편집을 취소할 수 있습니다. 이 편집을 되돌리려면 아래의 바뀐 내용을 확인한 후 게시해주세요.
최신판 | 당신의 편집 | ||
8번째 줄: | 8번째 줄: | ||
Fluent Bit 는 Kubernetes를 완벽하게 지원하는 가볍고 확장가능한 로그 처리기입니다. | Fluent Bit 는 Kubernetes를 완벽하게 지원하는 가볍고 확장가능한 로그 처리기입니다. | ||
* 파일 시스템 또는 Systemd/Journald에서 Kubernetes 컨테이너 로그를 처리합니다. | * 파일 시스템 또는 Systemd/Journald에서 Kubernetes 컨테이너 로그를 처리합니다. | ||
* Kubernetes 메타데이터로 로그를 | * Kubernetes 메타데이터로 로그를 강화(enrich)하세요. | ||
* Elasticsearch, InfluxDB, HTTP와 같은 서드파티 스토리지 서비스로 로그를 중앙화하세요. | * Elasticsearch, InfluxDB, HTTP와 같은 서드파티 스토리지 서비스로 로그를 중앙화하세요. | ||
==개념== | ==개념== | ||
Before getting started it is important to understand how Fluent Bit will be deployed. Kubernetes manages a cluster of nodes, so our log agent tool will need to run on every node to collect logs from every POD, hence Fluent Bit is deployed as a DaemonSet (a POD that runs on every node of the cluster). | |||
Fluent | When Fluent Bit runs, it will read, parse and filter the logs of every POD and will enrich each entry with the following information (metadata): | ||
* Pod Name | |||
* Pod ID | |||
* Container Name | |||
* Container ID | |||
* Labels | |||
* Annotations | |||
To obtain this information, a built-in filter plugin called kubernetes talks to the Kubernetes API Server to retrieve relevant information such as the pod_id, labels and annotations, other fields such as pod_name, container_id and container_name are retrieved locally from the log file names. All of this is handled automatically, no intervention is required from a configuration aspect. | |||
Our Kubernetes Filter plugin is fully inspired by the Fluentd Kubernetes Metadata Filter written by Jimmi Dyson. | |||
==설치== | ==설치== | ||
Fluent Bit should be deployed as a DaemonSet, so on that way it will be available on every node of your Kubernetes cluster. | |||
The recommended way to deploy Fluent Bit is with the official Helm Chart: https://github.com/fluent/helm-charts | |||
===OpenShift 참고사항=== | ===OpenShift 참고사항=== | ||
Red Hat | If you are using Red Hat OpenShift you will also need to set up security context constraints (SCC): | ||
<syntaxhighlight lang=' | <syntaxhighlight lang='ini'> | ||
$ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/fluent-bit-openshift-security-context-constraints.yaml | $ kubectl create -f https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/fluent-bit-openshift-security-context-constraints.yaml | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== | ===헬름 차트로 설치=== | ||
Helm is a package manager for Kubernetes and allows you to quickly deploy application packages into your running cluster. Fluent Bit is distributed via a helm chart found in the Fluent Helm Charts repo: https://github.com/fluent/helm-charts. | |||
Fluent Helm Charts | To add the Fluent Helm Charts repo use the following command | ||
helm repo add fluent https://fluent.github.io/helm-charts | helm repo add fluent https://fluent.github.io/helm-charts | ||
To validate that the repo was added you can run helm search repo fluent to ensure the charts were added. The default chart can then be installed by running the following | |||
helm upgrade --install fluent-bit fluent/fluent-bit | helm upgrade --install fluent-bit fluent/fluent-bit | ||
===기본값=== | ===기본값=== | ||
The default chart values include configuration to read container logs, with Docker parsing, systemd logs apply Kubernetes metadata enrichment and finally output to an Elasticsearch cluster. You can modify the values file included https://github.com/fluent/helm-charts/blob/master/charts/fluent-bit/values.yaml to specify additional outputs, health checks, monitoring endpoints, or other configuration options. | |||
==세부사항== | ==세부사항== | ||
Fluent | The default configuration of Fluent Bit makes sure of the following: | ||
Consume all containers logs from the running Node. | |||
The Tail input plugin will not append more than 5MB into the engine until they are flushed to the Elasticsearch backend. This limit aims to provide a workaround for backpressure scenarios. | |||
The Kubernetes filter will enrich the logs with Kubernetes metadata, specifically labels and annotations. The filter only goes to the API Server when it cannot find the cached info, otherwise it uses the cache. | |||
The default backend in the configuration is Elasticsearch set by the Elasticsearch Output Plugin. It uses the Logstash format to ingest the logs. If you need a different Index and Type, please refer to the plugin option and do your own adjustments. | |||
There is an option called Retry_Limit set to False, that means if Fluent Bit cannot flush the records to Elasticsearch it will re-try indefinitely until it succeed. | |||
==컨테이너 런타임 인터페이스(CRI) 파서== | ==컨테이너 런타임 인터페이스(CRI) 파서== | ||
Fluent | Fluent Bit by default assumes that logs are formatted by the Docker interface standard. However, when using CRI you can run into issues with malformed JSON if you do not modify the parser used. Fluent Bit includes a CRI log parser that can be used instead. An example of the parser is seen below: | ||
<syntaxhighlight lang='ini'> | <syntaxhighlight lang='ini'> | ||
78번째 줄: | 79번째 줄: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
To use this parser change the Input section for your configuration from docker to cri | |||
<syntaxhighlight lang='ini'> | <syntaxhighlight lang='ini'> | ||
182번째 줄: | 183번째 줄: | ||
* <code>DNS_Retries</code> - 네트워크가 작동하기 시작할 때까지 N번 재시도 (6) | * <code>DNS_Retries</code> - 네트워크가 작동하기 시작할 때까지 N번 재시도 (6) | ||
* <code>DNS_Wait_Time</code> - 네트워크 상태 확인 간격 (30) | * </code>DNS_Wait_Time</code> - 네트워크 상태 확인 간격 (30) | ||
기본적으로, Fluent Bit는 3분(30초 x 6회)동안 기다립니다. 충분하지 않은 경우 다음과 같이 설정을 조정하십시오. | 기본적으로, Fluent Bit는 3분(30초 x 6회)동안 기다립니다. 충분하지 않은 경우 다음과 같이 설정을 조정하십시오. |