部署环境
centos7
本主要利用efk实现日志收集
一、创建docker-compose
es地址:https://www.elastic.co/guide/en/elasticsearch/reference/6.4/docker.html
fluentd地址:https://hub.docker.com/r/fluent/fluentd
kibana地址:https://www.elastic.co/guide/en/kibana/current/docker.html
1、利用xshell+xftp在centos7的/root/test下创建文件夹挂载容器内配置、数据等
fluentd -config fluent.conf
-plugins #空文件夹 Dockerfile docker-compose.yml fluent.conf #与上面一样
2、创建自己的fluentd镜像 (#因为镜像中不支持es插件输出,以下可以参考上面fluentd地址)
上面目录中的Dockerfile文件如下:
Dockerfile
FROM fluent/fluentd:v1.3-onbuild-1 # Use root account to use apk USER root # below RUN includes plugin as examples elasticsearch is not required # you may customize including plugins as you wish RUN apk add --no-cache --update --virtual .build-deps sudo build-base ruby-dev && sudo gem install fluent-plugin-elasticsearch && sudo gem sources --clear-all && apk del .build-deps && rm -rf /home/fluent/.gem/ruby/2.5.0/cache/*.gem USER fluent
fluent.conf 可以根据自己情况设置默认,因为启动fluentd的时候会自己加载/fluentd/etc/fluent.conf这个文件。你可以把它挂在在外面
fluent.conf
<source> @type forward port 24224 bind 0.0.0.0 </source> <filter> @type parser format json emit_invalid_record_to_error false time_format %Y-%m-%dT%H:%M:%S.%L%Z key_name log </filter> <match **> @type elasticsearch host 192.168.1.157 port 9200 logstash_format true </match>
cd到 /root/test/fluentd 执行
docker build -t custom-fluentd:latest ./
生成支持es的fluentd镜像完毕
3、利用docker-compose.yml启动
version: '3.4' services: elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:6.4.3 container_name: elasticsearch environment: discovery.type: "single-node" http.cors.enabled: "true" volumes: - esdata1:/usr/share/elasticsearch/data ports: - "9200:9200" - "9300:9300" kibana: image: docker.elastic.co/kibana/kibana:6.4.3 container_name: kibana environment: SERVER_NAME: kibana ELASTICSEARCH_HOSTS: http://192.168.1.157:9200 # default is http://elasticsearch:9200 ports: - "5601:5601" depends_on: - elasticsearch fluentd: image: custom-fluentd #build: # context: ./fluentd/ # dockerfile: Dockerfile container_name: fluentd ports: - "24224:24224" - "24224:24224/udp" volumes: - /root/test/fluentd/log:/fluentd/log - /root/test/fluentd/config:/fluentd/etc depends_on: - elasticsearch volumes: esdata1: driver: local
输入http://ip:5601查看kibana
输入http://ip:9200查看es
注意:启动过程可能会因为es还没启动好fluentd就启动导致fluentd没连上es可以通过查看日志docker logs fluentd确定是否连上,如果没连上,可以通过wait-for-it.sh或wait-for进行延迟编排,本文不讲
参考地址:https://my.oschina.net/eacdy/blog/1824219
如果还是不行可以把上面的分开一个一个启动
docker-compose -d up
二、.net core 利用serilog日志组件输出到es
1、项目中NuGet
Serilog.AspNetCore
Serilog.Settings.Configuration
Serilog.Sinks.Console
Serilog.Sinks.Elasticsearch
2、Appsetting.json中配置
{ "Serilog": { "Using": ["Serilog.Sinks.Console"], "MinimumLevel": "Warning", "WriteTo": [ { "Name": "Console" } ], "Enrich": ["FromLogContext", "WithMachineName", "WithThreadId"], "Destructure": [ { "Name": "ToMaximumDepth", "Args": { "maximumDestructuringDepth": 4 } }, { "Name": "ToMaximumStringLength", "Args": { "maximumStringLength": 100 } }, { "Name": "ToMaximumCollectionCount", "Args": { "maximumCollectionCount": 10 } } ], "Properties": { "Application": "ApplicationName" } } }
3、program.cs中配置
....
using Serilog;
using Serilog.Sinks.Elasticsearch;
public static IWebHostBuilder CreateWebHostBuilder(string[] args) => WebHost.CreateDefaultBuilder(args) .UseKestrel() .UseContentRoot(Directory.GetCurrentDirectory()) .UseIISIntegration() .UseStartup<Startup>() .UseSerilog((ctx, config)=> { config.ReadFrom.Configuration(ctx.Configuration); #if DEBUG config.WriteTo.Console(); #else config.WriteTo.Console(new ElasticsearchJsonFormatter()); #endif });
配置好后可以运行起来,这个时候的控制台输出的日志就已经是es类型格式了
4、编写Dockerfile打包项目镜像
Dockerfile
FROM microsoft/dotnet:2.2-aspnetcore-runtime AS base WORKDIR /app EXPOSE 80 FROM microsoft/dotnet:2.2-sdk AS publish WORKDIR /src COPY . . RUN dotnet publish -c Release -o /app FROM base AS final WORKDIR /app COPY --from=publish /app . ENTRYPOINT ["dotnet", "ApplicationName.dll"]
5、利用docker-compose.yml启动项目
docker-compose.yml
ApplicationName: image: ApplicationName container_name: ApplicationName build: context: ./ApplicationName/ dockerfile: Dockerfile environment: - ASPNETCORE_URLS=http://0.0.0.0:80 restart: always ports: - "5000:80" logging: driver: "fluentd" options: fluentd-address: "tcp://192.168.1.157:24224"
其中logging要指定日志输出类型及日志输出到fluentd的地址端口
把docker-compose.yml放在项目根目录下,cd到项目根目录运行
docker-compose -d up
就可以启动完成
在浏览器中输入ip:port即可查看
注意:这里的所有docker-compose.yml都是分开的所以启动后可能会分布在不同的网络中,可以创建一个网络docker network create netname,然后保证他们在同一个网络里面这样就可以直接用容器名来连接而不需要用宿主机的ip