166 lines
3.9 KiB
YAML
166 lines
3.9 KiB
YAML
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: metricbeat
|
|
namespace: efk
|
|
labels:
|
|
k8s-app: metricbeat
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
k8s-app: metricbeat
|
|
template:
|
|
metadata:
|
|
labels:
|
|
k8s-app: metricbeat
|
|
spec:
|
|
serviceAccountName: metricbeat
|
|
terminationGracePeriodSeconds: 30
|
|
hostNetwork: true
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
containers:
|
|
- name: metricbeat
|
|
image: docker.elastic.co/beats/metricbeat:8.8.0
|
|
args: [
|
|
"-c", "/etc/metricbeat.yml",
|
|
"-e",
|
|
]
|
|
env:
|
|
- name: ELASTICSEARCH_HOSTS
|
|
value: "http://elasticsearch-0.efk.svc.cluster.local:9200,http://elasticsearch-1.efk.svc.cluster.local:9200,http://elasticsearch-2.efk.svc.cluster.local:9200,http://elasticsearch-3.efk.svc.cluster.local:9200"
|
|
- name: ELASTICSEARCH_USERNAME
|
|
value: "elastic"
|
|
- name: ELASTICSEARCH_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: elasticsearch-secret
|
|
key: elastic_password
|
|
securityContext:
|
|
runAsUser: 0
|
|
resources:
|
|
limits:
|
|
memory: 200Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /etc/metricbeat.yml
|
|
subPath: metricbeat.yml
|
|
readOnly: true
|
|
- name: data
|
|
mountPath: /usr/share/metricbeat/data
|
|
- name: varlibdockercontainers
|
|
mountPath: /var/lib/docker/containers
|
|
readOnly: true
|
|
- name: proc
|
|
mountPath: /hostfs/proc
|
|
readOnly: true
|
|
- name: cgroup
|
|
mountPath: /hostfs/sys/fs/cgroup
|
|
readOnly: true
|
|
volumes:
|
|
- name: config
|
|
configMap:
|
|
defaultMode: 0640
|
|
name: metricbeat-config
|
|
- name: varlibdockercontainers
|
|
hostPath:
|
|
path: /var/lib/docker/containers
|
|
- name: proc
|
|
hostPath:
|
|
path: /proc
|
|
- name: cgroup
|
|
hostPath:
|
|
path: /sys/fs/cgroup
|
|
- name: data
|
|
emptyDir: {}
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: metricbeat-config
|
|
namespace: efk
|
|
data:
|
|
metricbeat.yml: |
|
|
metricbeat.modules:
|
|
- module: system
|
|
metricsets:
|
|
- cpu
|
|
- load
|
|
- memory
|
|
- network
|
|
- process
|
|
- process_summary
|
|
enabled: true
|
|
period: 10s
|
|
processes: ['.*']
|
|
|
|
# X-Pack 监控模块配置
|
|
- module: elasticsearch
|
|
xpack.enabled: true
|
|
metricsets:
|
|
- ccr
|
|
- cluster_stats
|
|
- index
|
|
- index_recovery
|
|
- index_summary
|
|
- node_stats
|
|
- shard
|
|
period: 10s
|
|
hosts: ${ELASTICSEARCH_HOSTS}
|
|
username: "${ELASTICSEARCH_USERNAME}"
|
|
password: "${ELASTICSEARCH_PASSWORD}"
|
|
ssl.certificate_authorities: ["/etc/ssl/certs/ca-certificates.crt"]
|
|
ssl.verification_mode: "certificate"
|
|
|
|
output.elasticsearch:
|
|
hosts:
|
|
- "http://elasticsearch-0.efk.svc.cluster.local:9200"
|
|
- "http://elasticsearch-1.efk.svc.cluster.local:9200"
|
|
- "http://elasticsearch-2.efk.svc.cluster.local:9200"
|
|
- "http://elasticsearch-3.efk.svc.cluster.local:9200"
|
|
username: "${ELASTICSEARCH_USERNAME}"
|
|
password: "${ELASTICSEARCH_PASSWORD}"
|
|
|
|
setup.kibana:
|
|
host: "http://kibana.efk.svc.cluster.local:5601"
|
|
|
|
logging.level: info
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: metricbeat
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources:
|
|
- nodes
|
|
- namespaces
|
|
- events
|
|
- pods
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: metricbeat
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: metricbeat
|
|
namespace: efk
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: metricbeat
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: metricbeat
|
|
namespace: efk
|
|
|