 | name: mongo-mongodb 8 | spec: 9 | selector: 10 | role: mongo-mongodb 11 | ports: 12 | - name: dbport 13 | protocol: TCP 14 | port: 27017 15 | clusterIP: None 16 | -------------------------------------------------------------------------------- /mongodb-master.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: StatefulSet 3 | metadata: 4 | name: mongo-mongodb 5 | namespace: kube-system 6 | spec: 7 | serviceName: "mongo-mongodb" 8 | replicas: 1 9 | template: 10 | metadata: 11 | labels: 12 | role: mongo-mongodb 13 | mongodb: "true" 14 | spec: 15 | terminationGracePeriodSeconds: 20 16 | affinity: 17 | nodeAffinity: 18 | requiredDuringSchedulingIgnoredDuringExecution: 19 | nodeSelectorTerms: 20 | - matchExpressions: 21 | - key: kubernetes.io/hostname 22 | operator: In 23 | values: 24 | - node1 25 | - node2 26 | - master1 27 | - master2 28 | - master3 29 | containers: 30 | - name: mongo-mongodb 31 | image: mongo:3 32 | imagePullPolicy: IfNotPresent 33 | env: 34 | - name: TZ 35 | value: "Asia/Shanghai" 36 | ports: 37 | - containerPort: 27017 38 | name: dbport 39 | volumeMounts: 40 | - name: mongodb-persistent-storage 41 | mountPath: /data/db 42 | subPath: mongodb 43 | volumeClaimTemplates: 44 | - metadata: 45 | name: mongodb-persistent-storage 46 | annotations: 47 | volume.beta.kubernetes.io/storage-class: "fast" 48 | spec: 49 | accessModes: [ "ReadWriteOnce" ] 50 | resources: 51 | requests: 52 | storage: 1Gi 53 | --------------------------------------------------------------------------------