[Elastic] 利用 Filebeat 來收集與解析 Kubernetes nginx ingress logs Posted on 2020-06-14 Edited on 2020-11-19 In Elastic Views: Disqus: Symbols count in article: 440 Reading time ≈ 1 mins. 前言最近在配置 Filebeat 在 Kubernetes 上解析 nginx-ingress logs 時遇到了一些困難,主要是 autodiscover 與 hints 部份在新舊版本上有些差異,這邊將我最後測試成功的配置給記錄下來 環境 GKE Container-Optimized OS Filebeat: 7.7.1 ElasticSearch: 7.7.1 Kubernetes/ingress-nginx: 0.32.0 配置helm chart: elastic/filebeat1234567891011121314filebeatConfig: filebeat.yml: | filebeat.autodiscover: providers: - type: kubernetes hints.enabled: true hints.default_config.enabled: false output.elasticsearch: host: '${NODE_NAME}' hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' protocol: http username: '${ELASTICSEARCH_USERNAME}' password: '${ELASTICSEARCH_PASSWORD}' helm chart: ingress-nginx/ingress-nginx1234567## Annotations to be added to controller pods##podAnnotations: co.elastic.logs/enabled: "true" co.elastic.logs/module: "nginx" co.elastic.logs/fileset.stdout: "ingress_controller" co.elastic.logs/fileset.stderr: "error" 參考資料 Error extracting container id - source value does not contain matcher’s logs_path ‘/var/lib/docker/containers/‘ Problem to update to filebeat 7.7.0 and parser nginx-ingress-controller on Kubernetes Related Posts [Kubernetes] 在 GKE 上同時啟用 internal 與 external 兩種 nginx ingress controller [踩坑] fluentd daemonset failed to flush the buffer [除錯] Fluentd UDP Log 掉包問題分析 作者: Relk Li 文章連結: https://blog.downager.com/2020/06/14/Elastic-利用-Filebeat-來收集與解析-Kubernetes-nginx-ingress-logs/ 版權聲明: 本網誌所有文章除特別聲明外,均採用 BY-NC-SA 許可協議。轉載請註明出處! Welcome to my other publishing channels Twitter Telegram RSS