PoC for K8s logging
docker build -f rails-app/Dockerfile -t rails-app:latest ./rails-app
docker build -f fluentd/Dockerfile -t fluentd:latest ./fluentd
kubectl apply -f elasticsearch.yml
kubectl apply -f kibana.yml
kubectl apply -f grafana.yml
kubectl apply -f app.yml
kubectl apply -f fluentd.yml
kubectl apply -f cerebro.yml
kubectl port-forward rails-xxxxxx 8080
kubectl port-forward grafana-xxxxxx 3000
kubectl port-forward kibana-xxxxxx 5601
kubectl port-forward cerebro-xxxxxx 9000
while true; do curl localhost:8080/hello/hi; sleep 1; curl localhost:8080/hello/hello; sleep 2; done
while true; do curl localhost:8080/hello/error; sleep 10; done
If you want to use AES as an Elasticsearch backend to store Rails logs, change FLUENT_ELASTICSEARCH_HOST
and run kubectl apply -f fluentd-for-es-service.yml
instead of kubectl apply -f fluentd.yml
If your AES domain name is taka-test-es
, use the following access policy with JSON Format.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "es:*",
"Resource": "arn:aws:es:ap-northeast-1:214219211678:domain/taka-test-es/*"
}
]
}
To access AES running in development VPC on AWS dev account, run a basion EC2 (e.g. taka-test-001). Then, use portforwarding via the bastion host using sshuttle
.
sshuttle -r taka-test-001.example.com 192.168.0.0/8 --dns