文章详细介绍了如何在Kubernetes环境中部署Loki日志管理系统的单机版,重点在于持久化配置,包括服务账户、角色、角色绑定的设置。此外,还展示了如何配置Loki以使用阿里云OSS和AzureBlob进行数据存储,确保日志数据的安全和可靠性。
Loki-单机版
关于Loki部署,这里着重介绍持久化的相关配置,直接上编排文件
编排文件
######################
## loki rbac
######################
apiVersion: v1
kind: ServiceAccount
metadata:
name: loki
namespace: loki
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: loki
namespace: loki
rules:
- apiGroups:
- extensions
resourceNames:
- loki
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: loki
namespace: loki
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: loki
subjects:
- kind: ServiceAccount
name: loki
######################
## loki svc sts
######################
---
apiVersion: v1
kind: Service
metadata:
name: loki
namespace: loki
labels:
app: loki
spec:
type: ClusterIP
ports:
- port: 3100
protocol: TCP
name: http-metrics
targetPort: http-metrics
selector:
app: loki
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: loki
namespace: loki
labels:
app: loki
spec:
podManagementPolicy: OrderedReady
replicas: 1
selector:
matchLabels:
app: loki
serviceName: loki
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
app: loki
spec:
serviceAccount: loki
serviceAccountName: loki
securityContext:
fsGroup: 10001
runAsGroup: 10001
runAsNonRoot: true
runAsUser: 10001
containers:
- name: loki
image: grafana/loki
imagePullPolicy: Always
args:
- -config.file=/etc/loki/config/config.yaml
volumeMounts:
- name: config
mountPath: /etc/loki/config
- name: storage
mountPath: /data
subPath: "loki"
ports:
- name: http-metrics
containerPort: 3100
protocol: TCP
livenessProbe:
httpGet:
path: /ready
port: http-metrics
scheme: HTTP
initialDelaySeconds: 45
timeoutSeconds: 1
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /ready
port: http-metrics
scheme: HTTP
initialDelaySeconds: 45
timeoutSeconds: 1
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
volumes:
- name: config
configMap:
defaultMode: 420
name: loki
- name: storage
persistentVolumeClaim:
claimName: loki-chunks-data
配置文件
######################
## loki configMap
######################
---
apiVersion: v1
kind: ConfigMap
metadata:
name: loki
namespace: loki
labels:
app: loki
data:
config.yaml: |
auth_enabled: false
ingester:
chunk_idle_period: 3m # 如果块没有达到最大的块大小,那么在刷新之前,块应该在内存中不更新多长时间
chunk_block_size: 262144
chunk_retain_period: 1m # 块刷新后应该在内存中保留多长时间
max_transfer_retries: 0 # Number of times to try and transfer chunks when leaving before falling back to flushing to the store. Zero = no transfers are done.
lifecycler: #配置ingester的生命周期,以及在哪里注册以进行发现
ring:
kvstore:
store: inmemory # 用于ring的后端存储,支持consul、etcd、inmemory
replication_factor: 1 # 写入和读取的ingesters数量,至少为1(为了冗余和弹性,默认情况下为3)
wal:
enabled: true
dir: /data/loki/wal
limits_config:
ingestion_rate_mb: 64
ingestion_burst_size_mb: 128
enforce_metric_name: false
reject_old_samples: true # 旧样品是否会被拒绝
reject_old_samples_max_age: 168h # 拒绝旧样本的最大时限
schema_config: # 配置从特定时间段开始应该使用哪些索引模式
configs:
- from: 2020-10-24 # 创建索引的日期。如果这是唯一的schema_config,则使用过去的日期,否则使用希望切换模式时的日期
store: boltdb-shipper # 索引使用哪个存储,如:cassandra, bigtable, dynamodb,或boltdb
object_store: filesystem # 用于块的存储,如:gcs, s3, inmemory, filesystem, cassandra,如果省略,默认值与store相同
schema: v11
index: # 配置如何更新和存储索引
prefix: index_ # 所有周期表的前缀
period: 24h # 表周期
server:
http_listen_port: 3100
storage_config: # 为索引和块配置一个或多个存储
boltdb_shipper:
active_index_directory: /data/loki/boltdb-shipper-active # 活跃索引目录的位置
cache_location: /data/loki/boltdb-shipper-cache # 缓存索引文件
cache_ttl: 24h
shared_store: filesystem # 存储 Loki 索引文件的共享存储后端
filesystem:
directory: /data/loki/chunks
chunk_store_config: # 配置如何缓存块,以及在将它们保存到存储之前等待多长时间
max_look_back_period: 0s #限制查询数据的时间,默认是禁用的,这个值应该小于或等于table_manager.retention_period中的值
table_manager:
retention_deletes_enabled: true # 日志保留周期开关,用于表保留删除
retention_period: 2520h # 日志保留周期,保留期必须是索引/块的倍数
compactor:
working_directory: /data/loki/boltdb-shipper-compactor
shared_store: filesystem
使用对象存储持久化
AWS S3, Aliyun OSS
使用 Loki的s3模块来设置与Aliyun OSS存储的连接,并在配置文件中指定相应的存储区域和访问密钥等信息
.........
schema_config:
configs:
- from: 2020-10-24
store: boltdb-shipper # 索引存储,使用boltdb并持久化到pvc
object_store: s3 # 块存储,使用aws s3模块访问aliyun oss
schema: v11
index:
prefix: index_
period: 24h
.........
storage_config: # 为索引和块配置一个或多个存储
boltdb_shipper: # Loki 存储层的一部分,它主要负责将从各个 Loki 实例收集到的日志数据写入本地文件系统中的 BoltDB 数据库,并在其中建立索引,以便后续查询时能够快速访问和检索所需的数据
active_index_directory: /data/loki/boltdb-shipper-active # 活跃索引目录的位置
cache_location: /data/loki/boltdb-shipper-cache # 缓存索引文件位置
cache_ttl: 24h
shared_store: s3 # 存储 Loki 索引文件的共享存储后端
aws:
bucketnames: mybucket-dev
endpoint: oss-cn-zhangjiakou.aliyuncs.com
access_key_id: ak
secret_access_key: sk
region: cn-zhangjiakou
#filesystem: # 使用对象存储时需要将该配置注释掉
#directory: /data/loki/chunks
.........
Azure Blob
StorageAccountKey
..........
schema_config:
configs:
- from: 2020-10-24
store: boltdb-shipper
object_store: azure #
schema: v11
index:
prefix: index_
period: 24h
..........
storage_config:
boltdb_shipper:
active_index_directory: /data/loki/boltdb-shipper-active
cache_location: /data/loki/boltdb-shipper-cache
cache_ttl: 24h
shared_store: azure
azure:
account_name: <StorageAccount-Name>
account_key: <StorageAccount-Key>
container_name: <Container-Name>
environment: AzureChinaCloud
#storage_endpoint: https://<storageAccount-Name>.blob.core.chinacloudapi.cn # ChatGPT给的,启动失败,提示没有该配置项
#endpoint_suffix: https://<storageAccount-Name>.blob.core.chinacloudapi.cn # 官方文档给的参数,启动失败,提示没有该配置项
#use_managed_identity: # true/false
#user_assigned_id: # user-assigned-identity-id
..........
扫一扫
3177
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
