SparkStreaming项目实战系列——2.分布式日志收集框架Flume

最新推荐文章于 2024-01-03 08:30:00 发布

陈府才俊

最新推荐文章于 2024-01-03 08:30:00 发布

阅读量380

点赞数

分类专栏： flume spark

本文链接：https://blog.csdn.net/yisuoyanyulou1314/article/details/78934952

版权

spark 同时被 2 个专栏收录

3 篇文章 0 订阅

订阅专栏

flume

1 篇文章 0 订阅

订阅专栏

2.分布式日志收集框架Flume

2.1业务现状分析

使用Hadoop集群和一些分布式框架来处理大量的数据
如何解决我们的日志数据从其他server中移动到Hadoop集群之上？？
- shell cp hadoop集群的机器上，hadoop fs -put … /
- 存在的问题：
- 如何做监控，比如一个机器断了
- 如果采用CP的话，必须指定时间间隔，则会失去时效性
- 文本格式的数据直接通过网络传输，对IO开销特别大
- 容错和负载均衡
引入Flume后，解决以上问题

2.2Flume概述

Flume is a distributed, reliable, and available service for efficiently collecting, aggregating, and moving large amounts of log data. It has a simple and flexible architecture based on streaming data flows. It is robust and fault tolerant with tunable reliability mechanisms and many failover and recovery mechanisms. It uses a simple extensible data model that allows for online analytic application.

Flume官网示意图

从WebServer收集数据到目标HDFS
三大组件：Source，Channel, Sink
设计目标：
- 可靠性
- 扩展性
- 管理性
业界同类产品对比
- Flume: Cloudera/Apache Java
- Scribe: Facebook C/C++ 不再维护
- Chukwa: Yahoo/Apache Java 不再维护
- Kafka:
- Fluentd： Ruby
- Logstash: ELK

2.3Flume发展史

Cloudera 0.9.2 Flume-OG
flume-728 Flume-NG ==> Apache

Flume架构及核心组件

Source:指定数据源从哪里收集
Channel:聚集
Sink:

2.4Flume环境部署

Java1.7+ 本机使用的是java1.8
足够的内存
读写权限
环境安装过程
- Java8下载

    #Java安装：
    1.解压jdk
    tar -zxvf jdk-8u144-linux-x64.tar.gz -C ~/app/

    2.配置系统环境变量到
    vim ~/.bash_profile
    如下：
    export JAVA_HOME=/home/hadoop/app/jdk1.8.0_144
    export PATH=$JAVA_HOME/bin:$PATH

    3.生效配置文件
    source ~/.bash_profile
    java -version

[flume-ng-1.6.0-cdh5.7.0.tar.gz下载

flume-ng-1.6.0-cdh5.7.0.tar.gz安装与配置:

1.解压
tar -zxvf flume-ng-1.6.0-cdh5.7.0.tar.gz -C ~/app

2.配置系统环境变量到
export FLUME_HOME=/home/hadoop/app/apache-flume-1.6.0-cdh5.7.0-bin
export PATH=$FLUME_HOME/bin:$PATH

3.生效配置文件
source ~/.bash_profile

4.配置Flume Conf
cd ~/app/apache-flume-1.6.0-cdh5.7.0-bin/conf
cp flume-env.sh.template flume-env.sh
vim flume-env.sh
加入一行，设置JAVA_HOME
export JAVA_HOME=/home/hadoop/app/jdk1.8.0_144

2.3Flume实战

需求：从指定的网络端口采集数据输出到控制台，参考网站
使用Flume的关键就是写配置文件
- 1.配置Source
- 2.配置Channel
- 3.配置Sink
- 将以上组件串起来

    a1: agent名称
    r1: 数据源的名称
    k1: sink的名称
    c1: channel的名称
    netcat TCP source:会监听某个端口把每一行的数据转换成一个event(Flume数据传输的单元)，相关参数是type,bing绑定主机，port指定的端口
    logger sink:日志event信息通过INFO级别输出，只需要指定一个k1.type
    channel:

    # example.conf: A single-node Flume configuration

    # Name the components on this agent
    a1.sources = r1
    a1.sinks = k1
    a1.channels = c1

    # Describe/configure the source
    a1.sources.r1.type = netcat
    a1.sources.r1.bind = hadoop001
    a1.sources.r1.port = 44444

    # Describe the sink
    a1.sinks.k1.type = logger

    # Use a channel which buffers events in memory
    a1.channels.c1.type = memory
    a1.channels.c1.capacity = 1000
    a1.channels.c1.transactionCapacity = 100

    # Bind the source and sink to the channel
    a1.sources.r1.channels = c1
    a1.sinks.k1.channel = c1

配置完后，进行启动agent

 进入到bin目录执行：
      flume-ng agent \
      -n a1 \
      -c $FLUME_HOME/conf \
      -f $FLUME_HOME/conf/example.conf \
      -Dflume.root.logger=INFO,console

      //监听端口是44444,可以通过开启一个新窗口，通过`telnet hadoop001 44444`发送消息，观察FLume接受到的数据
      ```


      Event: { headers:{} body: 68 65 6C 6C 6F 0D  hello. }
      Event是Flume数据传输的基本单元
      Event= 可选的header+ byte array
    - 13691256985

需求二：监控一个文件实时采集新增的数据输出到控制台
- Agent选型：exec source + memeory channel + logger sink

 # Name the components on this agent
    a1.sources = r1
    a1.sinks = k1
    a1.channels = c1

    # Describe/configure the source
    a1.sources.r1.type = exec
    a1.sources.r1.command = tail -F /home/hadoop/data/data.log
    a1.sources.r1.shell = /bin/sh -C

    # Describe the sink
    a1.sinks.k1.type = logger

    # Use a channel which buffers events in memory
    a1.channels.c1.type = memory
    a1.channels.c1.capacity = 1000
    a1.channels.c1.transactionCapacity = 100

    # Bind the source and sink to the channel
    a1.sources.r1.channels = c1
    a1.sinks.k1.channel = c1

需求二：监控一个文件实时采集新增的数据输出到控制台

    flume-ng agent \
    -n a1 \
    -c $FLUME_HOME/conf \
    -f $FLUME_HOME/conf/exec-memory-logger.conf \
    -Dflume.root.logger=INFO,console

flume的sink数据到hdfs
flume的sink数据到kafka
需求三：将A服务器上的日志采集到B服务器上
- 基本原理：将A服务器上的数据输出Avro sink作为B服务器上的输入Avro source.

      #exec-memory-avro.conf
      # Name the components on this agent
      exec-memory-avro.sources = exec-source
      exec-memory-avro.sinks = avro-sink
      exec-memory-avro.channels = memory-channel

      # Describe/configure the source
      exec-memory-avro.sources.exec-source.type = exec
      exec-memory-avro.sources.exec-source.command = tail -F /home/hadoop/data/data.log
      exec-memory-avro.sources.exec-source.shell = /bin/sh -c

      # Describe the sink
      exec-memory-avro.sinks.avro-sink.type = avro
      exec-memory-avro.sinks.avro-sink.hostname = hadoop001
      exec-memory-avro.sinks.avro-sink.port = 44444

      # Use a channel which buffers events in memory
      exec-memory-avro.channels.memory-channel.type = memory
      exec-memory-avro.channels.memory-channel.capacity = 1000
      exec-memory-avro.channels.memory-channel.transactionCapacity = 100

      # Bind the source and sink to the channel
      exec-memory-avro.sources.exec-source.channels = memory-channel
      exec-memory-avro.sinks.avro-sink.channel = memory-channel

      ----------------------------------------------------------------------------------
      #avro-memory-logger.conf

      # Name the components on this agent
      avro-memory-logger.sources = avro-source
      avro-memory-logger.sinks = logger-sink
      avro-memory-logger.channels = memory-channel

      # Describe/configure the source
      avro-memory-logger.sources.avro-source.type = avro
      avro-memory-logger.sources.avro-source.bind = hadoop001
      avro-memory-logger.sources.avro-source.port = 44445

      # Describe the sink
      avro-memory-logger.sinks.logger-sink.type = logger

      # Use a channel which buffers events in memory
      avro-memory-logger.channels.memory-channel.type = memory
      avro-memory-logger.channels.memory-channel.capacity = 1000
      avro-memory-logger.channels.memory-channel.transactionCapacity = 100

      # Bind the source and sink to the channel
      avro-memory-logger.sources.avro-source.channels = memory-channel
      avro-memory-logger.sinks.logger-sink.channel = memory-channel

* 执行

      先启动avro-memory-logger
      flume-ng agent \
      -n avro-memory-logger \
      -c $FLUME_HOME/conf \
      -f $FLUME_HOME/conf/avro-memory-logger.conf \
      -Dflume.root.logger=INFO,console
      ```


      再启动exec-memory-avro.conf
      flume-ng agent \
      -n exec-memory-avro \
      -c $FLUME_HOME/conf \
      -f $FLUME_HOME/conf/exec-memory-avro.conf \
      -Dflume.root.logger=INFO,console


      往data.log中写数据，观察输出
      echo heheheehehe4 >>  data.log 

      结果如下：
      2017-12-29 12:33:31,925 (SinkRunner-PollingRunner-DefaultSinkProcessor) [INFO - org.apache.flume.sink.LoggerSink.process(LoggerSink.java:94)] Event: { headers:{} body: 68 65 68 65 68 65 65 68 65 68 65 34             heheheehehe4 }