爲何要進行日誌收集?nginx
應用程序跑在集羣中,產生不少的日誌,日誌中包含着程序運行的狀況的紀錄,查看單個機器的日誌過程繁瑣,因此須要統一的日誌管理平臺對日誌進行統一處理,將全部應用程序的日誌收集起來,能夠對日誌進行存儲、歸檔、查詢、狀態判斷。git
例如負載均衡的狀況,nginx下面不少的web服務,若是查看日誌的話須要進入多個tomcat一個一個看麻煩吧。github
1. ELK技術解決方案吧tomcat收集起來web
2. Graylog+mongo+elasticsearch 把日誌收集機器。docker
mongo + elasticsearch+ graylogubuntu
搭建日誌系統tomcat
安裝要求:bash
docker、docker-compose網絡
配置文件:app
docker-compose.yml
some-mongo:
image: "mongo:3"
volumes:
- /opt/graylog/data/mongo:/data/db
some-elasticsearch:
image: "elasticsearch:latest"
command: "elasticsearch -Des.cluster.name='graylog'"
volumes:
- /opt/graylog/data/elasticsearch:/usr/share/elasticsearch/data
graylog:
image: graylog2/server
volumes:
- /opt/graylog/data/journal:/usr/share/graylog/data/journal
- /opt/graylog/config:/usr/share/graylog/data/config
environment:
GRAYLOG_PASSWORD_SECRET: somepasswordpepper
GRAYLOG_ROOT_PASSWORD_SHA2: 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
GRAYLOG_REST_TRANSPORT_URI: http://192.168.30.3:12900
links:
- some-mongo:mongo
- some-elasticsearch:elasticsearch
ports:
- "9000:9000"
- "12900:12900"
- "12201:12201/udp"
- "1514:1514/udp"
#直接下載官方推薦配置文件
wget https://raw.githubusercontent.com/Graylog2/graylog2-images/2.1/docker/config/graylog.conf
#日誌配置文件
wget https://raw.githubusercontent.com/Graylog2/graylog2-images/2.1/docker/config/log4j2.xml
graylog.conf
修改下載完的graylog.conf中的root_timezone爲:
root_timezone =+08:00
log4j2.xml
啓動運行:
docker-compose up
配置graylog:
頁面:http://192.168.30.3:9000
用戶名:admin
密 碼:admin
配置Input
啓動應用程序容器:
docker run -d --name logtest --log-driver=gelf --log-optgelf-address=udp://192.168.30.3:12201 ubuntu /bin/bash -c "while true;doecho hello;sleep 1;done"
往期docker學習: