grafana全家桶-loki promtail收集k8s容器日志
loki是grafana旗下轻量级日志收集工具,为了减少loki对集群的影响,把loki的agent日志收集端promtail部署在k8s集群中,loki server部署在集群外面。这样简单做一个解耦,避免大量读写的应用影响到集群内业务服务。
一、promtail部署
helm配置文件,这里简单说一下promtail会自动从每台k8s node的容器目录去收集日志,默认是按照deployment的name进行拆分job,例如dp的名称是test和baga,job就会是test和baga
这里url写集群外的loki地址就行
cat >vaules.yaml<<EOF
config:clients:- url: http://172.28.199.199:3100/loki/api/v1/pushresources:limits:cpu: 300mmemory: 300Mirequests:cpu: 100mmemory: 100Mitolerations:- effect: NoSchedulekey: node-role.kubernetes.io/master
EOF
安装promtail
kubectl create namespace logging
helm upgrade --install promtail grafana/promtail -f values.yaml --namespace logging
二、安装配置loki
2.1、docker-compose文件
cat >docker-compose.yaml <<EOF
version: '3'services:loki:image: grafana/loki:latestports:- "3100:3100"- "9095:9095"volumes:- ./loki-data:/loki- ./loki-config.yaml:/etc/loki/local-config.yamluser: rootcommand: ["-config.file=/etc/loki/local-config.yaml"]
EOF
2.2、loki-config文件
cat >loki-config.yaml <<EOF
server:http_listen_port: 3100common: #通用配置path_prefix: /lokistorage:filesystem:chunks_directory: /loki/chunksrules_directory: /loki/rulesreplication_factor: 1ring:kvstore:store: inmemoryschema_config:configs:- from: 2020-10-24 # 架构配置的生效日期store: boltdb-shipper # 存储类型object_store: filesystem # 对象存储类型为文件系统schema: v11 # 架构版本index: # 索引配置prefix: index_ # 索引前缀period: 24h # 索引周期storage_config: # 存储相关boltdb_shipper:active_index_directory: /loki/boltdb-shipper-active # 活动索引的目录cache_location: /loki/boltdb-shipper-cache # 缓存位置cache_ttl: 24h # 缓存的过期时间shared_store: filesystem # 共享存储类型为文件系统filesystem:directory: /loki/chunks # 文件系统的目录compactor:working_directory: /loki/boltdb-shipper-compactor # 紧缩器的工作目录shared_store: filesystem # 共享存储类型为文件系统limits_config:reject_old_samples: true # 是否拒绝旧样本reject_old_samples_max_age: 72h # 72小时之前的样本被拒绝max_entries_limit_per_query: 9999 # 数值改为自己想要的最大查询行数ingestion_rate_mb: 32 # mb单位,每个用户每秒的采样率限制 不设置客户端会报错ingestion_burst_size_mb: 64 # 每个用户允许的采样突发大小chunk_store_config:max_look_back_period: 72h # 为避免查询超过保留期的数据,必须小于或等于下方的时间值table_manager:retention_deletes_enabled: true # 保留删除开启retention_period: 72h # 超过72h的块数据将被删除
auth_enabled: false
EOF
经过三天后发现数据保留72h是有效的
2.3、启动loki server
$ docker-compose up -d
# 这里的loki-data目录是loki的data目录,映射出来了 ./loki-data:/loki
root@ip-172-28-199-199:/data/loki# ls
docker-compose.yaml loki-config.yaml loki-data
2.4、写入测试数据
在没有grafana时测试loki可用性
curl -X POST http://172.28.199.199:3100/loki/api/v1/push -H "Content-Type: application/json" -d '{"streams": [{"stream": {"job": "test-job","host": "example"},"values": [[ "'$(date +%s%N)'", "Hello Loki from test-job" ]]}]
}'
2.5、查看loki的job信息
$ curl "http://172.28.199.199:3100/loki/api/v1/label/job/values"
{"status":"success","data":["logging/promtail","sijia-test/vault-demo","test-job","vault/vault","vault/vault-agent-injector","velero/velero"]}
三、部署grafana
loki的ui就是grafana
3.1、docker-compose文件
直接把ldap也配置了
version: '3.7'services:grafana:image: grafana/grafana:latestcontainer_name: "grafana"ports:- "3000:3000"restart: alwaysvolumes:- "./grafana_data:/var/lib/grafana"- "./ldap.toml:/etc/grafana/ldap.toml"environment:- GF_AUTH_LDAP_ENABLED=true- GF_AUTH_LDAP_CONFIG_FILE=/etc/grafana/ldap.toml
3.2、ldap配置
ldap.toml,这是测试环境,所以用户权限都给Admin了
[[servers]]
# LDAP 服务器的地址和端口
host = "172.28.224.89"
port = 389
use_ssl = false
start_tls = false
ssl_skip_verify = false# 用于绑定 LDAP 服务器的用户凭证
bind_dn = "cn=admin,dc=xx,dc=com"
bind_password = 'xx.compassword'# 搜索过滤器和基础 DN,用于查找用户
search_filter = "(uid=%s)"
search_base_dns = ["dc=xx,dc=com"]# LDAP 属性映射
[servers.attributes]
name = "uid"
surname = "sn"
username = "cn"
member_of = "dn"
email = "email"# 组映射,所有用户默认分配 Admin 角色
[[servers.group_mappings]]
group_dn = "*"
org_role = "Admin"
查看ldap验证信息
docker logs grafana -f | grep ldap
3.3、在grafana中查询
通过Explore查询
3.4、通过模板查询
我当前用了dash_id 13639,每个服务都对应一个App
