카타코더 Elastic - Collect logs & metrics from your app and Docker env

(카타코더 Elastic에서 넘어옴)

1 개요[ | ]

Collect logs & metrics from your app and Docker env

2 Step 1: 도커 네트워크 생성[ | ]

$ docker network create course_stack
5a4395c907d87fce3dc09135ac029b30be2d1e22ebe3b7dad046e740dcbfb84c

3 Step 2: Elasticsearch 배포[ | ]

docker run -d \
  --name=elasticsearch \
  --label co.elastic.logs/module=elasticsearch \
  --label co.elastic.metrics/module=elasticsearch \
  --label co.elastic.metrics/hosts='${data.host}:9200' \
  --env="discovery.type=single-node" \
  --env="ES_JAVA_OPTS=-Xms256m -Xmx256m" \
  --network=course_stack \
  -p 9300:9300 -p 9200:9200 \
  --health-cmd='curl -s -f http://localhost:9200/_cat/health' \
  docker.elastic.co/elasticsearch/elasticsearch:6.6.2
$ docker run -d   --name=elasticsearch   --label co.elastic.logs/module=elasticsearch   --label co.elastic.metrics/module=elasticsearch   --label co.elastic.metrics/hosts='${data.host}:9200'   --env="discovery.type=single-node"   --env="ES_JAVA_OPTS=-Xms256m -Xmx256m"   --network=course_stack   -p 9300:9300 -p 9200:9200   --health-cmd='curl -s -f http://localhost:9200/_cat/health'   docker.elastic.co/elasticsearch/elasticsearch:6.6.2
Unable to find image 'docker.elastic.co/elasticsearch/elasticsearch:6.6.2' locally
6.6.2: Pulling from elasticsearch/elasticsearch
a02a4930cb5d: Pull complete
1c0c2b94f1aa: Pull complete
e7ba1c987917: Pull complete
8a5898116619: Pull complete
fa49d069f225: Pull complete
0dee6ce7977c: Pull complete
77ecd20c6308: Pull complete
Digest: sha256:c957a3acb7899597cced35a24fecb64988b398094d82b88212f8e40d2f790991
Status: Downloaded newer image for docker.elastic.co/elasticsearch/elasticsearch:6.6.2
4556000ce31b23aa3af095722eb4e4c944a48cea4767a4f502b68299410a4d8f
  • Elasticsearch health / readiness 확인
$ cat /root/course/healthstate.sh
#!/bin/bash
CONTAINERNAME=$1
while [ "$CONTAINERSTATE" != healthy ]; do
  CONTAINERSTATE=$(docker inspect $CONTAINERNAME | jq -r ".[].State.Health.Status")
  echo "$CONTAINERNAME is $CONTAINERSTATE"
  sleep 5
done
$ bash /root/course/healthstate.sh elasticsearch
elasticsearch is healthy

4 Step 3: Kibana 배포[ | ]

docker run -d \
  --name=kibana \
  --user=kibana \
  --network=course_stack -p 5601:5601 \
  --health-cmd='curl -s -f http://localhost:5601/login' \
  --label co.elastic.logs/module=kibana \
  --label co.elastic.metrics/module=kibana \
  --label co.elastic.metrics/hosts='${data.host}:${data.port}' \
  docker.elastic.co/kibana/kibana:6.6.2
$ docker run -d   --name=kibana   --user=kibana   --network=course_stack -p 5601:5601   --health-cmd='curl -s -f http://localhost:5601/login'   --label co.elastic.logs/module=kibana   --label co.elastic.metrics/module=kibana   --label co.elastic.metrics/hosts='${data.host}:${data.port}'   docker.elastic.co/kibana/kibana:6.6.2
Unable to find image 'docker.elastic.co/kibana/kibana:6.6.2' locally
6.6.2: Pulling from kibana/kibana
a02a4930cb5d: Already exists
87f1e1d65b99: Pull complete
8399b0dccaae: Pull complete
66d6ee7bbfdf: Pull complete
f50469d7f611: Pull complete
83f19d3a3f3d: Pull complete
f1ec0f99056a: Pull complete
3a2d4b1fd541: Pull complete
9fdf10b69d0b: Pull complete
Digest: sha256:df44cab5fb54f4c696907c06424eeb01b073b13c4d3a116ea47c6f5131f2f649
Status: Downloaded newer image for docker.elastic.co/kibana/kibana:6.6.2
defbfbe739488076afb6e8f433a2c05ee31878f9bbb3f30f02766983fcb63f60
$ bash /root/course/healthstate.sh kibana
kibana is healthy

5 Step 4: 애플리케이션 배포[ | ]

  • Deploy Redis master
docker run --name=redis-master \
  --label co.elastic.logs/module=redis \
  --label co.elastic.logs/fileset.stdout=log \
  --label co.elastic.metrics/module=redis \
  --label co.elastic.metrics/metricsets="info, keyspace" \
  --label co.elastic.metrics/hosts='${data.host}:${data.port}' \
  --env="GET_HOSTS_FROM=dns" \
  --env="HOME=/root" \
  --volume="/data" \
  --network=course_stack \
  --label com.docker.compose.service="redis-master" \
  --detach=true \
  gcr.io/google_containers/redis:e2e redis-server /etc/redis/redis.conf
$ docker run --name=redis-master   --label co.elastic.logs/module=redis   --label co.elastic.logs/fileset.stdout=log   --label co.elastic.metrics/module=redis   --label co.elastic.metrics/metricsets="info, keyspace"   --label co.elastic.metrics/hosts='${data.host}:${data.port}'   --env="GET_HOSTS_FROM=dns"   --env="HOME=/root"   --volume="/data"--network=course_stack   --label com.docker.compose.service="redis-master"   --detach=true   gcr.io/google_containers/redis:e2e redis-server /etc/redis/redis.conf
Unable to find image 'gcr.io/google_containers/redis:e2e' locally
e2e: Pulling from google_containers/redis
a3ed95caeb02: Pull complete
7059585c469e: Pull complete
782c76bb9e67: Pull complete
706514fbad74: Pull complete
62f9861bf413: Pull complete
d9a5cf315f9b: Pull complete
43310c2277ff: Pull complete
b3e03532a808: Pull complete
9c59e8378f86: Pull complete
Digest: sha256:f066bcf26497fbc55b9bf0769cb13a35c0afa2aa42e737cc46b7fb04b23a2f25
Status: Downloaded newer image for gcr.io/google_containers/redis:e2e
138bc6c73ef3eea4d3fc17d72c77c16bc6b502d66ad2f8b7d09dc3e5f11d185b
  • Deploy Redis worker
docker run --name=redis-slave \
  --label co.elastic.logs/module=redis \
  --label co.elastic.logs/fileset.stdout=log \
  --label co.elastic.metrics/module=redis \
  --label co.elastic.metrics/metricsets="info, keyspace" \
  --label co.elastic.metrics/hosts='${data.host}:${data.port}' \
  --env="GET_HOSTS_FROM=dns" \
  --volume="/data" \
  --network=course_stack \
  --label com.docker.compose.service="redis-slave" \
  --detach=true \
  gcr.io/google_samples/gb-redisslave:v1 /bin/sh -c /run.sh
$ docker run --name=redis-slave   --label co.elastic.logs/module=redis   --label co.elastic.logs/fileset.stdout=log   --label co.elastic.metrics/module=redis   --label co.elastic.metrics/metricsets="info, keyspace"   --label co.elastic.metrics/hosts='${data.host}:${data.port}'   --env="GET_HOSTS_FROM=dns"   --volume="/data"   --network=course_stack   --label com.docker.compose.service="redis-slave"   --detach=true   gcr.io/google_samples/gb-redisslave:v1 /bin/sh -c /run.sh
Unable to find image 'gcr.io/google_samples/gb-redisslave:v1' locally
v1: Pulling from google_samples/gb-redisslave
70c964415e86: Pull complete
a3ed95caeb02: Pull complete
3229dc640f23: Pull complete
6f94b06e5c79: Pull complete
448093e93ac3: Pull complete
1d9e24959f82: Pull complete
5752d13404d0: Pull complete
5b712ee108fe: Pull complete
a1a961e320bc: Pull complete
6f37ec7ab693: Pull complete
Digest: sha256:90f62695e641e1a27d1a5e0bbb8b622205a48e18311b51b0da419ffad24b9016
Status: Downloaded newer image for gcr.io/google_samples/gb-redisslave:v1
56e139da0d16614feb17e4406ac929b8e974855541174b54ce1abe4ab73fb384
  • Deploy Apache httpd and PHP
docker run \
  --name=frontend \
  --label co.elastic.logs/module=apache2 \
  --label co.elastic.logs/fileset.stdout=access \
  --label co.elastic.logs/fileset.stderr=error \
  --label co.elastic.metrics/module=apache \
  --label co.elastic.metrics/metricsets=status \
  --label co.elastic.metrics/hosts='${data.host}:${data.port}' \
  -v /root/course/apache2.conf:/etc/apache2/apache2.conf:ro \
  -v /root/course/apache-mod-status.conf:/etc/apache2/mods-available/status.conf:ro \
  -v /root/course/remoteip.load:/etc/apache2/mods-enabled/remoteip.load:ro \
  --env="GET_HOSTS_FROM=dns" \
  --network=course_stack \
  --label com.docker.compose.service="frontend" \
  --detach=true \
  gcr.io/google-samples/gb-frontend:v4 apache2-foreground
$ docker run   --name=frontend   --label co.elastic.logs/module=apache2   --label co.elastic.logs/fileset.stdout=access   --label co.elastic.logs/fileset.stderr=error   --label co.elastic.metrics/module=apache   --label co.elastic.metrics/metricsets=status   --label co.elastic.metrics/hosts='${data.host}:${data.port}'   -v /root/course/apache2.conf:/etc/apache2/apache2.conf:ro   -v /root/course/apache-mod-status.conf:/etc/apache2/mods-available/status.conf:ro   -v /root/course/remoteip.load:/etc/apache2/mods-enabled/remoteip.load:ro   --env="GET_HOSTS_FROM=dns"   --network=course_stack   --label com.docker.compose.service="frontend"   --detach=true   gcr.io/google-samples/gb-frontend:v4 apache2-foreground
Unable to find image 'gcr.io/google-samples/gb-frontend:v4' locally
v4: Pulling from google-samples/gb-frontend
efd26ecc9548: Pull complete
a3ed95caeb02: Pull complete
589a9d9a7c64: Pull complete
4683f98d2423: Pull complete
d5f645469de1: Pull complete
2950971584b0: Pull complete
6fdfa3810627: Pull complete
75061bf48855: Pull complete
0f5751ac9b60: Pull complete
d14da6152c4e: Pull complete
6ab8fdf783f1: Pull complete
d9d00d4a64fc: Pull complete
5602a3c5c50a: Pull complete
58d34c85820d: Pull complete
877af9017896: Pull complete
4724521a30fb: Pull complete
11b385b847e1: Pull complete
51375f25226f: Pull complete
a093cdee7c5d: Pull complete
859a93dab0e4: Pull complete
8f93e19d08c4: Pull complete
9c3bf4bb32d3: Pull complete
Digest: sha256:d44e7d7491a537f822e7fe8615437e4a8a08f3a7a1d7d4cb9066b92f7556ba6d
Status: Downloaded newer image for gcr.io/google-samples/gb-frontend:v4
7d7a45936cdc5469506e6ae35b02d99c7c7e4fdbb477152689510e9a224e8dc6
  • Start NGINX
docker run -d \
--net course_stack \
--label co.elastic.logs/module=nginx \
--label co.elastic.logs/fileset.stdout=access \
--label co.elastic.logs/fileset.stderr=error \
--label co.elastic.metrics/module=nginx \
--label co.elastic.metrics/hosts='${data.host}:${data.port}' \
-v /root/course/nginx.conf:/etc/nginx/nginx.conf:ro \
-v /root/course/nginx-default.conf:/etc/nginx/conf.d/default.conf:ro \
--name nginx \
-p 8080:8080 nginx:1.15.4
$ docker run -d --net course_stack --label co.elastic.logs/module=nginx --label co.elastic.logs/fileset.stdout=access --label co.elastic.logs/fileset.stderr=error --label co.elastic.metrics/module=nginx --label co.elastic.metrics/hosts='${data.host}:${data.port}' -v /root/course/nginx.conf:/etc/nginx/nginx.conf:ro -v /root/course/nginx-default.conf:/etc/nginx/conf.d/default.conf:ro --name nginx -p 8080:8080 nginx:1.15.4
Unable to find image 'nginx:1.15.4' locally
1.15.4: Pulling from library/nginx
802b00ed6f79: Pull complete
c16436dbc224: Pull complete
683eac851b28: Pull complete
Digest: sha256:e8ab8d42e0c34c104ac60b43ba60b19af08e19a0e6d50396bdfd4cef0347ba83
Status: Downloaded newer image for nginx:1.15.4
8762db0a709468260ad8b29fbb090e86a235b40f7bc13f61f1e90c70a06e6fcb
$ docker inspect nginx | grep -A7 Labels
            "Labels": {
                "co.elastic.logs/fileset.stderr": "error",
                "co.elastic.logs/fileset.stdout": "access",
                "co.elastic.logs/module": "nginx",
                "co.elastic.metrics/hosts": "${data.host}:${data.port}",
                "co.elastic.metrics/module": "nginx",
                "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
            },

6 Step 5: Filebeat 시작[ | ]

$ cat course/filebeat.yml
setup.dashboards.enabled: true
setup.template.enabled: true
setup.template.settings:
  index.number_of_shards: 1

filebeat.config:
  modules:
    path: ${path.config}/modules.d/*.yml
    # Reload module configs as they change:
    reload.enabled: false

# To enable hints based autodiscover, remove `filebeat.config.inputs` configuration and uncomment this:
filebeat.autodiscover:
  providers:
    - type: docker
      hints.enabled: true

processors:
  - add_docker_metadata:

output.elasticsearch:
  hosts: ["elasticsearch:9200"]

setup.kibana.host: "kibana:5601"
docker run -d \
--net course_stack \
--name=filebeat \
--user=root \
--volume="/var/lib/docker/containers:/var/lib/docker/containers:ro" \
--volume="/root/course/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro" \
--volume="/var/run/docker.sock:/var/run/docker.sock:ro" \
docker.elastic.co/beats/filebeat:6.6.2 filebeat -e -strict.perms=false
$ docker run -d --net course_stack --name=filebeat --user=root --volume="/var/lib/docker/containers:/var/lib/docker/containers:ro" --volume="/root/course/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro" --volume="/var/run/docker.sock:/var/run/docker.sock:ro" docker.elastic.co/beats/filebeat:6.6.2 filebeat -e -strict.perms=false
Unable to find image 'docker.elastic.co/beats/filebeat:6.6.2' locally
6.6.2: Pulling from beats/filebeat
a02a4930cb5d: Already exists
116c87d1eab9: Pull complete
386ce2e28036: Pull complete
a1d717907e18: Pull complete
03f2603f0738: Pull complete
8659b8c0c09b: Pull complete
229bbc218f7d: Pull complete
Digest: sha256:f8237ac2edefe308645193136c2f52f910872e31c8425dbb26fffad0c7670e50
Status: Downloaded newer image for docker.elastic.co/beats/filebeat:6.6.2
a2d278fa1c9263279af1f0d71c63cf557604e6976cbdbf4b15089a449d624d0b

7 Step 6: Metricbeat 시작[ | ]

$ cat course/metricbeat.yml
setup.dashboards.enabled: true
setup.template.enabled: true
setup.template.settings:
  index.number_of_shards: 1

metricbeat.config:
  modules:
    path: ${path.config}/modules.d/*.yml
    # Reload module configs as they change:
    reload.enabled: false

# To enable hints based autodiscover, remove `metricbeat.config.inputs` configuration and uncomment this:
metricbeat.autodiscover:
  providers:
    - type: docker
      hints.enabled: true

metricbeat.modules:
- module: docker
  metricsets:
    - "container"
    - "cpu"
    - "diskio"
    - "healthcheck"
    - "info"
    #- "image"
    - "memory"
    - "network"
  hosts: ["unix:///var/run/docker.sock"]
  period: 10s
  enabled: true

processors:
  - add_docker_metadata:

output.elasticsearch:
  hosts: ["elasticsearch:9200"]

setup.kibana.host: "kibana:5601"
docker run -d \
--net course_stack \
--name=metricbeat \
--user=root \
--volume="/root/course/metricbeat.yml:/usr/share/metricbeat/metricbeat.yml:ro" \
--volume="/var/run/docker.sock:/var/run/docker.sock:ro" \
--volume="/sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro" \
--volume="/proc:/hostfs/proc:ro" \
--volume="/:/hostfs:ro" \
docker.elastic.co/beats/metricbeat:6.6.2 metricbeat -e
$ docker run -d --net course_stack --name=metricbeat --user=root --volume="/root/course/metricbeat.yml:/usr/share/metricbeat/metricbeat.yml:ro" --volume="/var/run/docker.sock:/var/run/docker.sock:ro" --volume="/sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro" --volume="/proc:/hostfs/proc:ro" --volume="/:/hostfs:ro" docker.elastic.co/beats/metricbeat:6.6.2 metricbeat -e
Unable to find image 'docker.elastic.co/beats/metricbeat:6.6.2' locally
6.6.2: Pulling from beats/metricbeat
a02a4930cb5d: Already exists
27346b249c64: Pull complete
cc2b6e034913: Pull complete
b462e5fc0897: Pull complete
4f09de746d41: Pull complete
4a984023e286: Pull complete
bce502d5ceb5: Pull complete
Digest: sha256:ffa4f90900d5cd7ed4abc69ff75c03f66e9152dc80bf5c7142a892331cf7b44c
Status: Downloaded newer image for docker.elastic.co/beats/metricbeat:6.6.2
3c32a474a230530abe2aa1e7a551e1adceea23f63190f7f46854313f65a3e377

8 참고[ | ]

문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}