log-Pilot是一个智能容器日志采集工具,它不仅能够高效便捷地将容器日志采集输出到多种存储日志后端,同时还能够动态地发现和采集容器内部的日志文件,更多咨询可以移步这里

    log-Pilot目前支持两种工具对日志进行收集,Fluentd PluginFilebeat Plugin

    Log-Pilot支持容器事件管理,它能够动态地监听容器的事件变化,然后依据容器的标签来进行解析,生成日志采集配置文件,然后交由采集插件来进行日志采集。
    在Kubernetes下,Log-Pilot可以依据环境变量 aliyun_logs_$name = $path 动态地生成日志采集配置文件,其中包含两个变量:

    • $name是我们自定义的一个字符串,它在不同的场景下指代不同的含义,在本场景中,将日志采集到ElasticSearch的时候,这个$name表示的是Index。
    • 另一个是$path,支持两种输入形式,stdout和容器内部日志文件的路径,对应日志标准输出和容器内的日志文件。
      • 第一种约定关键字stdout表示的是采集容器的标准输出日志,如本例中我们要采集tomcat容器日志,那么我们通过配置标签aliyun.logs.catalina=stdout 来采集tomcat标准输出日志。
      • 第二种是容器内部日志文件的路径,也支持通配符的方式,通过配置环境变量 aliyun_logs_access=/usr/local/tomcat/logs/*.log来采集tomcat容器内部的日志。当然如果你不想使用aliyun这个关键字,Log-Pilot也提供了环境变量PILOT_LOG_PREFIX可以指定自己的声明式日志配置前缀,比如 PILOT_LOG_PREFIX: "aliyun,custom"

    部署实例:

    1. apiVersion: apps/v1
    2. kind: DaemonSet
    3. metadata:
    4. name: log-pilot
    5. labels:
    6. app: log-pilot
    7. namespace: kube-ops
    8. spec:
    9. selector:
    10. matchLabels:
    11. app: log-pilot
    12. updateStrategy:
    13. type: RollingUpdate
    14. template:
    15. metadata:
    16. labels:
    17. app: log-pilot
    18. annotations:
    19. scheduler.alpha.kubernetes.io/critical-pod: ''
    20. spec:
    21. tolerations:
    22. - key: node-role.kubernetes.io/master
    23. effect: NoSchedule
    24. containers:
    25. - name: log-pilot
    26. image: registry.cn-hangzhou.aliyuncs.com/acs/log-pilot:0.9.7-filebeat
    27. resources:
    28. limits:
    29. memory: 500Mi
    30. requests:
    31. cpu: 200m
    32. memory: 200Mi
    33. env:
    34. - name: "NODE_NAME"
    35. valueFrom:
    36. fieldRef:
    37. fieldPath: spec.nodeName
    38. # 日志收集前缀
    39. - name: PILOT_LOG_PREFIX
    40. value: aliyun
    41. - name: "LOGGING_OUTPUT"
    42. value: "elasticsearch"
    43. # 请确保集群到ES网络可达
    44. - name: "ELASTICSEARCH_HOSTS"
    45. value: "elasticsearch:9200"
    46. # 配置ES访问权限
    47. #- name: "ELASTICSEARCH_USER"
    48. # value: "{es_username}"
    49. #- name: "ELASTICSEARCH_PASSWORD"
    50. # value: "{es_password}"
    51. volumeMounts:
    52. - name: sock
    53. mountPath: /var/run/docker.sock
    54. - name: root
    55. mountPath: /host
    56. readOnly: true
    57. - name: varlib
    58. mountPath: /var/lib/filebeat
    59. - name: varlog
    60. mountPath: /var/log/filebeat
    61. - name: localtime
    62. mountPath: /etc/localtime
    63. readOnly: true
    64. livenessProbe:
    65. failureThreshold: 3
    66. exec:
    67. command:
    68. - /pilot/healthz
    69. initialDelaySeconds: 10
    70. periodSeconds: 10
    71. successThreshold: 1
    72. timeoutSeconds: 2
    73. securityContext:
    74. capabilities:
    75. add:
    76. - SYS_ADMIN
    77. terminationGracePeriodSeconds: 30
    78. volumes:
    79. - name: sock
    80. hostPath:
    81. path: /var/run/docker.sock
    82. - name: root
    83. hostPath:
    84. path: /
    85. - name: varlib
    86. hostPath:
    87. path: /var/lib/filebeat
    88. type: DirectoryOrCreate
    89. - name: varlog
    90. hostPath:
    91. path: /var/log/filebeat
    92. type: DirectoryOrCreate
    93. - name: localtime
    94. hostPath:
    95. path: /etc/localtim

    创建pod测试

    1. apiVersion: v1
    2. kind: Pod
    3. metadata:
    4. name: tomcat
    5. spec:
    6. containers:
    7. - name: tomcat
    8. image: "tomcat:8.0"
    9. env:
    10. # 1、stdout为约定关键字,表示采集标准输出日志
    11. # 2、配置标准输出日志采集到ES的catalina索引下
    12. - name: aliyun_logs_catalina
    13. value: "stdout"
    14. # 1、配置采集容器内文件日志,支持通配符
    15. # 2、配置该日志采集到ES的access索引下
    16. - name: aliyun_logs_access
    17. value: "/usr/local/tomcat/logs/catalina.*.log"
    18. # 容器内文件日志路径需要配置emptyDir
    19. volumeMounts:
    20. - name: tomcat-log
    21. mountPath: /usr/local/tomcat/logs
    22. volumes:
    23. - name: tomcat-log
    24. emptyDir: {}

    然后我们查看索引会看到access-和catalina-的索引

    1. # curl -XGET 'localhost:9200/_cat/indices?v&pretty'
    2. health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
    3. green open access-2020.06.23 0LS6STfpQ4yHt7makuSI1g 5 1 40 0 205.5kb 102.5kb
    4. green open logstash-2020.06.23 HR62innTQi6HjObIzf6DHw 5 1 99 0 296kb 148kb
    5. green open catalina-2020.06.23 dSFGcZlPS6-wieFKrOWV-g 5 1 40 0 227.1kb 133.3kb
    6. green open .kibana H-TAto8QTxmi-jI_4mIUrg 1 1 2 0 20.4kb 10.2kb
    7. green open logstash-2020.06.22 8-IFAOj_SqiipqOXN6Soxw 5 1 43784 0 30.6mb 15.3mb

    然后到页面添加索引即可。

    当然日志的输出除了直接输出到es外还可以输出到其他地方,如果是使用filebeat则可以点击这里进行查看。如果是fluentd,则点击这里

    自制log-pilot

    1. FROM golang:1.9-alpine3.6 as builder
    2. ENV PILOT_DIR /go/src/github.com/AliyunContainerService/log-pilot
    3. ARG GOOS=linux
    4. ARG GOARCH=amd64
    5. #RUN set -ex && apk add --no-cache make git
    6. WORKDIR $PILOT_DIR
    7. COPY . $PILOT_DIR
    8. RUN go install
    9. FROM alpine:3.6
    10. ENV FILEBEAT_VERSION=7.4.1
    11. COPY assets/glibc/glibc-2.26-r0.apk /tmp/
    12. RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \
    13. apk update && \
    14. apk add python && \
    15. apk add ca-certificates && \
    16. apk add wget && \
    17. update-ca-certificates && \
    18. wget http://acs-logging.oss-cn-hangzhou.aliyuncs.com/beats/filebeat/filebeat-${FILEBEAT_VERSION}-linux-x86_64.tar.gz -P /tmp/ && \
    19. mkdir -p /etc/filebeat /var/lib/filebeat /var/log/filebeat && \
    20. tar zxf /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64.tar.gz -C /tmp/ && \
    21. cp -rf /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64/filebeat /usr/bin/ && \
    22. cp -rf /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64/fields.yml /etc/filebeat/ && \
    23. cp -rf /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64/kibana /etc/filebeat/ && \
    24. cp -rf /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64/module /etc/filebeat/ && \
    25. cp -rf /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64/modules.d /etc/filebeat/ && \
    26. apk add --allow-untrusted /tmp/glibc-2.26-r0.apk && \
    27. rm -rf /var/cache/apk/* /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64.tar.gz /tmp/filebeat-${FILEBEAT_VERSION}-linux-x86_64 /tmp/glibc-2.26-r0.apk
    28. COPY --from=builder /go/bin/log-pilot /pilot/pilot
    29. COPY assets/entrypoint assets/filebeat/ assets/healthz /pilot/
    30. RUN chmod +x /pilot/pilot /pilot/entrypoint /pilot/healthz /pilot/config.filebeat
    31. HEALTHCHECK CMD /pilot/healthz
    32. VOLUME /var/log/filebeat
    33. VOLUME /var/lib/filebeat
    34. WORKDIR /pilot/
    35. ENV PILOT_TYPE=filebeat
    36. ENTRYPOINT ["/pilot/entrypoint"]