From 44086aee87fd06ca03bac19c4b002e05777d3db0 Mon Sep 17 00:00:00 2001 From: Yujun Zhang Date: Wed, 9 May 2018 15:01:53 +0800 Subject: Add support for node level logging Change-Id: Ib5b2240de3276164fe9e272bf36f0d1f89f409c0 Signed-off-by: Yujun Zhang --- .../fluentd-daemonset-elasticsearch-rbac.yaml | 96 ++++++++++++++++++++++ docs/development/design/logging.rst | 18 ++-- 2 files changed, 107 insertions(+), 7 deletions(-) create mode 100644 clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml diff --git a/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml b/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml new file mode 100644 index 0000000..445db26 --- /dev/null +++ b/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml @@ -0,0 +1,96 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: fluentd + namespace: kube-system + +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: fluentd + namespace: kube-system +rules: +- apiGroups: + - "" + resources: + - pods + - namespaces + verbs: + - get + - list + - watch + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: fluentd +roleRef: + kind: ClusterRole + name: fluentd + apiGroup: rbac.authorization.k8s.io +subjects: +- kind: ServiceAccount + name: fluentd + namespace: kube-system +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: fluentd + namespace: kube-system + labels: + k8s-app: fluentd-logging + version: v1 + kubernetes.io/cluster-service: "true" +spec: + template: + metadata: + labels: + k8s-app: fluentd-logging + version: v1 + kubernetes.io/cluster-service: "true" + spec: + serviceAccount: fluentd + serviceAccountName: fluentd + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + containers: + - name: fluentd + image: fluent/fluentd-kubernetes-daemonset:elasticsearch + env: + - name: FLUENT_ELASTICSEARCH_HOST + value: "elasticsearch.logging" + - name: FLUENT_ELASTICSEARCH_PORT + value: "9200" + - name: FLUENT_ELASTICSEARCH_SCHEME + value: "http" + # X-Pack Authentication + # ===================== + - name: FLUENT_ELASTICSEARCH_USER + value: "elastic" + - name: FLUENT_ELASTICSEARCH_PASSWORD + value: "changeme" + resources: + limits: + memory: 200Mi + requests: + cpu: 100m + memory: 200Mi + volumeMounts: + - name: varlog + mountPath: /var/log + - name: varlibdockercontainers + mountPath: /var/lib/docker/containers + readOnly: true + terminationGracePeriodSeconds: 30 + volumes: + - name: varlog + hostPath: + path: /var/log + - name: varlibdockercontainers + hostPath: + path: /var/lib/docker/containers diff --git a/docs/development/design/logging.rst b/docs/development/design/logging.rst index 5fbaeb9..2c2dfe6 100644 --- a/docs/development/design/logging.rst +++ b/docs/development/design/logging.rst @@ -14,19 +14,23 @@ First, install logging stack Elasticsearch, Fluentd and Kibana:: kubectl apply -f install/logging-stack.yaml -Then configure fluentd for istio:: - - kubectl apply -f install/fluentd-istio.yaml - -Note that, it must be done in two steps. If you run ``kubectl apply -f install`` -instead, the mixer adapter may fail to intialize because the target service can -not be found. You may find an error message from mixer container:: +Note that, it must be done in separated steps. If you run ``kubectl apply -f +install`` instead, the mixer adapter may fail to intialize because the target +service can not be found. You may find an error message from mixer container:: 2018-05-09T02:43:14.435156Z error Unable to initialize adapter: snapshot='6', handler='handler.fluentd.istio-system', adapter='fluentd', err='adapter instantiation error: dial tcp: lookup fluentd-es.logging on 10.96.0.10:53: no such host'. +Then configure fluentd for istio:: + + kubectl apply -f install/fluentd-istio.yaml + +Configure fluentd for node level logging:: + + kubectl apply -f install/fluentd-daemonset-elasticsearch-rbac.yaml + .. _sample configuration: https://istio.io/docs/tasks/telemetry/fluentd.html ******** -- cgit 1.2.3-korg