티스토리 뷰
Intro
Haproxy를 이용한 단말기와 통신을 Spring 어플리케이션인 SDK의 분산로그를 관리하기 위해 시스템 구성
1. Pom.xml 설정
<dependency>
<groupId>net.logstash.logback</groupId>
<artifactId>logstash-logback-encoder</artifactId>
<version>8.0</version>
</dependency>
2. Logback.xml설정
<appender name="STASH" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
<destination>127.0.0.1:5000</destination>
<!-- encoder is required -->
<encoder class="net.logstash.logback.encoder.LogstashEncoder" />
</appender>
<root>
<level value="INFO"/>
<appender-ref ref="FILE" includeLocation="true"/>
<appender-ref ref="STDOUT"/>
<appender-ref ref="STASH"/>
</root>
3. GIT 및 DOCKER 설치
#GIT 설치
apt-get install git
#DOCKER 설치에 필요한 필수 패키지 설치
apt-get install apt-transport-https ca-certificates curl
#DOCKER official GPG key 추가
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
#DOCKER repository 등록
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable"
#APT Package 업데이트
apt update
#DOCKER 설치
apt-get update && sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
4. Git을 이용한 ELK DOCKER CLONE
## ELK의 설정 파일과 데이터에 필요한 디렉토리 추가
mkdir data
cd data
mkdir DOCKER-ELK
cd DOCKER-ELK
## GIT저장소에서 ELK Clone하기
git clone https://github.com/deviantony/docker-elk.git
cd docker-elk
5. ELK에서 사용할 비번 변경과 docker-compose.yml 설정 추가
## ELK에서 elastic계정의 비번 변경
vi .env
## docker-compose.yml 설정 추가
vi docker-compose.yml
services:
# The 'setup' service runs a one-off script which initializes users inside
# Elasticsearch — such as 'logstash_internal' and 'kibana_system' — with the
# values of the passwords defined in the '.env' file. It also creates the
# roles required by some of these users.
#
# This task only needs to be performed once, during the *initial* startup of
# the stack. Any subsequent run will reset the passwords of existing users to
# the values defined inside the '.env' file, and the built-in roles to their
# default permissions.
#
# By default, it is excluded from the services started by 'docker compose up'
# due to the non-default profile it belongs to. To run it, either provide the
# '--profile=setup' CLI flag to Compose commands, or "up" the service by name
# such as 'docker compose up setup'.
setup:
profiles:
- setup
build:
context: setup/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
init: true
volumes:
- ./setup/entrypoint.sh:/entrypoint.sh:ro,Z
- ./setup/lib.sh:/lib.sh:ro,Z
- ./setup/roles:/roles:ro,Z
environment:
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-}
LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD:-}
KIBANA_SYSTEM_PASSWORD: ${KIBANA_SYSTEM_PASSWORD:-}
METRICBEAT_INTERNAL_PASSWORD: ${METRICBEAT_INTERNAL_PASSWORD:-}
FILEBEAT_INTERNAL_PASSWORD: ${FILEBEAT_INTERNAL_PASSWORD:-}
HEARTBEAT_INTERNAL_PASSWORD: ${HEARTBEAT_INTERNAL_PASSWORD:-}
MONITORING_INTERNAL_PASSWORD: ${MONITORING_INTERNAL_PASSWORD:-}
BEATS_SYSTEM_PASSWORD: ${BEATS_SYSTEM_PASSWORD:-}
networks:
- elk
depends_on:
- elasticsearch
elasticsearch:
build:
context: elasticsearch/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro,Z
- elasticsearch:/usr/share/elasticsearch/data:Z
ports:
- 9200:9200
- 9300:9300
environment:
node.name: elasticsearch
ES_JAVA_OPTS: -Xms512m -Xmx512m
# Bootstrap password.
# Used to initialize the keystore during the initial startup of
# Elasticsearch. Ignored on subsequent runs.
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-}
# Use single node discovery in order to disable production mode and avoid bootstrap checks.
# see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
discovery.type: single-node
networks:
- elk
restart: unless-stopped
logstash:
build:
context: logstash/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z
- ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
ports:
- 5000:5000 #추가항목 NS-SDK
- 5001:5001 #추가항목 SP=SDK
- 5002:5002 #추가항목 ONE
- 5003:5003 #추가항목 CBP
- 5004:5004 #추가항목 MAN
- 5005:5005 #추가항목 TEAM
- 5006:5006 #추가항목 HUB
- 5044:5044
- 50000:50000/tcp
- 50000:50000/udp
- 9600:9600
- 55514:55515/udp #추가항목
environment:
LS_JAVA_OPTS: -Xms256m -Xmx256m
LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD:-}
networks:
- elk
depends_on:
- elasticsearch
command: --config.reload.automatic #추가항목
restart: unless-stopped
kibana:
build:
context: kibana/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro,Z
ports:
- 5601:5601
environment:
KIBANA_SYSTEM_PASSWORD: ${KIBANA_SYSTEM_PASSWORD:-}
networks:
- elk
depends_on:
- elasticsearch
restart: unless-stopped
networks:
elk:
driver: bridge
volumes:
elasticsearch:
6. elasticsearch.yml 수정
vi elasticsearch/config/elasticsearch.yml
xpack.license.self_generated.type: basic ##변경
7. Logstash Pipeline 추가
vi logstash/pipeline/sdk-log.conf
input {
tcp {
port => 5000
codec => json_lines
type => nssdk_log # 타입명이 nssdk-log -로 할시 동작안함 _로 시작
}
tcp {
port => 5001
codec => json_lines
type => spsdk_log
}
tcp {
port => 5002
codec => json_lines
type => one_log
}
tcp {
port => 5003
codec => json_lines
type => cbp_log
}
tcp {
port => 5004
codec => json_lines
type => man_log
}
tcp {
port => 5005
codec => json_lines
type => team_log
}
tcp {
port => 5006
codec => json_lines
type => hub_log
}
}
## Add your filters / logstash plugins configuration here
filter {
ruby {
code => "event.set('index_day', event.get('@timestamp').time.localtime('+09:00').strftime('%Y-%m-%d'))"
}
}
output {
if [type] == "nssdk_log"{ # 타입명이 nssdk-log -로 할시 동작안함 _로 시작
elasticsearch {
hosts => "elasticsearch:9200"
index => "nssdklog-%{index_day}" # nssd-klog-%{index_day}-가 여러개 일경우 로그가 정상작동 안함
user => "elastic"
password => "********"
ecs_compatibility => disabled
}
}
if [type] == "spsdk_log"{
elasticsearch {
hosts => "elasticsearch:9200"
index => "spsdklog-%{index_day}"
user => "elastic"
password => "********"
ecs_compatibility => disabled
}
}
if [type] == "one_log"{
elasticsearch {
hosts => "elasticsearch:9200"
index => "onelog-%{index_day}"
user => "elastic"
password => "********"
ecs_compatibility => disabled
}
}
if [type] == "cbp_log"{
elasticsearch {
hosts => "elasticsearch:9200"
index => "cbplog-%{index_day}"
user => "elastic"
password => "********"
ecs_compatibility => disabled
}
}
if [type] == "man_log"{
elasticsearch {
hosts => "elasticsearch:9200"
index => "manlog-%{index_day}"
user => "elastic"
password => "********"
ecs_compatibility => disabled
}
}
if [type] == "team_log"{
elasticsearch {
hosts => "elasticsearch:9200"
index => "teamlog-%{index_day}"
user => "elastic"
password => "********"
ecs_compatibility => disabled
}
}
if [type] == "hub_log"{
elasticsearch {
hosts => "elasticsearch:9200"
index => "hublog-%{index_day}"
user => "elastic"
password => "********"
ecs_compatibility => disabled
}
}
}
8. ELK 컨테이너 실행
docker compose up setup
docker compose up -d
'DevOps > Docker' 카테고리의 다른 글
| [Docker]서비스가 종료된 CentOs 6 Docker 설치 (0) | 2021.04.05 |
|---|---|
| [Docker] Dockerfile 명령어 사용 (0) | 2021.04.04 |
| [Docker]Dockerfile 구성 및 빌드 (0) | 2021.04.04 |
| 3. 이미지 빌드 환경 만들기 (0) | 2021.04.04 |
| 2. Docker 이미지 만들고 배포하기 (0) | 2021.04.04 |
댓글
공지사항
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday
링크
TAG
- SSL인증서
- 마이바티스CamelCase
- nginx
- 마이바티스
- #logback
- camelcase
- elk8.x
- SSL
- letencrypt
- 인증서자동갱신
- Letsencrypt wildcard
- Letsencrypt wildcard auto renew
- 인증서설치
- Letsencrypt+nginx
- letsencrypt
- Intellj들여쓰기
- logstash
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 |
글 보관함