Alanaはログの転送先としてElasticsearch + Kibanaが欲しい

making commented 2 years ago

Why

As Alana I want to ログの転送先としてElasticsearch + Kibanaが欲しい So that トラブルシュートなどにログを見たいから

Acceptance Criteria

Scenario: 
Given
When
Then

Notes:

making commented 2 years ago

Elasticsearch用のnode pool作成

Elasticsearchは専用環境に置きたいが、新規クラスタを作成するのも面倒なので、nodePoolを追加する。taintとlabelをつけて、他のPodがスケジューリングされないようにする。

apiVersion: run.tanzu.vmware.com/v1alpha2
kind: TanzuKubernetesCluster
metadata:
  name: jaguchi
  namespace: ns-tmaki
spec:
  settings:
    network:
      cni:
        name: antrea
      pods:
        cidrBlocks:
        - 100.96.0.0/11
      serviceDomain: cluster.local
      services:
        cidrBlocks:
        - 100.64.0.0/13
    storage:
      classes:
      - k8s-storage
      defaultClass: k8s-storage
  topology:
    controlPlane:
      tkr:
        reference:
          name: v1.21.6---vmware.1-tkg.1.b3d708a
      vmClass: best-effort-large
      replicas: 3
      storageClass: k8s-storage
    nodePools:
    - name: workers
      vmClass: best-effort-large
      replicas: 5
      storageClass: k8s-storage
      volumes:
      - name: containerd
        mountPath: /var/lib/containerd
        capacity:
          storage: 60Gi
    # ↓追加
    - name: logging
      vmClass: best-effort-large
      replicas: 3
      storageClass: k8s-storage
      taints:
      - key: CriticalAddonsOnly
        effect: NoExecute
      labels:
        role: logging

ElasticsearchにはnodeAffinity.requiredDuringSchedulingIgnoredDuringExecutionとtolerationsを指定する

making commented 2 years ago

Elasticsearch, Kibanaのデプロイ

https://github.com/tanzu-japan/jaguchi-manifests/commit/d6f5880610bcb818754715423af0fd2ba67166fa

$ kubectl get pod,sts,elasticsearch,kibana,ingress -n elastic-stack -owide 
NAME                             READY   STATUS    RESTARTS   AGE     IP            NODE                                     NOMINATED NODE   READINESS GATES
pod/elasticsearch-es-default-0   1/1     Running   0          6m15s   100.96.11.4   jaguchi-logging-zkqwv-6798f9dd99-v4zx2   <none>           <none>
pod/elasticsearch-es-default-1   1/1     Running   0          6m15s   100.96.12.5   jaguchi-logging-zkqwv-6798f9dd99-b8mt7   <none>           <none>
pod/elasticsearch-es-default-2   1/1     Running   0          6m15s   100.96.13.6   jaguchi-logging-zkqwv-6798f9dd99-hz77x   <none>           <none>
pod/kibana-kb-76f6d75db5-t6l48   1/1     Running   0          6m14s   100.96.13.5   jaguchi-logging-zkqwv-6798f9dd99-hz77x   <none>           <none>

NAME                                        READY   AGE     CONTAINERS      IMAGES
statefulset.apps/elasticsearch-es-default   3/3     6m17s   elasticsearch   docker.elastic.co/elasticsearch/elasticsearch:7.17.3

NAME                                                       HEALTH   NODES   VERSION   PHASE   AGE
elasticsearch.elasticsearch.k8s.elastic.co/elasticsearch   green    3       7.17.3    Ready   18m

NAME                                  HEALTH   NODES   VERSION   AGE
kibana.kibana.k8s.elastic.co/kibana   green    1       7.17.3    18m

NAME                                      CLASS    HOSTS                            ADDRESS        PORTS     AGE
ingress.networking.k8s.io/elasticsearch   <none>   elasticsearch.jaguchi.maki.lol   10.90.21.196   80, 443   18m
ingress.networking.k8s.io/kibana          <none>   kibana.jaguchi.maki.lol          10.90.21.196   80, 443   18m

making commented 2 years ago

Kibanaにアクセス

elasticユーザーのパスワードは↓で取得できる

kubectl get secret -n elastic-stack elasticsearch-es-elastic-user -otemplate='{{.data.elastic | base64decode}}'

making / jaguchi-manifests

Alanaはログの転送先としてElasticsearch + Kibanaが欲しい #12

Why

Acceptance Criteria

Elasticsearch用のnode pool作成

Elasticsearch, Kibanaのデプロイ

Kibanaにアクセス