Fluentd
構築の方針
syslog に出力されたメッセージを必要に応じてメール送信したい
td-agent ではなく、Ruby Gem から Fluentd をインストール
Fluentd をサービス化する
基本的なインストール手順は Install by Ruby Gem - Fluentd に記載
構築前の準備
ファイルディスクリプタの最大値を増やす
状況確認
root@ubuntu:~# ulimit -n 10241024 と表示されたら、/etc/security/limits.conf を修正
/etc/security/limits.conf の中身
# /etc/security/limits.conf # #Each line describes a limit for a user in the form: # #<domain> <type> <item> <value> # #Where: #<domain> can be: # - a user name # - a group name, with @group syntax # - the wildcard *, for default entry # - the wildcard %, can be also used with %group syntax, # for maxlogin limit # - NOTE: group and wildcard limits are not applied to root. # To apply a limit to the root user, <domain> must be # the literal username root. # #<type> can have the two values: # - "soft" for enforcing the soft limits # - "hard" for enforcing hard limits # #<item> can be one of the following: # - core - limits the core file size (KB) # - data - max data size (KB) # - fsize - maximum filesize (KB) # - memlock - max locked-in-memory address space (KB) # - nofile - max number of open file descriptors # - rss - max resident set size (KB) # - stack - max stack size (KB) # - cpu - max CPU time (MIN) # - nproc - max number of processes # - as - address space limit (KB) # - maxlogins - max number of logins for this user # - maxsyslogins - max number of logins on the system # - priority - the priority to run user process with # - locks - max number of file locks the user can hold # - sigpending - max number of pending signals # - msgqueue - max memory used by POSIX message queues (bytes) # - nice - max nice priority allowed to raise to values: [-20, 19] # - rtprio - max realtime priority # - chroot - change root to directory (Debian-specific) # #<domain> <type> <item> <value> # #* soft core 0 #root hard core 100000 #* hard rss 10000 #@student hard nproc 20 #@faculty soft nproc 20 #@faculty hard nproc 50 #ftp hard nproc 0 #ftp - chroot /ftp #@student - maxlogins 4 # End of file
/etc/security/limits.conf を修正(抜粋)
# End of file の前に追加
vi /etc/security/limits.conf
#<domain> <type> <item> <value> root soft nofile 65536 root hard nofile 65536 * soft nofile 65536 * hard nofile 65536
再起動
reboot
変更の確認
root@ubuntu:~# ulimit -n 65536
ruby, ruby-dev, gcc, make をインストール
リポジトリ一覧を更新
root@ubuntu:~# apt update Hit:1 http://jp.archive.ubuntu.com/ubuntu disco InRelease Get:2 http://jp.archive.ubuntu.com/ubuntu disco-updates InRelease [97.5 kB] Get:3 http://jp.archive.ubuntu.com/ubuntu disco-backports InRelease [88.8 kB] Get:4 http://jp.archive.ubuntu.com/ubuntu disco-security InRelease [97.5 kB] Get:5 http://jp.archive.ubuntu.com/ubuntu disco-updates/main amd64 Packages [301 kB] ~~~ 途中省略 ~~~ Get:14 http://jp.archive.ubuntu.com/ubuntu disco-security/main Translation-en [80.3 kB] Get:15 http://jp.archive.ubuntu.com/ubuntu disco-security/main amd64 c-n-f Metadata [4,984 B] Get:16 http://jp.archive.ubuntu.com/ubuntu disco-security/universe amd64 Packages [261 kB] Get:17 http://jp.archive.ubuntu.com/ubuntu disco-security/universe Translation-en [77.1 kB] Get:18 http://jp.archive.ubuntu.com/ubuntu disco-security/universe amd64 c-n-f Metadata [6,512 B] Fetched 1,798 kB in 1s (1,776 kB/s) Reading package lists... Done
パッケージをインストール
root@ubuntu:~# apt-get install -y ruby ruby-dev gcc make Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: binutils binutils-common binutils-x86-64-linux-gnu cpp cpp-8 fonts-lato gcc-8 gcc-8-base javascript-common libasan5 libatomic1 libbinutils libc-dev-bin libc6-dev libcc1-0 libgcc-8-dev libgmp-dev libgmpxx4ldbl libgomp1 libisl19 libitm1 libjs-jquery liblsan0 libmpc3 libmpx2 libquadmath0 libruby2.5 libtsan0 libubsan1 linux-libc-dev manpages-dev rake ruby-did-you-mean ruby-minitest ruby-net-telnet ruby-power-assert ruby-test-unit ruby-xmlrpc ruby2.5 ruby2.5-dev ruby2.5-doc rubygems-integration unzip zip Suggested packages: binutils-doc cpp-doc gcc-8-locales gcc-multilib autoconf automake libtool flex bison gdb gcc-doc gcc-8-multilib gcc-8-doc libgcc1-dbg libgomp1-dbg libitm1-dbg libatomic1-dbg libasan5-dbg liblsan0-dbg libtsan0-dbg libubsan1-dbg libmpx2-dbg libquadmath0-dbg apache2 | lighttpd | httpd glibc-doc gmp-doc libgmp10-doc libmpfr-dev make-doc ri bundler The following NEW packages will be installed: binutils binutils-common binutils-x86-64-linux-gnu cpp cpp-8 fonts-lato gcc gcc-8 gcc-8-base javascript-common libasan5 libatomic1 libbinutils libc-dev-bin libc6-dev libcc1-0 libgcc-8-dev libgmp-dev libgmpxx4ldbl libgomp1 libisl19 libitm1 libjs-jquery liblsan0 libmpc3 libmpx2 libquadmath0 libruby2.5 libtsan0 libubsan1 linux-libc-dev make manpages-dev rake ruby ruby-dev ruby-did-you-mean ruby-minitest ruby-net-telnet ruby-power-assert ruby-test-unit ruby-xmlrpc ruby2.5 ruby2.5-dev ruby2.5-doc rubygems-integration unzip zip 0 upgraded, 48 newly installed, 0 to remove and 13 not upgraded. Need to get 40.5 MB of archives. After this operation, 172 MB of additional disk space will be used. Get:1 http://jp.archive.ubuntu.com/ubuntu disco/main amd64 fonts-lato all 2.0-2 [2,698 kB] Get:2 http://jp.archive.ubuntu.com/ubuntu disco/main amd64 binutils-common amd64 2.32-7ubuntu4 [200 kB] Get:3 http://jp.archive.ubuntu.com/ubuntu disco/main amd64 libbinutils amd64 2.32-7ubuntu4 [468 kB] Get:4 http://jp.archive.ubuntu.com/ubuntu disco/main amd64 binutils-x86-64-linux-gnu amd64 2.32-7ubuntu4 [1,852 kB] Get:5 http://jp.archive.ubuntu.com/ubuntu disco/main amd64 binutils amd64 2.32-7ubuntu4 [3,384 B] ~~~ 途中省略 ~~~ Fetched 40.5 MB in 1s (50.4 MB/s) Extracting templates from packages: 100% Selecting previously unselected package fonts-lato. (Reading database ... 67344 files and directories currently installed.) Preparing to unpack .../00-fonts-lato_2.0-2_all.deb ... Unpacking fonts-lato (2.0-2) ... Selecting previously unselected package binutils-common:amd64. Preparing to unpack .../01-binutils-common_2.32-7ubuntu4_amd64.deb ... Unpacking binutils-common:amd64 (2.32-7ubuntu4) ... ~~~ 途中省略 ~~~ Setting up javascript-common (11) ... Setting up manpages-dev (4.16-1) ... Setting up fonts-lato (2.0-2) ... Setting up ruby-power-assert (1.1.1-1) ... Setting up unzip (6.0-22ubuntu1) ... ~~~ 途中省略 ~~~ Setting up ruby2.5-dev:amd64 (2.5.5-1ubuntu1) ... Setting up ruby2.5 (2.5.5-1ubuntu1) ... Setting up ruby-dev:amd64 (1:2.5.1) ... Setting up ruby (1:2.5.1) ... Setting up rake (12.3.1-3) ... Processing triggers for mime-support (3.60ubuntu1) ... Processing triggers for libc-bin (2.29-0ubuntu2) ... Processing triggers for man-db (2.8.5-2) ...
Fluentd のインストール
インストール
root@ubuntu:~# export GEM_HOME=${HOME}/.gem/ruby
root@ubuntu:~# export PATH=${HOME}/.gem/ruby/bin:$PATH
root@ubuntu:~# gem install fluentd -v 1.7.3
Building native extensions. This could take a while...
Successfully installed msgpack-1.3.1
Fetching: yajl-ruby-1.4.1.gem (100%)
Building native extensions. This could take a while...
Successfully installed yajl-ruby-1.4.1
~~~ 途中省略 ~~~
Installing ri documentation for strptime-0.2.3
Parsing documentation for dig_rb-1.0.1
Installing ri documentation for dig_rb-1.0.1
Parsing documentation for fluentd-1.7.3
Installing ri documentation for fluentd-1.7.3
Done installing documentation for msgpack, yajl-ruby, cool.io, sigdump, serverengine, http_parser.rb, concurrent-ruby, tzinfo, tzinfo-data, strptime, dig_rb, fluentd after 13 seconds
12 gems installed
インストール確認
root@ubuntu:~# gem list fluentd *** LOCAL GEMS *** fluentd (1.7.3)
動作確認
root@ubuntu:~# fluentd --setup ./fluent
Installed ./fluent/fluent.conf.
root@ubuntu:~# fluentd -c ./fluent/fluent.conf -vv&
root@ubuntu:~# echo '{"json":"message"}' | fluent-cat debug.test
root@ubuntu:~# pkill -f fluentd
connect failed: Connection refused - connect(2) for "127.0.0.1" port 24224
2019-10-21 17:52:34 +0900 [info]: fluent/log.rb:322:info: parsing config file is succeeded path="./fluent/fluent.conf"
2019-10-21 17:52:34 +0900 [trace]: fluent/log.rb:281:trace: registered output plugin 'stdout'
2019-10-21 17:52:34 +0900 [trace]: fluent/log.rb:281:trace: registered buffer plugin 'memory'
2019-10-21 17:52:34 +0900 [trace]: fluent/log.rb:281:trace: registered formatter plugin 'stdout'
2019-10-21 17:52:34 +0900 [trace]: fluent/log.rb:281:trace: registered formatter plugin 'json'
~~~ 途中省略 ~~~
2019-10-21 17:52:34 +0900 [info]: fluent/log.rb:322:info: using configuration file: <ROOT>
<source>
@type forward
@id forward_input
</source>
<source>
@type http
@id http_input
port 8888
</source>
<source>
@type monitor_agent
@id monitor_agent_input
port 24220
</source>
<source>
@type debug_agent
@id debug_agent_input
bind "127.0.0.1"
port 24230
</source>
<match debug.**>
@type stdout
@id stdout_output
</match>
<match system.**>
@type forward
@id forward_output
<server>
host "192.168.0.11"
</server>
<secondary>
<server>
host "192.168.0.12"
</server>
</secondary>
</match>
</ROOT>
2019-10-21 17:52:34 +0900 [info]: fluent/log.rb:322:info: starting fluentd-1.7.3 pid=6745 ruby="2.5.5"
2019-10-21 17:52:34 +0900 [info]: fluent/log.rb:322:info: spawn command to main: cmdline=["/usr/bin/ruby2.5", "-Eascii-8bit:ascii-8bit", "/root/.gem/ruby/bin/fluentd", "-c", "./fluent/fluent.conf", "-vv", "--under-supervisor"]
2019-10-21 17:52:34 +0900 [info]: fluent/log.rb:322:info: gem 'fluentd' version '1.7.3'
2019-10-21 17:52:34 +0900 [info]: fluent/log.rb:322:info: adding match pattern="debug.**" type="stdout"
2019-10-21 17:52:34 +0900 [trace]: #0 fluent/log.rb:281:trace: registered output plugin 'stdout'
~~~ 途中省略 ~~~
2019-10-21 17:52:36 +0900 [trace]: #0 [forward_input] connected fluent socket addr="127.0.0.1" port=36556
2019-10-21 17:52:36 +0900 [trace]: #0 [forward_input] accepted fluent socket addr="127.0.0.1" port=36556
2019-10-21 17:52:34.333258285 +0900 debug.test: {"json":"message"}
2019-10-21 17:52:36 +0900 [debug]: #0 fluent/log.rb:302:debug: fluentd main process get SIGTERM
2019-10-21 17:52:36 +0900 [debug]: #0 fluent/log.rb:302:debug: getting start to shutdown main process
~~~ 途中省略 ~~~
2019-10-21 17:52:40 +0900 [debug]: #0 fluent/log.rb:302:debug: calling terminate on input plugin type=:monitor_agent plugin_id="monitor_agent_input"
2019-10-21 17:52:40 +0900 [debug]: #0 fluent/log.rb:302:debug: calling terminate on input plugin type=:debug_agent plugin_id="debug_agent_input"
2019-10-21 17:52:40 +0900 [debug]: #0 fluent/log.rb:302:debug: calling terminate on output plugin type=:stdout plugin_id="stdout_output"
2019-10-21 17:52:40 +0900 [debug]: #0 fluent/log.rb:302:debug: calling terminate on output plugin type=:forward plugin_id="forward_output"
2019-10-21 17:52:40 +0900 [info]: fluent/log.rb:322:info: Worker 0 finished with status 0
debug.test: {“json”:“message”} が表示されていること
Fluentd のサービス化
サービス化にあたり
| Fluentd 本体 | /usr/local/bin/fluentd |
| 設定ファイル | /etc/fluentd/fluentd.conf |
| ログファイル | /var/log/fluentd |
| プロセス識別ファイル | /run/fluentd.pid |
| サービスユニットファイル | /usr/lib/systemd/system/fluentd.service |
| ログローテートファイル | /etc/logrotate.d/fluentd |
サービスの設定
事前準備
root@ubuntu:~# mkdir /etc/fluentd root@ubuntu:~# fluentd --setup /etc/fluentd Installed /etc/fluentd/fluent.conf. root@ubuntu:~# mv /etc/fluentd/fluent.conf /etc/fluentd/fluentd.conf root@ubuntu:~# touch /var/log/fluentd
/usr/lib/systemd/system/fluentd.service を作成
vi /usr/lib/systemd/system/fluentd.service
[Unit]
Description=Fluentd: Open Source Data Collector.
Documentation=https://www.fluentd.org/
After=network-online.target
Wants=network-online.target
[Service]
User=root
Group=root
LimitNOFILE=65536
Environment=GEM_HOME=/var/lib/gems/2.5.0/
Environment=GEM_PATH=/var/lib/gems/2.5.0
Environment=FLUENT_CONF=/etc/fluentd/fluentd.conf
Environment=BIN_ARGS="--log /var/log/fluentd --daemon /run/fluentd.pid"
PIDFile=/run/fluentd.pid
Type=forking
ExecStart=/usr/local/bin/fluentd $BIN_ARGS
ExecStop=/bin/kill -TERM ${MAINPID}
ExecReload=/bin/kill -HUP ${MAINPID}
Restart=always
TimeoutStopSec=120
[Install]
WantedBy=multi-user.target
パスやバージョンなどは、環境に合わせて変更のこと
起動確認
root@ubuntu:~# systemctl daemon-reload
root@ubuntu:~# systemctl start fluentd
root@ubuntu:~# systemctl status fluentd
● fluentd.service - Fluentd: Open Source Data Collector.
Loaded: loaded (/lib/systemd/system/fluentd.service; disabled; vendor preset: enabled)
Active: active (running) since Tue 2019-10-22 12:44:39 JST; 4s ago
Docs: https://www.fluentd.org/
Process: 21272 ExecStart=/usr/local/bin/fluentd $BIN_ARGS (code=exited, status=0/SUCCESS)
Main PID: 21288 (fluentd)
Tasks: 8 (limit: 4535)
Memory: 45.6M
CGroup: /system.slice/fluentd.service
tq21288 /usr/bin/ruby2.5 /usr/local/bin/fluentd --log /var/log/fluentd --daemon /run/fluentd.pid
mq21293 /usr/bin/ruby2.5 -Eascii-8bit:ascii-8bit /usr/local/bin/fluentd --log /var/log/fluentd --daemon /run/fluentd.
Oct 22 12:44:39 ubuntu systemd[1]: Starting Fluentd: Open Source Data Collector....
Oct 22 12:44:39 ubuntu systemd[1]: Started Fluentd: Open Source Data Collector..
サービス化の設定
root@ubuntu:~# systemctl is-enabled fluentd disabled root@ubuntu:~# systemctl enable fluentd Created symlink /etc/systemd/system/multi-user.target.wants/fluentd.service → /lib/systemd/system/fluentd.service. root@ubuntu:~# systemctl is-enabled fluentd enabled
再起動
reboot
サービスの起動確認
root@ubuntu:~# systemctl status fluentd
● fluentd.service - Fluentd: Open Source Data Collector.
Loaded: loaded (/lib/systemd/system/fluentd.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2019-10-22 12:49:35 JST; 2min 14s ago
Docs: https://www.fluentd.org/
Process: 690 ExecStart=/usr/local/bin/fluentd $BIN_ARGS (code=exited, status=0/SUCCESS)
Main PID: 828 (fluentd)
Tasks: 8 (limit: 4535)
Memory: 59.3M
CGroup: /system.slice/fluentd.service
tq828 /usr/bin/ruby2.5 /usr/local/bin/fluentd --log /var/log/fluentd --daemon /run/fluentd.pid
mq833 /usr/bin/ruby2.5 -Eascii-8bit:ascii-8bit /usr/local/bin/fluentd --log /var/log/fluentd --daemon /run/fluentd.pi
Oct 22 12:49:29 ubuntu systemd[1]: Starting Fluentd: Open Source Data Collector....
Oct 22 12:49:35 ubuntu systemd[1]: Started Fluentd: Open Source Data Collector..
再起動後に Fluentd が起動していることenabled が表示されていること
fluentd.conf がデフォルトなので、正しく動作しないことがあるかも
ログローテートの設定
設定方針は logrotate の設定 を参照
/etc/logrotate.d/fluentd を作成
vi /etc/logrotate.d/fluentd
/var/log/fluentd
{
rotate 366
daily
missingok
notifempty
nocompress
dateext
dateformat _%Y%m%d-%H%M%S
olddir /var/log/archives
sharedscripts
postrotate
pid=/run/fluentd.pid
test -s $pid && kill -USR1 "$(cat $pid)"
endscript
}
設定は、方針や環境に合わせて変更のこと
設定の反映
/usr/sbin/logrotate /etc/logrotate.conf
- linux/infra/fluentd
- 最終更新: 2019/11/04
- (外部編集)
コメント