github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-10 20:42:26 +00:00
Code Issues Projects Releases Wiki Activity

update makefiles to use cloud build and update README

Browse Source
This commit is contained in:
patc 2019-01-28 22:44:44 -08:00
parent 7f873f23b9
commit 64918cc2b4
3 changed files with 98 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

174
cluster/addons/fluentd-elasticsearch/README.md
View File

@ -1,83 +1,91 @@
# Elasticsearch Add-On # Elasticsearch Add-On
This add-on consists of a combination of [Elasticsearch][elasticsearch], This add-on consists of a combination of [Elasticsearch][elasticsearch],
[Fluentd][fluentd] and [Kibana][kibana]. Elasticsearch is a search engine [Fluentd][fluentd] and [Kibana][kibana]. Elasticsearch is a search engine
that is responsible for storing our logs and allowing for them to be queried. that is responsible for storing our logs and allowing for them to be queried.
Fluentd sends log messages from Kubernetes to Elasticsearch, whereas Kibana Fluentd sends log messages from Kubernetes to Elasticsearch, whereas Kibana
is a graphical interface for viewing and querying the logs stored in is a graphical interface for viewing and querying the logs stored in
Elasticsearch. Elasticsearch.
**Note:** this addon should **not** be used as-is in production. This is **Note:** this addon should **not** be used as-is in production. This is
an example and you should treat it as such. Please see at least the an example and you should treat it as such. Please see at least the
[Security](#security) and the [Storage](#storage) sections for more [Security](#security) and the [Storage](#storage) sections for more
information. information.
## Elasticsearch ## Elasticsearch
Elasticsearch is deployed as a [StatefulSet][statefulSet], which is like Elasticsearch is deployed as a [StatefulSet][statefulSet], which is like
a Deployment, but allows for maintaining state on storage volumes. a Deployment, but allows for maintaining state on storage volumes.
### Security ### Security
Elasticsearch has capabilities to enable authorization using the [X-Pack Elasticsearch has capabilities to enable authorization using the [X-Pack
plugin][xPack]. For the sake of simplicity this example uses the fully open plugin][xPack]. For the sake of simplicity this example uses the fully open
source prebuild images from elastic that do not contain the X-Pack plugin. If source prebuild images from elastic that do not contain the X-Pack plugin. If
you need these features, please consider building the images from either the you need these features, please consider building the images from either the
"basic" or "platinum" version. After enabling these features, follow [official "basic" or "platinum" version. After enabling these features, follow [official
documentation][setupCreds] to set up credentials in Elasticsearch and Kibana. documentation][setupCreds] to set up credentials in Elasticsearch and Kibana.
Don't forget to propagate those credentials also to Fluentd in its Don't forget to propagate those credentials also to Fluentd in its
[configuration][fluentdCreds], using for example [environment [configuration][fluentdCreds], using for example [environment
variables][fluentdEnvVar]. You can utilize [ConfigMaps][configMap] and variables][fluentdEnvVar]. You can utilize [ConfigMaps][configMap] and
[Secrets][secret] to store credentials in the Kubernetes apiserver. [Secrets][secret] to store credentials in the Kubernetes apiserver.
### Initialization ### Initialization
The Elasticsearch StatefulSet manifest specifies that there shall be an The Elasticsearch StatefulSet manifest specifies that there shall be an
[init container][initContainer] executing before Elasticsearch containers [init container][initContainer] executing before Elasticsearch containers
themselves, in order to ensure that the kernel state variable themselves, in order to ensure that the kernel state variable
`vm.max_map_count` is at least 262144, since this is a requirement of `vm.max_map_count` is at least 262144, since this is a requirement of
Elasticsearch. You may remove the init container if you know that your host Elasticsearch. You may remove the init container if you know that your host
OS meets this requirement. OS meets this requirement.
### Storage ### Storage
The Elasticsearch StatefulSet will use the [EmptyDir][emptyDir] volume to The Elasticsearch StatefulSet will use the [EmptyDir][emptyDir] volume to
store data. EmptyDir is erased when the pod terminates, here it is used only store data. EmptyDir is erased when the pod terminates, here it is used only
for testing purposes. **Important:** please change the storage to persistent for testing purposes. **Important:** please change the storage to persistent
volume claim before actually using this StatefulSet in your setup! volume claim before actually using this StatefulSet in your setup!
## Fluentd ## Fluentd
Fluentd is deployed as a [DaemonSet][daemonSet] which spawns a pod on each Fluentd is deployed as a [DaemonSet][daemonSet] which spawns a pod on each
node that reads logs, generated by kubelet, container runtime and containers node that reads logs, generated by kubelet, container runtime and containers
and sends them to Elasticsearch. and sends them to Elasticsearch.
**Note:** in order for Fluentd to work, every Kubernetes node must be labeled **Note:** in order for Fluentd to work, every Kubernetes node must be labeled
with `beta.kubernetes.io/fluentd-ds-ready=true`, as otherwise the Fluentd with `beta.kubernetes.io/fluentd-ds-ready=true`, as otherwise the Fluentd
DaemonSet will ignore them. DaemonSet will ignore them.
Learn more in the [official Kubernetes documentation][k8sElasticsearchDocs]. Learn more in the [official Kubernetes documentation][k8sElasticsearchDocs].
### Known problems ## Building
Since Fluentd talks to the Elasticsearch service inside the cluster, instances Both images are now being hosted in google cloud and are built via the
on masters won't work, because masters have no kube-proxy. Don't mark masters [cloud build](https://cloud.google.com/cloud-build/) product. To build these
with the label mentioned in the previous paragraph or add a taint on them to images yourself you will need to have the [gcloud sdk](https://cloud.google.com/sdk/install)
avoid Fluentd pods scheduling there. installed and you will need to login. You can then run `make` in either
image directory to trigger a container build.
[fluentd]: http://www.fluentd.org/
[elasticsearch]: https://www.elastic.co/products/elasticsearch ### Known problems
[kibana]: https://www.elastic.co/products/kibana
[xPack]: https://www.elastic.co/products/x-pack Since Fluentd talks to the Elasticsearch service inside the cluster, instances
[setupCreds]: https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#reset-built-in-user-passwords on masters won't work, because masters have no kube-proxy. Don't mark masters
[fluentdCreds]: https://github.com/uken/fluent-plugin-elasticsearch#user-password-path-scheme-ssl_verify with the label mentioned in the previous paragraph or add a taint on them to
[fluentdEnvVar]: https://docs.fluentd.org/v0.12/articles/faq#how-can-i-use-environment-variables-to-configure-parameters-dynamically avoid Fluentd pods scheduling there.
[configMap]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/
[secret]: https://kubernetes.io/docs/concepts/configuration/secret/ [fluentd]: http://www.fluentd.org/
[statefulSet]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset [elasticsearch]: https://www.elastic.co/products/elasticsearch
[initContainer]: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ [kibana]: https://www.elastic.co/products/kibana
[emptyDir]: https://kubernetes.io/docs/concepts/storage/volumes#emptydir [xPack]: https://www.elastic.co/products/x-pack
[daemonSet]: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ [setupCreds]: https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#reset-built-in-user-passwords
[k8sElasticsearchDocs]: https://kubernetes.io/docs/tasks/debug-application-cluster/logging-elasticsearch-kibana [fluentdCreds]: https://github.com/uken/fluent-plugin-elasticsearch#user-password-path-scheme-ssl_verify
[fluentdEnvVar]: https://docs.fluentd.org/v0.12/articles/faq#how-can-i-use-environment-variables-to-configure-parameters-dynamically
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/fluentd-elasticsearch/README.md?pixel)]() [configMap]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/
[secret]: https://kubernetes.io/docs/concepts/configuration/secret/
[statefulSet]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset
[initContainer]: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
[emptyDir]: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
[daemonSet]: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
[k8sElasticsearchDocs]: https://kubernetes.io/docs/tasks/debug-application-cluster/logging-elasticsearch-kibana
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/fluentd-elasticsearch/README.md?pixel)]()

15
cluster/addons/fluentd-elasticsearch/es-image/Makefile
View File

@ -12,20 +12,11 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
.PHONY: binary build push .PHONY: build
PREFIX = staging-k8s.gcr.io PREFIX = gcr.io/fluentd-elasticsearch
IMAGE = elasticsearch IMAGE = elasticsearch
TAG = v6.3.0 TAG = v6.3.0
build: build:
docker build --pull -t $(PREFIX)/$(IMAGE):$(TAG) . gcloud builds submit --tag ${PREFIX}/${IMAGE}:${TAG}
push:
docker push $(PREFIX)/$(IMAGE):$(TAG)
binary:
CGO_ENABLED=0 GOOS=linux go build -a -ldflags "-w" elasticsearch_logging_discovery.go
clean:
rm elasticsearch_logging_discovery

11
cluster/addons/fluentd-elasticsearch/fluentd-es-image/Makefile
View File

@ -12,14 +12,11 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
.PHONY: build push .PHONY: build
PREFIX = staging-k8s.gcr.io PREFIX = gcr.io/fluentd-elasticsearch
IMAGE = fluentd-elasticsearch IMAGE = fluentd
TAG = v2.4.0 TAG = v2.4.0
build: build:
docker build --pull -t $(PREFIX)/$(IMAGE):$(TAG) . gcloud builds submit --tag $(PREFIX)/$(IMAGE):$(TAG)
push:
docker push $(PREFIX)/$(IMAGE):$(TAG)