https://hub.docker.com/r/fluent/fluentd/
https://www.github.com/fluent/fluentd-docker-image
https://hub.docker.com/r/openfirmware/fluentd-elasticsearch/
https://hub.docker.com/r/minimum2scp/fluentd-ui/
应用: base -> 添加服务: fluentd
镜像: fluent/fluentd:latest
环境变量:
FLUENTD_CONF = fluent.conf
卷:
/data/docker/monitor/fluentd/fluent.conf:/fluentd/etc/fluent.conf
/data/file/logs/fluentd:/fluentd/log/
/data/file:/data/file
端口:
tcp-24224-24224
保存ip: 升级或替换 不变
主机名: 使用容器名称
fluentd 收集某个容器日志,可以这样启动容器:
--log-driver=fluentd --log-opt fluentd-address=10.2.3.4:24224 --log-opt tag="docker.{{.Name}}"
安全主机 ->
日志驱动:
fluentd
日志选项:
fluentd-address = file.htmltoo.com:24224
tag = docker.{{.Name}}
===========Alpine version============
apk add --no-cache --update --virtual .build-deps build-base ruby-dev
gem install fluent-plugin-elasticsearch
gem install fluent-plugin-forest
gem install fluent-plugin-typecast
gem install fluent-plugin-secure-forward
gem install fluent-plugin-mongo
gem sources --clear-all
apk del .build-deps
rm -rf /tmp/* /var/tmp/* /usr/lib/ruby/gems/*/cache/*.gem
================code==============
<source>
@type forward
@id input1
@label @mainstream
port 24224
</source>
<filter **>
@type stdout
</filter>
<label @mainstream>
<match docker.**>
@type file
@id output_docker1
path /fluentd/log/docker.*.log
symlink_path /fluentd/log/docker.log
append true
time_slice_format %Y%m%d
time_slice_wait 1m
time_format %Y%m%dT%H%M%S%z
</match>
<match **>
@type file
@id output1
path /fluentd/log/data.*.log
symlink_path /fluentd/log/data.log
append true
time_slice_format %Y%m%d
time_slice_wait 10m
time_format %Y%m%dT%H%M%S%z
</match>
</label>
==========MongoDB=============
<source>
@type forward
@id input1
@label @mainstream
port 24224
</source>
<filter **>
@type stdout
</filter>
<label @mainstream>
<match mongo.**> # plugin type
@type mongo # 引入插件为mongo,使用这个必须要安装fluentd-mongo的插件
# mongodb db + collection
database admin # mongodb的数据库
collection access # 放在哪个集合中
# mongodb host + port
host 105.domsn.com #数据库host
port 27017 # 数据库端口
# authentication
user root
password wdqdmm@m
# for capped collection
capped
capped_size 1024m
# interval
<buffer>
flush_interval 10s #10秒钟刷新读取一次
</buffer> # make sure to include the time key
<inject>
time_key time
</inject>
</match>
</label>
==========elasticsearch============
output plugin 'elasticsearch' 异常:
配置里先注释去除 'elasticsearch',开启后,在添加:
<match *.**>
@type copy
<store>
@type elasticsearch
host elasticsearch
port 9200
logstash_format true
logstash_prefix fluentd
logstash_dateformat %Y%m%d
include_tag_key true
type_name access_log
tag_key @log_name
flush_interval 1s
</store>
<store>
@type stdout
</store>
</match>
===========MongoDB===========
<match mongo.**> # plugin type
@type mongo # 引入插件为mongo,使用这个必须要安装fluentd-mongo的插件
# mongodb db + collection
database docker # mongodb的数据库
collection logs # 放在哪个集合中
# mongodb host + port
host 24.cndo.org #数据库host
port 27017 # 数据库端口
# interval
<buffer>
flush_mode interval
flush_interval 1s #10秒钟刷新读取一次
</buffer>
# make sure to include the time key
<inject>
time_key time
</inject>
</match>
======================
gem sources --add https://gems.ruby-china.com/ --remove https://rubygems.org/
gem sources -a https://ruby.taobao.org/ #这里可以使用taobao的源代替官方的源。
gem sources -l # 确保只有 gems.ruby-china.com
gem update --system # 升级gem版本
gem update # 更新所有
apt-get isntall ruby-dev
gem install fluent-plugin-elasticsearch -v 1.17.0 # 注意版本
gem install fluent-plugin-forest
gem install fluent-plugin-typecast
gem install fluent-plugin-secure-forward
gem install fluent-plugin-mongo
gem install fluent-plugin-influxdb -v "~> 0.3" --no-document # 注意版本
gem install fluent-plugin-influxdb_metrics
https://hub.docker.com/r/fluent/fluent-bit/
https://hub.docker.com/r/fluent/fluentd/
https://fluentbit.io/documentation/current/installation/docker.html
https://www.fluentd.org/plugins
https://github.com/uken/fluent-plugin-elasticsearch
https://abc.htmltoo.com/thread-44939.htm
