-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fluentd to Elasticsearch image #1756
Changes from all commits
178a901
303da8b
d7b1550
a92dc44
c7447a7
d140c71
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
# This Dockerfile will build an image that is configured | ||
# to run Fluentd with an Elasticsearch plug-in and the | ||
# provided configuration file. | ||
# TODO(satnam6502): Use a lighter base image, e.g. some form of busybox. | ||
# The image acts as an executable for the binary /usr/sbin/td-agent. | ||
# Note that fluentd is run with root permssion to allow access to | ||
# log files with root only access under /var/lib/docker/containers/* | ||
# Please see http://docs.fluentd.org/articles/install-by-deb for more | ||
# information about installing fluentd using deb package. | ||
|
||
FROM ubuntu:14.04 | ||
MAINTAINER Satnam Singh "satnam@google.com" | ||
|
||
# Ensure there are enough file descriptors for running Fluentd. | ||
RUN ulimit -n 65536 | ||
|
||
# Install prerequisites. | ||
RUN apt-get update && \ | ||
apt-get install -y curl && \ | ||
apt-get install -y -q libcurl4-openssl-dev make && \ | ||
apt-get clean | ||
|
||
# Install Fluentd. | ||
RUN /usr/bin/curl -L http://toolbelt.treasuredata.com/sh/install-ubuntu-trusty-td-agent2.sh | sh | ||
|
||
# Change the default user and group to root. | ||
# Needed to allow access to /var/log/docker/... files. | ||
RUN sed -i -e "s/USER=td-agent/USER=root/" -e "s/GROUP=td-agent/GROUP=root/" /etc/init.d/td-agent | ||
|
||
# Install the Elasticsearch Fluentd plug-in. | ||
RUN /usr/sbin/td-agent-gem install fluent-plugin-elasticsearch | ||
|
||
# Copy the Fluentd configuration file. | ||
COPY td-agent.conf /etc/td-agent/td-agent.conf | ||
|
||
# Copy a script that determines the name of the host machine | ||
# and then patch the Fluentd configuration files and then | ||
# run Fluentd in the foreground. | ||
ADD run.sh /run.sh | ||
|
||
# Always run the this setup script. | ||
ENTRYPOINT ["/run.sh"] |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
#!/bin/bash | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. not sure we this wrapper is actually needed. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You mean why the script exists? Well, my typing is so bad and getting worse with age that having a script that saves me from hitting backspace too much is a blessing. |
||
|
||
# Copyright 2014 Google Inc. All rights reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
|
||
# Build the fluentd-elasticsearch image and push | ||
# to google/fluentd-elasticsearch. | ||
|
||
sudo docker build -t kubernetes/fluentd-elasticsearch . | ||
sudo docker push kubernetes/fluentd-elasticsearch |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
#!/bin/bash | ||
|
||
# Copyright 2014 Google Inc. All rights reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
# WARNING! HORRIBLE HACK! We expect /outerhost to be mapped to | ||
# the enclosing /etc/host file so we can determine the name of | ||
# the host machine (super fragile). This is a temporary hack until | ||
# service IPs are done. | ||
OUTER_HOST=`tail -n 1 /outerhost | awk '{print $3}'` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Comment that this is a hack until service IPs are done. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done. On Mon, Oct 13, 2014 at 11:48 AM, Tim Hockin notifications@github.com
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. couldn't you address the host with the default gateway? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. alternatively that's maybe something the kubelet could pass to all pods. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think the default gateway works -- but I defer to @thockin There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think default gateway works, and no, we do NOT want pods coupling to their outer hosts. This is a hack with a lifespan of O(weeks). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The gateway worked worked for my bootstrap hack: @thockin when you say you don't want coupling with the outer host, can you expand a little bit more? Do you expect the ip of the kubelet managing a given pod to change during the lifetime of the container? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. On Tue, Oct 14, 2014 at 11:52 PM, Johan Euphrosine
Interesting - I could not make it work. Either way it's almost moot.
Maybe. Consider live migration, which I know some people have started |
||
|
||
# Copy the Fluentd config file and patch it to refer to the | ||
# name of the host machine for ES_HOST. HACK! | ||
cp td-agent.conf /etc/td-agent | ||
sed -i -e "s/ES_HOST/${OUTER_HOST}/" /etc/td-agent/td-agent.conf | ||
/usr/sbin/td-agent | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. does td-agent takes param? if yes, you might want to add There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It does indeed take parameters. Good idea. I shall make the change. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
# This configuration file for Fluentd / td-agent is used | ||
# to watch changes to Docker log files that live in the | ||
# directory /var/lib/docker/containers/ which are then submitted to | ||
# Elasticsearch (running on the machine ES_HOST:9200) which | ||
# assumes the installation of the fluentd-elasticsearch plug-in. | ||
# See https://github.com/uken/fluent-plugin-elasticsearch for | ||
# more information about the plug-in. This file needs to be | ||
# patched to replace ES_HOST with the name of the actual | ||
# machine running Elasticsearch. | ||
# Maintainer: Satnam Singh (satnam@google.com) | ||
# | ||
# Exampe | ||
# ====== | ||
# A line in the Docker log file might like like this JSON: | ||
# | ||
# {"log":"2014/09/25 21:15:03 Got request with path wombat\n", | ||
# "stream":"stderr", | ||
# "time":"2014-09-25T21:15:03.499185026Z"} | ||
# | ||
# The time_format specification below makes sure we properly | ||
# parse the time format produced by Docker. This will be | ||
# submitted to Elasticsearch and should appear like: | ||
# $ curl 'http://elasticsearch:9200/_search?pretty' | ||
# ... | ||
# { | ||
# "_index" : "logstash-2014.09.25", | ||
# "_type" : "fluentd", | ||
# "_id" : "VBrbor2QTuGpsQyTCdfzqA", | ||
# "_score" : 1.0, | ||
# "_source":{"log":"2014/09/25 22:45:50 Got request with path wombat\n", | ||
# "stream":"stderr","tag":"docker.container.all", | ||
# "@timestamp":"2014-09-25T22:45:50+00:00"} | ||
# }, | ||
# ... | ||
|
||
<source> | ||
type tail | ||
format json | ||
time_key time | ||
path /var/lib/docker/containers/*/*-json.log | ||
time_format %Y-%m-%dT%H:%M:%S | ||
tag docker.container.all | ||
</source> | ||
|
||
<match docker.container.*> | ||
type elasticsearch | ||
log_level info | ||
include_tag_key true | ||
host ES_HOST | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. you could put marker like ${} or %% to make it more obvious that's something that needs to be replaced. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Good idea. When I get a moment. |
||
port 9200 | ||
logstash_format true | ||
flush_interval 5s | ||
</match> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you really want to get rid of the cache you could do: https://github.com/docker-library/golang/blob/master/1.3/Dockerfile#L8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've looked at a lot of Docker files and apt-clean seems good enough? rm -rf seems a bit brutal?