Skip to content

Commit

Permalink
fix log sidecar container docs (#189)
Browse files Browse the repository at this point in the history 
Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>
  • Loading branch information
@zmberg
zmberg committed Jun 20, 2024
1 parent a8dac79 commit a2cb8b1
Show file tree
Hide file tree
Showing 16 changed files with 548 additions and 476 deletions.
65 changes: 34 additions & 31 deletions docs/best-practices/log-container-sidecarset.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,21 +15,25 @@ EFK (ElasticSearch, FileBeat, Kibana) is a very popular and widely used log coll
### K8S Sidecar Model Disadvantage
As shown above, the FileBeat container is deployed in Sidecar mode in the same Pod as the business app container, and the logs are collected and uploaded to ElasticSearch by means of a shared volume, configuration as follows:
```yaml
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# Share log directory with filebeat sidecar container via volumeMount
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
apiVersion: v1
kind: Pod
metadata:
name: test-pod
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# Share log directory with filebeat sidecar container via volumeMount
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
emptyDir: {}
```

Expand Down Expand Up @@ -91,22 +95,19 @@ metadata:
name: filebeat-sidecarset
spec:
selector:
# Pod labels that need to be injected into the sidecar container
matchLabels:
kruise.io/inject-filebeat: "true"
# sidecarSet is effective for the whole cluster by default, you can specify the scope of the effect through the namespace field
#namespace: ns-xxx
containers:
- args:
- -c
- /etc/filebeat.yml
- -e
- -E
- http.enabled=true
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
fieldPath: metadata.namespace
image: docker.elastic.co/beats/filebeat:7.16.2
livenessProbe:
exec:
Expand All @@ -133,17 +134,19 @@ spec:
cpu: 100m
memory: 100Mi
volumeMounts:
- mountPath: /usr/share/filebeat
- name: config
mountPath: /etc/filebeat.yml
readOnly: true
subPath: filebeat.yml
- name: varlog
mountPath: /var/log
readOnly: true
volumes:
- name: config
configMap:
name: filebeat-config
# Share log directory with app container via volumeMount
- mountPath: /var/log
name: log
volumes:
- configMap:
name: filebeat-config
name: filebeat-config
- name: log
emptyDir: {}
- name: varlog
emptyDir: {}
```
**For the scenario where machine resources are not sufficient, in order to reduce Pod resource requests, you can set sidecar container request.cpu=0. In this case, the Qos of Pod will be [Burstable](https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-burstable).**

Expand Down
62 changes: 34 additions & 28 deletions ...cusaurus-plugin-content-docs/current/best-practices/log-container-sidecarset.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,25 @@ EFK(ElasticSearch, FileBeat, Kibana)是社区非常流行的、使用非常
### K8S Sidecar模式弊端
如上图所示,FileBeat容器以Sidecar模式与业务app容器部署在同一个Pod内,通过共享volume的方式采集日志上传到ElasticSearch,配置如下:
```yaml
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# 通过 volumeMounts 与filebeat sidecar容器共享 log 目录
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
apiVersion: v1
kind: Pod
metadata:
name: test-pod
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# 通过 volumeMounts 与filebeat sidecar容器共享 log 目录
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
emptyDir: {}
```

Expand Down Expand Up @@ -94,15 +98,15 @@ spec:
#namespace: ns-xxx
containers:
- args:
- -c
- /etc/filebeat.yml
- -e
- -E
- http.enabled=true
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
fieldPath: metadata.namespace
image: docker.elastic.co/beats/filebeat:7.16.2
livenessProbe:
exec:
Expand All @@ -129,17 +133,19 @@ spec:
cpu: 100m
memory: 100Mi
volumeMounts:
- mountPath: /usr/share/filebeat
- name: config
mountPath: /etc/filebeat.yml
readOnly: true
subPath: filebeat.yml
- name: varlog
mountPath: /var/log
readOnly: true
volumes:
- configMap:
name: filebeat-config
# 通过 volumeMounts 与业务容器共享 log 目录
- mountPath: /var/log
name: log
volumes:
- configMap:
name: filebeat-config
name: filebeat-config
- name: log
emptyDir: {}
name: config
- name: varlog
emptyDir: {}
```
**针对机器资源不太充足的场景,为减少Pod资源的申请,可以将sidecar container request.cpu=0,此种情况下Pod的Qos将会是 [Burstable](https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-burstable)**

Expand Down
62 changes: 34 additions & 28 deletions ...rus-plugin-content-docs/version-v1.0/best-practices/log-container-sidecarset.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,25 @@ EFK(ElasticSearch, FileBeat, Kibana)是社区非常流行的、使用非常
### K8S Sidecar模式弊端
如上图所示,FileBeat容器以Sidecar模式与业务app容器部署在同一个Pod内,通过共享volume的方式采集日志上传到ElasticSearch,配置如下:
```yaml
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# 通过 volumeMounts 与filebeat sidecar容器共享 log 目录
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
apiVersion: v1
kind: Pod
metadata:
name: test-pod
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# 通过 volumeMounts 与filebeat sidecar容器共享 log 目录
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
emptyDir: {}
```

Expand Down Expand Up @@ -94,15 +98,15 @@ spec:
#namespace: ns-xxx
containers:
- args:
- -c
- /etc/filebeat.yml
- -e
- -E
- http.enabled=true
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
fieldPath: metadata.namespace
image: docker.elastic.co/beats/filebeat:7.16.2
livenessProbe:
exec:
Expand All @@ -129,17 +133,19 @@ spec:
cpu: 100m
memory: 100Mi
volumeMounts:
- mountPath: /usr/share/filebeat
- name: config
mountPath: /etc/filebeat.yml
readOnly: true
subPath: filebeat.yml
- name: varlog
mountPath: /var/log
readOnly: true
volumes:
- configMap:
name: filebeat-config
# 通过 volumeMounts 与业务容器共享 log 目录
- mountPath: /var/log
name: log
volumes:
- configMap:
name: filebeat-config
name: filebeat-config
- name: log
emptyDir: {}
name: config
- name: varlog
emptyDir: {}
```
**针对机器资源不太充足的场景,为减少Pod资源的申请,可以将sidecar container request.cpu=0,此种情况下Pod的Qos将会是 [Burstable](https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-burstable)**

Expand Down
62 changes: 34 additions & 28 deletions ...rus-plugin-content-docs/version-v1.1/best-practices/log-container-sidecarset.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,25 @@ EFK(ElasticSearch, FileBeat, Kibana)是社区非常流行的、使用非常
### K8S Sidecar模式弊端
如上图所示,FileBeat容器以Sidecar模式与业务app容器部署在同一个Pod内,通过共享volume的方式采集日志上传到ElasticSearch,配置如下:
```yaml
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# 通过 volumeMounts 与filebeat sidecar容器共享 log 目录
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
apiVersion: v1
kind: Pod
metadata:
name: test-pod
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
# 通过 volumeMounts 与filebeat sidecar容器共享 log 目录
- mountPath: /var/log/nginx
name: log
- name: filebeat
image: docker.elastic.co/beats/filebeat:7.16.2
volumeMounts:
- mountPath: /var/log/nginx
name: log
volumes:
- name: log
emptyDir: {}
```

Expand Down Expand Up @@ -94,15 +98,15 @@ spec:
#namespace: ns-xxx
containers:
- args:
- -c
- /etc/filebeat.yml
- -e
- -E
- http.enabled=true
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
fieldPath: metadata.namespace
image: docker.elastic.co/beats/filebeat:7.16.2
livenessProbe:
exec:
Expand All @@ -129,17 +133,19 @@ spec:
cpu: 100m
memory: 100Mi
volumeMounts:
- mountPath: /usr/share/filebeat
- name: config
mountPath: /etc/filebeat.yml
readOnly: true
subPath: filebeat.yml
- name: varlog
mountPath: /var/log
readOnly: true
volumes:
- configMap:
name: filebeat-config
# 通过 volumeMounts 与业务容器共享 log 目录
- mountPath: /var/log
name: log
volumes:
- configMap:
name: filebeat-config
name: filebeat-config
- name: log
emptyDir: {}
name: config
- name: varlog
emptyDir: {}
```
**针对机器资源不太充足的场景,为减少Pod资源的申请,可以将sidecar container request.cpu=0,此种情况下Pod的Qos将会是 [Burstable](https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-burstable)**

Expand Down

0 comments on commit a2cb8b1

Please sign in to comment.