0

我想模拟laravel日志记录到EFK系统服务器
基于此,我建立了两个容器。laravel 项目的容器之一。其他是EFK系统容器

流程图

但 EFK 的 fluentd 没有捕捉到任何数据或事件

我的容器的组成:

version: '3'
services:
  nginx:
    image: nginx:latest
    ports:
      - 8010:80
    volumes:
      - ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf:delegated
      - ./server:/var/www/:delegated
    depends_on:
      - php
      - fluentd
    logging:
      driver: "fluentd"
      options:
        fluentd-address: fluentd:24225
        fluentd-async-connect: 'true'
        fluentd-retry-wait: '1s'
        fluentd-max-retries: '30'
        tag: fubo.logger

  php:
    container_name: php-laravel
    build: ./php
    volumes:
      - ./server:/var/www/:delegated

  db:
    build: ./mysql
    volumes:
      - ./mysql/data/:/var/lib/mysql
    ports:
      - 3306:3306

  phpmyadmin:
    image: phpmyadmin/phpmyadmin:latest
    ports:
      - 8811:80
    depends_on:
      - db

  fluentd:
    build: ./fluentd
    volumes:
      - ./fluentd/conf:/fluentd/etc
    ports:
      - "24225:24224"
      - "24225:24224/udp"
    networks:
      - docker-efk_efk_network
networks:
  docker-efk_efk_network:
    external: true

我的容器的 fluent.conf:

<source>
  @type tail
  path /etc/logs/laravel.log
  pos_file /etc/logs/laravel.log.pos
  tag docker.space
  <parse>
    @type json
  </parse>
</source>

<match *.**>
  @type forward
  send_timeout 60s
  recover_wait 10s
  hard_timeout 60s

  <server>
    name dockerSpace
    host docker-efk-fluentd-1
    port 24224
    weight 60
  </server>
</match>

EFK的容器组成:

version: '3'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.15.1
    container_name: elasticsearch
    restart: unless-stopped
    environment:
      - discovery.type=single-node
      - xpack.security.enabled=false
    ports:
      - 9200:9200

  kibana:
    image: docker.elastic.co/kibana/kibana:7.15.1
    container_name: kibana
    restart: unless-stopped
    environment:
      - ELASTICSEARCH_HOSTS=http://elasticsearch:9200
      - I18N_LOCALE=zh-tw
    ports:
      - 5601:5601
    links:
      - elasticsearch

  fluentd:
    build: ./fluentd
    volumes:
      - ./fluentd/conf/:/fluentd/etc/
    links:
      - elasticsearch
    ports:
      - "24224:24224"
      - "24224:24224/udp"
    networks:
      - efk_network
networks:
  efk_network:
    driver: bridge

EFK的容器fluent.conf:


<source>
  @type forward
  port 24225
  bind docker-space_fluentd_1
</source>

<match *.**>
  @type copy

  <store>
    @type elasticsearch
    host elasticsearch
    port 9200
    logstash_format true
    logstash_prefix fluentd
    logstash_dateformat %Y%m%d
    include_tag_key true
    type_name access_log
    tag_key @log_name
    flush_interval 1s
  </store>

  <store>
    @type stdout
  </store>
</match>

这是我的容器网络列表:

姓名 司机 范围
docker-efk_default 当地的
docker-efk_efk_network 当地的
docker-space_default 当地的

我的理解有什么问题?

4

1 回答 1

0

有两步要做:

首先,确保两个容器已相互连接。更多细节可以看这个。
如何通过网络链接多个 docker-compose 服务

二、修改EFK容器的fluentd配置:

<source>
  @type forward
  bind 0.0.0.0
  port 24224
</source>

<match *.**>
  @type copy

  <store>
    @type elasticsearch
    host elasticsearch
    port 9200
    logstash_format true
    logstash_prefix fluentd
    logstash_dateformat %Y%m%d
    include_tag_key true
    type_name access_log
    tag_key @log_name
    flush_interval 1s
  </store>

  <store>
    @type stdout
  </store>
</match>

而且......这是工作。 在此处输入图像描述

于 2022-02-21T08:41:29.797 回答