ãã°ã¯ã·ã¹ãã ã®éèŠãªéšåã§ãããæåŸ ã©ããã«åäœããŠãã (ãŸãã¯åäœããŠããªã) ããšãç解ããã®ã«åœ¹ç«ã¡ãŸãã ãã€ã¯ããµãŒãã¹ ã¢ãŒããã¯ãã£ã§ã¯ããã°ã®æäœã¯ç¹å¥ãªãªãªã³ããã¯ã®å¥ã®åéã«ãªããŸãã 倧éã®è³ªåãäžåºŠã«è§£æ±ºããå¿ èŠããããŸãã
- ã¢ããªã±ãŒã·ã§ã³ãããã°ãæžã蟌ãæ¹æ³ã
- ãã°ãã©ãã«æžã蟌ããã
- ä¿åããã³åŠçã®ããã«ãã°ãé ä¿¡ããæ¹æ³ã
- ãã°ãåŠçããã³ä¿åããæ¹æ³ã
çŸåšæ®åããŠããã³ã³ããåæè¡ã䜿çšãããšãåé¡ã解決ããããã®éžæè¢ã®é åã«ãçæã®äžã«ç ãè¿œå ãããŸãã
ããã¯ãŸãã«ããŠãŒãªã»ããã·ã¥ã¡ã¬ãã®å ±åæžã䞞倪ã®åéãšé éã®åéã«ãããçæã®å°å³ãã®è»¢åãè¿°ã¹ãŠããããšã§ããã
æ°ã«ããªã人ã¯ç«ã®äžã«ããŠãã ããã
ç§ã®ååã¯ãŠãŒãªã»ãã·ã¥ã¡ã¬ãã§ãã ç§ã¯ã©ã¶ãã§åããŠããŸãã ä»æ¥ã¯ããã°ãã©ã®ããã«äœæããã©ã®ããã«åéããããã«äœãæžãã®ãã«ã€ããŠè©±ããŸãã
ç§ãã¡ã¯ã©ãããæ¥ãã®ã§ããïŒ ç§ãã¡ã¯èª°ã§ããïŒ Lazada ã¯ãæ±åã¢ãžã¢ 1 ãåœã§ No.4 ã®ãªã³ã©ã€ã³å°å£²æ¥è ã§ãã ããããã¹ãŠã®åœã¯ãåœç€Ÿã®ããŒã¿ã»ã³ã¿ãŒã«åæ£ãããŠããŸãã çŸåšãåèš 80 ã€ã®ããŒã¿ã»ã³ã¿ãŒããããŸããããããéèŠãªã®ã¯ãªãã§ãã? ãªããªããããã€ãã®æ±ºå®ã¯ãã»ã³ã¿ãŒéã®ã€ãªãããéåžžã«åŒ±ããšããäºå®ã«ãããã®ã ããã§ãã ç§ãã¡ã¯ãã€ã¯ããµãŒãã¹ã¢ãŒããã¯ãã£ãæ¡çšããŠããŸãã ãã§ã« 20 åã®ãã€ã¯ããµãŒãã¹ãããããšã«é©ããŸããã ãã°ã䜿ã£ãŠã¿ã¹ã¯ãéå§ãããšãããã°ã¯ 6 åãããããŸããã§ãããããã«ãããªã倧ã㪠PHP ã®ã¬ã¬ã·ãŒéšåãããããããææ ¢ããªããã°ãªããŸããã çŸåšãããããã¹ãŠã«ãããã·ã¹ãã å šäœã§ XNUMX åããã XNUMX äžãè¶ ããã¡ãã»ãŒãžãçæãããŠããŸãã 次ã«ãç§ãã¡ããã®ç¶æ³ã«ã©ã®ããã«å¯ŸåŠããããšããŠããã®ãããããŠãªããããªãã®ãã説æããŸãã
ãã® 6 äžä»¶ã®ã¡ãã»ãŒãžãäœãšãåŠçããªããã°ãªããŸããã 圌ãã«å¯ŸããŠäœããã¹ãã§ããããïŒ å¿ èŠãªã¡ãã»ãŒãžã¯ 6 äžä»¶:
- ã¢ããªããéä¿¡ãã
- é éãåãå ¥ãã
- åæãšä¿ç®¡ã®ããã«æäŸããŸãã
- åæãã
- äœããã®æ¹æ³ã§ä¿ç®¡ããŸãã
XNUMX äžä»¶ã®ã¡ãã»ãŒãžã衚瀺ããããšããç§ã¯ã»ãŒåãããã«èŠããŸããã ãªããªããç§ãã¡ã¯ã»ãã®æ°ãããŒããå§ããããã§ãã ã¢ããªã±ãŒã·ã§ã³ãã°ãããã«æžã蟌ãŸããŠããããšã¯æããã§ãã ããšãã°ãããŒã¿ããŒã¹ã«æ¥ç¶ã§ããŸããã§ãããããŒã¿ããŒã¹ã«ã¯æ¥ç¶ã§ããŸããããäœãèªã¿åãããšãã§ããŸããã§ããã ããããããã«å ããŠãåãã€ã¯ããµãŒãã¹ã¯ã¢ã¯ã»ã¹ ãã°ãæžã蟌ã¿ãŸãã ãã€ã¯ããµãŒãã¹ã«å°çãããã¹ãŠã®ãªã¯ãšã¹ãã¯ãã°ã«èšé²ãããŸãã ãªããããè¡ãã®ã§ãããã? éçºè ã¯ãã¬ãŒã¹ã§ããããšãæãã§ããŸãã åã¢ã¯ã»ã¹ ãã°ã«ã¯ãtraceid ãã£ãŒã«ããå«ãŸããŠãããããã䜿çšããŠç¹å¥ãªã€ã³ã¿ãŒãã§ã€ã¹ããã§ãŒã³å šäœãå·»ãæ»ãããã¬ãŒã¹ãçŸãã衚瀺ããŸãã ãã¬ãŒã¹ã¯ãªã¯ãšã¹ããã©ã®ããã«è¡ããããã瀺ããããã¯éçºè ãæªç¢ºèªã®ã¬ããŒãžã«è¿ éã«å¯ŸåŠããã®ã«åœ¹ç«ã¡ãŸãã
ãããã©ããã£ãŠçããŠãããïŒ ããã§ããªãã·ã§ã³ã®åéãã€ãŸããã®åé¡ãäžè¬çã«ã©ã®ããã«è§£æ±ºããããã«ã€ããŠç°¡åã«èª¬æããŸãã ãã°ã®åéãéä¿¡ãä¿åã®åé¡ã解決ããæ¹æ³ã
ã¢ããªã±ãŒã·ã§ã³ããæžã蟌ãã«ã¯ã©ãããã°ããã§ãã? ããŸããŸãªæ¹æ³ãããããšã¯æããã§ãã ãããããªä»²éãã¡ãæããŠãããããã«ãç¹ã«ãã¹ããã©ã¯ãã£ã¹ããããŸãã ç§ãã¡ã®ç¥ç¶ãç§ãã¡ã«èšã£ãããã«ããªãŒã«ãã¹ã¯ãŒã«ã«ã¯XNUMXã€ã®ã¿ã€ãããããŸãã ä»ã®æ¹æ³ããããŸãã
ãã°åéã®ç¶æ³ãã»ãŒåãã§ãã ãã®éšåã解決ããããã®éžæè¢ã¯ããã»ã©å€ããããŸããã ãã§ã«ãããããããŸããããŸã ããã»ã©å€ãã¯ãããŸããã
ããããé ä¿¡ãšãã®åŸã®åæã«ãããããªãšãŒã·ã§ã³ã®æ°ãççºçã«å¢ãå§ããŸãã ããã§ã¯åãªãã·ã§ã³ã«ã€ããŠã¯èª¬æããŸããã äž»ãªãªãã·ã§ã³ã¯ããã®ãããã¯ã«èå³ããã人ãªã誰ã§ãããç¥ã£ãŠãããšæããŸãã
Lazada ã§ã©ã®ããã«ãããè¡ã£ãã®ãããããŠå®éã«ãã¹ãŠãã©ã®ããã«å§ãŸã£ãã®ãã説æããŸãã
XNUMX 幎åãç§ã¯ Lazada ã«æ¥ãŠã䞞倪ã«é¢ãããããžã§ã¯ãã«æŽŸé£ãããŸããã ãããªæãã§ããã ã¢ããªã±ãŒã·ã§ã³ ãã°ã¯ stdout ãš stderr ã«æžã蟌ãŸããŸããã ãã¹ãŠããã¡ãã·ã§ããã«ãªæ¹æ³ã§è¡ãããŸããã ããããéçºè ããããæšæºãããŒããå€ããåŸãã©ããããããã€ã³ãã©ã¹ãã©ã¯ãã£ã®å°é家ããããç解ããã§ãããã ã€ã³ãã©ã¹ãã©ã¯ãã£ã®å°é家ãšéçºè ã®éã«ã¯ãããã...åãã£ããã·ã§ã«ã䜿ã£ãŠãã¡ã€ã«ã«ã©ããããã°ããã§çµããã ããšèšããªãªãŒã¹æ åœè ãããŸãã ãããŠãããããã¹ãŠãã³ã³ãããŒã«å ¥ã£ãŠããããã圌ãã¯ãããã³ã³ãããŒèªäœã§å ã¿ããã®äžã«ã«ã¿ãã°ããããã³ã°ããŠããã«çœ®ããŸããã ãããäœããããããã®ãã¯èª°ã«ãšã£ãŠãæããã ãšæããŸãã
ãšããããããå°ãèŠãŠã¿ãŸãããã ãããã®ãã°ã¯ã©ã®ããã«ããŠé ä¿¡ãããã®ã§ãããã? 誰ãã td-agent ãéžæããŸãããããã¯å®éã«ã¯ Fluentd ã§ãããå®å šã« Fluentd ã§ã¯ãããŸããã ãã® 4 ã€ã®ãããžã§ã¯ãã®é¢ä¿ã¯ãŸã ããããŸããããã»ãŒåããã®ã®ããã§ãã ãããŠããã® fluentd 㯠Ruby ã§æžãããŠããããã° ãã¡ã€ã«ãèªã¿åããããçš®ã®èŠåæ§ã䜿çšããŠãã° ãã¡ã€ã«ã JSON ã«è§£æããŸãã ããããç§ã¯ããããã«ãã«ã«éããŸããã ããã«ãKafka ã§ã¯ãAPI ããšã« 4 ã€ã®åå¥ã®ãããã¯ããããŸããã ãªã 4 ãªã®ã? ã©ã€ãããããããã¹ããŒãžã³ã°ããããstdout ãš stderr ãããããã§ãã éçºè ã¯ããããäœæããã€ã³ãã©ã¹ãã©ã¯ãã£éçºè 㯠Kafka ã§ããããäœæããå¿ èŠããããŸãã ããã«ãKafka ã¯å¥ã®éšéã«ãã£ãŠç®¡çãããŠããŸããã ãã®ãããAPI ããšã« XNUMX ã€ã®ãããã¯ãäœæããããã«ãã±ãããäœæããå¿ èŠããããŸããã 誰ãããããå¿ããŠããŸããã äžè¬çã«ããŽããšå€§éšãããããŸããã
次ã«ãããã©ãããã§ãããã? ã«ãã«ããã«éããŸããã ãã®åŸãKafka ããã®ãã°ã®ååã Logstash ã«é£ãã§ããŸããã 䞞倪ã®æ®ãã®ååã¯åå²ãããŸããã ããã°ã¬ã€ãã°ã«é£ãã 人ãããã°ãå¥ã®ã°ã¬ã€ãã°ã«é£ãã 人ãããã çµæãšããŠãããããã¹ãŠã XNUMX ã€ã® Elasticsearch ã¯ã©ã¹ã¿ãŒã«å ¥ããŸããã ã€ãŸãããã®æ··ä¹±ã¯ãã¹ãŠããã§çµãã£ãã®ã§ãã ãããªããšããªãã§ãã ããïŒ
äžããèŠããšãããªæãã§ãã ãããªããšããªãã§ãã ããïŒ ããã§ã¯ãåé¡ã®ããé åãããã«çªå·ã§ããŒã¯ãããŸãã å®éã«ã¯ãã£ãšãããããããŸããã6 ã€ã¯æ¬åœã«åé¡ããããäœããã®å¯ŸåŠãå¿ èŠã§ãã ãããã«ã€ããŠã¯ãä»åºŠå¥é説æããŸãã
ãã (1,2,3) ã§ã¯ãã¡ã€ã«ãæžã蟌ã¿ãŸãããããã£ãŠãããã«ã¯äžåºŠã« XNUMX ã€ã® rake ãååšããŸãã
æåã® (1) ã¯ãããããã©ããã«æžãå¿ èŠããããšããããšã§ãã API ã«ãã¡ã€ã«ã«çŽæ¥æžã蟌ãæ©èœãäžããããšãåžžã«æãŸãããšã¯éããŸããã API ã¯ã³ã³ãããŒå ã«åé¢ãããããšãæãŸãããèªã¿åãå°çšã§ããããšãããã«æãŸããã§ãã ç§ã¯ã·ã¹ãã 管çè ãªã®ã§ããããã®ããšã«ã€ããŠã¯å°ãéã£ãèŠæ¹ãããŠããŸãã
2,3 çªç®ã®ãã€ã³ã (XNUMX) ã¯ãAPI ã«å€§éã®ãªã¯ãšã¹ããå±ããŠããããšã§ãã API ã¯å€§éã®ããŒã¿ããã¡ã€ã«ã«æžã蟌ã¿ãŸãã ãã¡ã€ã«ãå¢ããŠããŸãã ããããå転ãããå¿ èŠããããŸãã ããããªããšãããã«ãã£ã¹ã¯ãã¹ããã¯ã§ããªããªãããã§ãã ãããã¯ã·ã§ã«ãä»ããŠãã£ã¬ã¯ããªã«ãªãã€ã¬ã¯ãããããšã«ãã£ãŠäœæããããããããŒããŒã·ã§ã³ããããšã¯å¥œãŸãããããŸããã ãããèŠçŽãæ¹æ³ã¯ãããŸããã ãã³ãã«ãå床éãããã«ã¢ããªã±ãŒã·ã§ã³ã«æ瀺ããããšã¯ã§ããŸããã ãªããªããéçºè ã¯ããªããæãè ã®ããã«èŠãããã§ãã éåžžãæšæºåºåã«æžã蟌ã¿ãŸããã ã€ã³ãã©ã¹ãã©ã¯ãã£éçºè ã¯ãcopytruncate ã logrotate ã«å€æŽããŸãããããã¯ãåã«ãã¡ã€ã«ã®ã³ããŒãäœæããå ã®ãã¡ã€ã«ã転åããã ãã§ãã ãããã£ãŠãéåžžããããã®ã³ããŒåŠçã®éã«ãã£ã¹ã¯å®¹éãäžè¶³ããŸãã
(4) ç°ãªã API ã«ã¯ç°ãªã圢åŒããããŸããã ãããã¯ãããã«ç°ãªããŸãããæ£èŠè¡šçŸãå¥ã®æ¹æ³ã§èšè¿°ããå¿ èŠããããŸããã ããããã¹ãŠãããããã«ãã£ãŠå¶åŸ¡ãããŠãããããå€æ°ã®ã¯ã©ã¹ãç¬èªã®ãŽãããªãæ±ããŠããŸããã ããã«ãã»ãšãã©ã®å Žåãtd-agent ã¯ã¡ã¢ãªãæ¶è²»ããæãã«ãªããåäœããŠãããµããããŠäœãããªãå¯èœæ§ããããŸãã å€ããèŠãŠãã圌ãäœãããŠããªãããšã¯ç解ã§ããŸããã§ããã ããããã圌ã¯è»¢ãã§ãåŸã§èª°ãã圌ãæŸãã ããã ããæ£ç¢ºã«èšããšãã¢ã©ãŒããå±ãã誰ããæã§ãããäžãã«è¡ããŸãã
(6) ãããŠæããŽããšç¡é§ããã£ãã®ã¯ elasticsearch ã§ããã å€ãããŒãžã§ã³ã ã£ãã®ã§ã åœæã¯å°å±ã®ãã¹ã¿ãŒãããªãã£ãããã§ãã ãã£ãŒã«ããéè€ããå¯èœæ§ã®ããç°çš®ãã°ããããŸããã ç°ãªãã¢ããªã±ãŒã·ã§ã³ããã®ç°ãªããã°ãåããã£ãŒã«ãåã§æžã蟌ãŸããå¯èœæ§ããããŸãããå éšã«ã¯ç°ãªãããŒã¿ãååšããå¯èœæ§ããããŸãã ã€ãŸããXNUMX ã€ã®ãã°ã«ã¯ãã¬ãã«ãªã©ã®ãã£ãŒã«ãã«æŽæ°ãå«ãŸããŸãã å¥ã®ãã°ã«ã¯ã¬ãã«ãã£ãŒã«ãã«æååãå«ãŸããŠããŸãã éçãããã³ã°ããªãå Žåãããã¯éåžžã«çŽ æŽãããããšã§ãã elasticsearch ã§ã€ã³ããã¯ã¹ãããŒããŒã·ã§ã³ããåŸãæååãå«ãã¡ãã»ãŒãžãæåã«å°çããå Žåãç§ãã¡ã¯éåžžã©ããç掻ããŠããŸãã ãã ããæåã®ã¡ãã»ãŒãžã Integer ããå°çããå ŽåãString ããå°çããåŸç¶ã®ã¡ãã»ãŒãžã¯ãã¹ãŠåçŽã«ç Žæ£ãããŸãã ãã£ãŒã«ãã®ã¿ã€ããäžèŽããªãããã§ãã
ç§ãã¡ã¯ãããã®è³ªåãå§ããŸããã ç§ãã¡ã¯è²¬ä»»ã®ãã人ãã¡ãæ¢ããªãããšã«æ±ºããŸããã
ããããäœããããªããã°ãªããŸãã! æãããªããšã¯ãåºæºã確ç«ããå¿ èŠããããšããããšã§ãã ãã§ã«ããã€ãã®åºæºããããŸããã å°ãé ããŠããã€ãå§ããŸããã 幞ããªããšã«ããã®æç¹ã§ã¯ããã¹ãŠã® API ã«å¯Ÿå¿ããåäžã®ãã°åœ¢åŒããã§ã«æ¿èªãããŠããŸããã ããã¯ããµãŒãã¹éã®å¯Ÿè©±ã®ããã®æšæºã«çŽæ¥æžã蟌ãŸããŸãã ãããã£ãŠããã°ãåãåãããå Žåã¯ããã®åœ¢åŒã§ãã°ãèšè¿°ããå¿ èŠããããŸãã 誰ãããã®åœ¢åŒã§ãã°ãæžã蟌ãŸãªãå Žåãç§ãã¡ã¯äœãä¿èšŒããŸããã
次ã«ããã°ã®èšé²ãé ä¿¡ãåéã®æ¹æ³ã«ã€ããŠçµ±äžèŠæ Œãçå®ããããšèããŠãããŸãã å®éãã©ãã«æžããŠã©ããã£ãŠå±ãããã çæ³çãªç¶æ³ã¯ããããžã§ã¯ããåãã©ã€ãã©ãªã䜿çšããããšã§ãã Go çšã«ã¯å¥ã®ãã®ã³ã° ã©ã€ãã©ãªããããPHP çšã«ã¯å¥ã®ã©ã€ãã©ãªããããŸãã ç§ãã¡ãæã£ãŠãã人ã¯çãããã䜿ãã¹ãã§ãã çŸæç¹ã§ã¯ãããã«ã€ããŠã¯ 80% æåããŠãããšèšããŸãã ãããããµããã³ãé£ã¹ç¶ãã人ãããŸãã
ãããŠããã (ã¹ã©ã€ãäž) ã«ããã°ã®é ä¿¡ã«é¢ãã SLAãããããããŠè¡šç€ºããå§ããŸãã ãŸã ååšããŠããŸããããçŸåšéçºäžã§ãã ãªããªããã€ã³ãã©ã¹ãã©ã¯ãã£ããããããã®åœ¢åŒã§ããããã®å Žæã«æžã蟌ããšãXNUMX ç§ããã N ã¡ãã»ãŒãžä»¥äžã§ããã°ãã»ãŒç¢ºå®ã«ããããã®å Žæã«é ä¿¡ã§ãããšæå®ãããšãéåžžã«äŸ¿å©ã ããã§ãã ããã«ãããå€ãã®é çã軜æžãããŸãã SLA ããããªããããã¯æ¬åœã«çŽ æŽãããããšã§ãã
ã©ã®ããã«ããŠåé¡ã解決ãå§ããã®ã§ãããã? äž»ãªåé¡ã¯ td-agent ã«ãããŸããã ãã°ãã©ãã«è¡ã£ãã®ãã¯äžæã§ããã é éãããŠããŸããïŒ åœŒãã¯è¡ããŸããïŒ ãããã圌ãã¯ã©ãã«ããã®ã§ããããïŒ ãããã£ãŠãæåã®ç¹ã¯ td-agent ã眮ãæããããšã«ããŸããã ããã§ã¯ãäœã«çœ®ãæãããã«ã€ããŠã®ãªãã·ã§ã³ãç°¡åã«èª¬æããŸããã
Fluentdã ãŸããç§ã¯åã®ä»äºã§åœŒã«ééããŸããããããŠã圌ã¯ããã§ãå®æçã«èœã¡ãŸããã 第äºã«ãããã¯ãããã£ãŒã«äžã®ã¿ã§åãããšã§ãã
ãã¡ã€ã«ããŒãã ããã¯ç§ãã¡ã«ãšã£ãŠã©ã®ããã«äŸ¿å©ã§ãããïŒ ãã㯠Go ã§è¡ãããŠãããç§ãã¡ã¯ Go ã«ã€ããŠå€ãã®å°éç¥èãæã£ãŠããããã§ãã ãããã£ãŠãäœãèµ·ãã£ãŠããèªåãã¡ã§äœãšãè¿œå ããããšãã§ããŸãã ã ãããããç§ãã¡ã¯ãããåãå ¥ããŸããã§ããã ãã®ãããèªåã§æžãçŽãããšããèªæãããªããªããŸãã
ã·ã¹ãã 管çè ã«ãšã£ãŠã®æãããªè§£æ±ºçã¯ãããããçš®é¡ã® syslog ããã®é (syslog-ng/rsyslog/nxlog) ã«ä¿åããããšã§ãã
ãããã¯ãç¬èªã®äœããæžãããšãã§ããŸããããããš filebeat ã¯ç Žæ£ãããŸããã äœããæžããªãããžãã¹ã«åœ¹ç«ã€ãã®ãæžããæ¹ãè¯ãã§ãã ãã°ãé ä¿¡ããã«ã¯ãæ¢è£œã®ãã®ã䜿çšããæ¹ãè¯ãã§ãããã
ãããã£ãŠãå®éã®éžæã¯ãsyslog-ng ãš rsyslog ã®ã©ã¡ããéžæããããšããããšã«ãªããŸããã ç§ã rsyslog ã«åŸããã®ã¯ãåã« Puppet ã« rsyslog ã®ã¯ã©ã¹ããã§ã«ååšããŠããããããã®éã«æãããªéããèŠã€ãããªãã£ãããã§ãã syslog ã£ãŠäœã§ãããsyslog ã£ãŠäœã§ããã ã¯ããããã¥ã¡ã³ãã®è³ªãæªããã®ãããã°ãããåªãããã®ããããŸãã ãã¡ãã¯ãã®æ¹æ³ã§å®è¡ã§ããããäžæ¹ã¯å¥ã®æ¹æ³ã§å®è¡ã§ããŸãã
rsyslog ã«ã€ããŠãå°ã説æããŸãã ãŸããã¢ãžã¥ãŒã«ãããããããã®ã§ãã£ãããã§ãã 人éãèªãã RainerScript (ææ°ã®æ§æèšèª) ãåããŠããŸãã æšæºããŒã«ã䜿çšã㊠td-agent ã®åäœããšãã¥ã¬ãŒãã§ããã¢ããªã±ãŒã·ã§ã³ã«ã¯äœãå€æŽãå ããããªããšããçŽ æŽãããç¹å žã§ãã ã€ãŸããtd-agent ã rsyslog ã«å€æŽãããã®ä»ã¯ãã¹ãŠãã®ãŸãŸã«ããŠãããŸãã ãããŠãããã«åäœããçŽåãåãåããŸããã 次ã«ãrsyslog ã® mmnormalize ã¯çŽ æŽãããæ©èœã§ãã ãã°ã解æã§ããŸãããGrok ãæ£èŠè¡šçŸã¯äœ¿çšã§ããŸããã æœè±¡æ§æããªãŒãäœæããŸãã ã³ã³ãã€ã©ããœãŒã¹ã解æããã®ãšã»ãŒåãæ¹æ³ã§ãã°ã解æããŸãã ããã«ãããäœæ¥ãéåžžã«éããªããCPU ã®æ¶è²»ãã»ãšãã©ãªããªããäžè¬çã«éåžžã«åªããæ©èœã§ãã ä»ã«ãããããã®ããŒãã¹ããããŸãã ãããã«ãã ããã€ããã¯ãããŸããã
rsyslog ã«ã¯ä»ã«ãå€ãã®æ¬ ç¹ããããŸãã ããŒãã¹ãšã»ãŒåãé¡ã§ãã äž»ãªåé¡ã¯ã調çæ¹æ³ãç¥ãå¿ èŠãããããšãšãããŒãžã§ã³ãéžæããå¿ èŠãããããšã§ãã
ç§ãã¡ã¯ãã°ã UNIX ãœã±ããã«æžã蟌ãããšã«ããŸããã /dev/log ã«ã¯ãããŸãããããã«ã¯æ··ä¹±ããã·ã¹ãã ãã°ããããjournald ã¯ãã®ãã€ãã©ã€ã³å ã«ããããã§ãã ããã§ã¯ãã«ã¹ã¿ã ãœã±ããã«æžã蟌ãã§ã¿ãŸãããã å¥ã®ã«ãŒã«ã»ããã«æ·»ä»ããŸãã äœãå¹²æžããªãããã«ããŸãããã ãã¹ãŠãéæã§ãããããããã®ã«ãªããŸãã ãŸãã«ãããç§ãã¡ããã£ãããšã§ãã ãããã®ãœã±ãããå«ããã£ã¬ã¯ããªã¯æšæºåããããã¹ãŠã®ã³ã³ããã«è»¢éãããŸãã ã³ã³ããã¯å¿ èŠãªãœã±ãããèªèããéããŠæžã蟌ãããšãã§ããŸãã
ãªããã¡ã€ã«ã§ã¯ãªãã®ã§ãããã? ã¿ããªèªãã§ããã
Rsyslog ã¯ãã¹ã©ã€ãã«ç€ºãããŠããã¢ã¯ã·ã§ã³ãå®è¡ãããªã¬ãŒãŸã㯠Kafka ã«ãã°ãéä¿¡ããŸãã ã«ãã«ã¯å€ãããæ¹ãèžè¥²ããŠããŸãã ãªã¬ãŒ - çŽç²ãª rsyslog ã䜿çšããŠãã°ãé ä¿¡ããããšããŸããã ã¡ãã»ãŒãž ãã¥ãŒã䜿çšãããæšæºã® rsyslog ããŒã«ã䜿çšããŸãã åºæ¬çã«ã¯æ©èœããŸãã
ãã ãããã®éšå (Logstash/Graylog/ES) ã«ããããæŒã蟌ãæ¹æ³ã«ã¯åŸ®åŠãªéãããããŸãã ãã®éšå (rsyslog-rsyslog) ã¯ããŒã¿ã»ã³ã¿ãŒéã§äœ¿çšãããŸãã ããã¯å§çž®ããã TCP ãªã³ã¯ã§ããããã«ããã垯åå¹ ãç¯çŽã§ããããã«å¿ããŠããã£ãã«ãè©°ãŸã£ããšãã«å¥ã®ããŒã¿ ã»ã³ã¿ãŒãããã°ãåä¿¡ããå¯èœæ§ãäœããã®åœ¢ã§é«ãŸããŸãã ãªããªããç§ãã¡ã«ã¯äœããããæªãã€ã³ããã·ã¢ãããããã§ãã ããã«çµ¶ããåé¡ãååšããŸãã
ã¢ããªã±ãŒã·ã§ã³ããèšé²ãããã°ãæåŸã«å°éããå¯èœæ§ãå®éã«ç£èŠããã«ã¯ã©ãããã°ããããèããŸããã ææšãäœæããããšã«ããŸããã rsyslog ã«ã¯ç¬èªã®çµ±èšåéã¢ãžã¥ãŒã«ããããããã«ã¯ããçš®ã®ã«ãŠã³ã¿ãŒãå«ãŸããŠããŸãã ããšãã°ããã¥ââãŒã®ãµã€ãºããããããã®ã¢ã¯ã·ã§ã³ã§å°çããã¡ãã»ãŒãžã®æ°ã衚瀺ã§ããŸãã ããªãã¯ãã§ã«åœŒãããäœããåŸãããšãã§ããŸãã ããã«ãèšå®å¯èœãªã«ã¹ã¿ã ã«ãŠã³ã¿ãŒããããããšãã°ãäžéšã® API ãèšé²ããã¡ãã»ãŒãžã®æ°ã衚瀺ãããŸãã 次ã«ãrsyslog_exporter ã Python ã§èšè¿°ããããããã¹ãŠ Prometheus ã«éä¿¡ããŠã°ã©ããæ§ç¯ããŸããã Graylog ã¡ããªã¯ã¹ãæ¬åœã«æ¬²ããã£ãã®ã§ããããŸã èšå®ããæéããããŸããã§ããã
äœãåé¡ã§ããã? ã©ã€ã API ã 50 ç§ããã 12 åã®ã¡ãã»ãŒãžãæžã蟌ãã§ããããšã (çªç¶!) çºèŠãããšãã«åé¡ãçºçããŸããã ããã¯ã¹ããŒãžã³ã°ã®ãªãã©ã€ã API ã®ã¿ã§ãã ãŸããGraylog ã§ã¯ XNUMX ç§ããã XNUMX ã¡ãã»ãŒãžãã衚瀺ãããŸããã ãããŠåœç¶ã®çåãçããïŒéºäœã¯ã©ãã«ããã®ãïŒ ãã®ããšãããGraylog ã§ã¯å¯ŸåŠã§ããªããšããçµè«ã«éããŸããã 調ã¹ãŠã¿ããšã確ãã«ãGraylog ãš Elasticsearch ã§ã¯ãã®ãããŒãåŠçã§ããŸããã§ããã
次ã«ãéäžã§èŠã€ãããã®ä»ã®çºèŠã§ãã
ãœã±ãããžã®æžã蟌ã¿ã¯ãããã¯ãããŸãã ã©ããã£ãŠãããªã£ãïŒ é
ä¿¡ã« rsyslog ã䜿çšããŠãããšããããæç¹ã§ããŒã¿ ã»ã³ã¿ãŒéã®ãã£ãã«ãæ
éããŸããã ããå Žæã§ã¯é
éãåæ¢ããå¥ã®å Žæã§ã¯é
éãåæ¢ããŸããã ããããã¹ãŠã¯ãrsyslog ãœã±ããã«æžã蟌ã API ãåãããã·ã³ã«å°éããŠããŸãã ããã«ã¯è¡åãã§ããŠããŸããã ãã®åŸãUNIX ãœã±ããã«æžã蟌ãããã®ãã¥ãŒ (ããã©ã«ãã§ã¯ 128 ãã±ãã) ããã£ã±ãã«ãªããŸããã ãããŠãã¢ããªã±ãŒã·ã§ã³å
ã®æ¬¡ã® write() ã¯ãããã¯ãããŸãã Go ã¢ããªã±ãŒã·ã§ã³ã§äœ¿çšããã©ã€ãã©ãªãèŠããšããœã±ãããžã®æžã蟌ã¿ã¯ãã³ããããã³ã° ã¢ãŒãã§è¡ããããšæžãããŠããŸããã äœããããã¯ãããŠããªãããšã確信ããŠããŸããã ç§ãã¡ãèªãã§ãããã
ãã¥ãŒã®ãµã€ãºãç£èŠããå¿ èŠããããŸããããã¯ããã®çæãèžãŸãªãããã«ããã®ã«åœ¹ç«ã¡ãŸãã ãŸãããã€ã¡ãã»ãŒãžã倱ããå§ããããç£èŠã§ããŸãã 次ã«ãé éã«åé¡ããããã©ãããç£èŠã§ããŸãã
ãããŠãã 10 ã€ã®äžå¿«ãªç¬éã§ãããã€ã¯ããµãŒãã¹ ã¢ãŒããã¯ãã£ã§ã¯ XNUMX åã®å¢å¹ ãéåžžã«ç°¡åã§ãã åä¿¡ãªã¯ãšã¹ãã¯ããã»ã©å€ããããŸãããããããã®ã¡ãã»ãŒãžãã°ã©ãã«æ²¿ã£ãŠããã«ç§»åããã¢ã¯ã»ã¹ ãã°ãçºçãããããå®éã«ã¯ãã°ã®è² è·ãçŽ XNUMX åã«å¢å ããŸãã æ®å¿µãªãããæ£ç¢ºãªæ°åãèšç®ããæéããããŸããã§ãããããã€ã¯ããµãŒãã¹ãšã¯ãããããã®ã§ãã ãã®ããšã念é ã«çœ®ããŠãããªããã°ãªããŸããã çŸæç¹ã§ã¯ããã°åéãµãã·ã¹ãã ã Lazada ã§æãè² è·ãããã£ãŠããããšãããããŸããã
elasticsearchã®åé¡ã解決ããã«ã¯ã©ãããã°ããã§ãã? ãã¹ãŠã®ãã·ã³ãåã£ãŠãã°ãåéããå¿ èŠããªãããã«ããã°ã XNUMX ãæã«ãã°ããååŸããå¿ èŠãããå Žåã¯ããã¡ã€ã« ã¹ãã¬ãŒãžã䜿çšããŸãã ããã¯åäœããããšãä¿èšŒãããŠããŸãã ã©ã®ãµãŒããŒããã§ãå®è¡ã§ããŸãã ããã«ãã£ã¹ã¯ãæ¿å ¥ããsyslog ãã€ã³ã¹ããŒã«ããã ãã§ãã ãã®åŸã¯ããã¹ãŠã®ãã°ã XNUMX ãæã«éãŸãããšãä¿èšŒãããŸãã ãã®åŸãelasticsearchãgraylogããã®ä»ããã£ãããšæ§æã§ããŸãã ãã ãããã¹ãŠã®ãã°ã¯ãã§ã«ååšããŠãããããã«ãååãªãã£ã¹ã¯ ã¢ã¬ã€ãããéããã°ãä¿åã§ããŸãã
ç§ã®ã¬ããŒãã®æç¹ã§ã¯ãã¹ããŒã ã¯æ¬¡ã®ããã«ãªãå§ããŸããã ãã¡ã€ã«ãžã®æžã蟌ã¿ã¯äºå®äžåæ¢ããŸããã ãããããæ®ãã®éšåã¯ãªãã«ããã§ãããã API ãå®è¡ããŠããããŒã«ã« ãã·ã³ã§ã¯ããã¡ã€ã«ãžã®æžã蟌ã¿ãåæ¢ãããŸãã ãŸãããã¡ã€ã« ã¹ãã¬ãŒãžããããéåžžã«ããŸãæ©èœããŸãã 第 XNUMX ã«ããããã®ãã·ã³ã®ã¹ããŒã¹ã¯åžžã«äžè¶³ããŠãããåžžã«ç£èŠããå¿ èŠããããŸãã
Logstash ãš Graylog ã䜿çšãããã®éšåã¯ãæ¬åœã«å¹æçã§ãã ãããã£ãŠããããåãé€ãå¿ èŠããããŸãã äœãã XNUMX ã€éžæããå¿ èŠããããŸãã
Logstash ãš Kibana ãå»æ£ããããšã«ããŸããã ã»ãã¥ãªãã£éšéãããããã§ãã ãªãã®ã€ãªããïŒ ããã¯ãX-Pack ã䜿çšããªã Kibana ãš Shield ã䜿çšããªã Kibana ã§ã¯ããã°ãžã®ã¢ã¯ã»ã¹æš©ãåºå¥ã§ããªããšããããšã§ãã ã ãããããGraylog ãæ¡çšããŸããã å šãŠãæã£ãŠããŸãã 奜ãã§ã¯ãªãã§ãããå¹æã¯ãããŸãã æ°ããããŒããŠã§ã¢ãè³Œå ¥ããããã«æ°ãã Graylog ãã€ã³ã¹ããŒã«ããå³å¯ãªåœ¢åŒã®ãã¹ãŠã®ãã°ãå¥ã® Graylog ã«è»¢éããŸããã ç§ãã¡ã¯ãç°ãªãã¿ã€ãã®åäžãã£ãŒã«ãã®åé¡ãçµç¹çã«è§£æ±ºããŸããã
æ°ãã Graylog ã«ã¯æ£ç¢ºã«äœãå«ãŸããŠããŸããã ãã¹ãŠã docker ã«æžã蟌ãã ã ãã§ãã ç§ãã¡ã¯å€§éã®ãµãŒããŒãå°å ¥ãã7 ã€ã® Kafka ã€ã³ã¹ã¿ã³ã¹ã2.3 ã€ã® Graylog ãµãŒã㌠ããŒãžã§ã³ 5 (Elasticsearch ããŒãžã§ã³ 100 ãå¿ èŠã ã£ãã®ã§) ãå±éããŸããã ãããã¯ãã¹ãŠãRAID äžã« HDD ããååŸããããã®ã§ãã 140 ç§ãããæ倧 XNUMX äžã¡ãã»ãŒãžã®ã€ã³ããã¯ã¹äœæé床ã確èªãããŸããã XNUMX é±éããã XNUMX ãã©ãã€ãã®ããŒã¿ãšããæ°åãèŠãããŸããã
ãããŠãŸãçæïŒ ä»åŸ6ã€ã®è²©å£²ãäºå®ããŠãããŸãã ã¡ãã»ãŒãžæ°ã¯ XNUMX äžä»¶ãè¶ ããŸããã ã°ã¬ã€ãã°ã«ã¯åãæéããããŸããã äœãšãããŠç§ãã¡ã¯åã³çãæ®ããªããã°ãªããŸããã
ããããŠç§ãã¡ã¯çãæ®ã£ãã®ã§ãã ããã«ããã€ãã®ãµãŒããŒãš SSD ãè¿œå ããŸããã ä»ã®ãšãããç§ãã¡ã¯ãã®ããã«çããŠããŸãã çŸåšãç§ãã¡ã¯ãã§ã« 160 ç§ããã XNUMX åã®ã¡ãã»ãŒãžãåŠçããŠããŸãã ãŸã éçã«ã¯éããŠããªãã®ã§ãå®éã«ã©ãã ãã®å©çãåŸããããã¯äžæã§ãã
ãããã¯ç§ãã¡ã®å°æ¥ã®èšç»ã§ãã ãããã®äžã§ãæãéèŠãªã®ã¯ããããé«å¯çšæ§ã§ãã ãŸã ãããŸããã è€æ°ã®è»äž¡ãåãããã«æ§æãããŠããŸããããããŸã§ã®ãšããããã¹ãŠã XNUMX å°ã®è»äž¡ãä»ããŠè¡ãããŠããŸãã ãããã®éã§ãã§ã€ã«ãªãŒããŒãèšå®ããã«ã¯æéãããããŸãã
Graylog ããã¡ããªã¯ã¹ãåéããŸãã
ã¬ãŒãå¶éãèšããŠã垯åå¹ ããã®ä»ãã¹ãŠãç ç²ã«ããªãã¯ã¬ã€ãžãŒãª API ã XNUMX ã€çšæããŸãã
ãããŠæåŸã«ãããã ãã®ãµãŒãã¹ãæäŸã§ããããã«ãéçºè ãšäœããã® SLA ãç· çµããŸãã ãã£ãšæžããããããããªããã
ãããŠããã¥ã¡ã³ããæžããŸãã
ç°¡åã«èšãã°ãç§ãã¡ãçµéšãããã¹ãŠã®çµæã§ãã ãŸããèŠæ Œã§ãã 第äºã«ãsyslog ã¯ã±ãŒãã§ãã 第äžã«ãrsyslog ã¯ã¹ã©ã€ãã«æžãããŠãããšããã«åäœããŸãã ããã§ã¯ã質åã«ç§»ããŸãã
質å.
質å: ãªãåããªãããšã«ããã®ã§ãã... (ãã¡ã€ã«ããŒã?)
çã: ãã¡ã€ã«ã«æžã蟌ãå¿ èŠããããŸãã æ¬åœã¯ããããªãã£ãã®ã§ãã API ã XNUMX ç§ãããæ°åã®ã¡ãã»ãŒãžãæžã蟌ãå ŽåãXNUMX æéã« XNUMX åããŒããŒã·ã§ã³ãããšããŠããããã¯äŸç¶ãšããŠãªãã·ã§ã³ã§ã¯ãããŸããã ãã€ãã§æžãããšãã§ããŸãã éçºè ã¯ç§ã«ããå°ããŸããããç§ãã¡ãæžããŠããããã»ã¹ãã¯ã©ãã·ã¥ãããã©ããªããŸãã?ã ç§ã¯åœŒãã«äœãšçããã¹ããèŠã€ããããããŸããåãã£ããããã¯ãããŸãããããšèšããŸããã
質å: ãã°ã HDFS ã«æžã蟌ãŸãªãã®ã¯ãªãã§ãã?
çãïŒããã¯æ¬¡ã®æ®µéã§ãã ç§ãã¡ã¯æåã«ãããæ€èšããŸããããçŸæç¹ã§ã¯ãããè¡ãããã®ãªãœãŒã¹ããªããããé·æçãªè§£æ±ºçãšããŠä¿çãããŠããŸãã
質å: å圢åŒã®æ¹ãé©ããŠããŸãã
çãïŒ ããããŸããã ç§ãã¡ã¯äž¡æãæããŠè³æã§ãã
質å: rsyslog ã«æžã蟌ãã§ããŸãã ããã§ã¯ TCP ãš UDP ã®äž¡æ¹ã䜿çšã§ããŸãã ããããUDP ã®å Žåãã©ããã£ãŠé ä¿¡ãä¿èšŒããã®ã§ãããã?
çãïŒãã€ã³ãã¯100ã€ãããŸãã ãŸããç§ã¯ãã°ã®é ä¿¡ãä¿èšŒãããã®ã§ã¯ãªãããšãããã«çããã«äŒããŸãã ãªããªããéçºè ããã£ãŠæ¥ãŠããããã«è²¡åããŒã¿ãæžãå§ããŸããããäœããèµ·ãã£ãå Žåã«åããŠãã©ããã«çœ®ããŠãããŠãã ããããšèšããšãç§ãã¡ã¯ãçŽ æŽãããã§ãïŒããšçããããã§ãã ãœã±ãããžã®æžã蟌ã¿ã®ãããã¯ãéå§ããããããã©ã³ã¶ã¯ã·ã§ã³ã§å®è¡ããŸããããããããã°ãããªãã¯ãããç§ãã¡ã®ããã«ãœã±ããã«çœ®ãããšãä¿èšŒãããç§ãã¡ããããçžæåŽãã確å®ã«åä¿¡ã§ããããã«ãªããŸããã ãããŠçŸæç¹ã§ã¯ã誰ããããã«ãããå¿ èŠãšããªããªããŸããã å¿ èŠããªãå Žåãã©ã®ãããªè³ªåãããã°ããã§ãããã? ãœã±ãããžã®æžã蟌ã¿ãä¿èšŒããããªãå Žåããªãé ä¿¡ãä¿èšŒããå¿ èŠãããã®ã§ãããã? ç§ãã¡ã¯å šåãå°œãããŠããŸãã å¯èœãªéãæè¯ã®æ¹æ³ã§æäŸããããåªããŠãããŸãããXNUMX% ä¿èšŒãããã®ã§ã¯ãããŸããã ãããã£ãŠã財åããŒã¿ãããã«æžã蟌ãå¿ èŠã¯ãããŸããã ãã®ããã®ãã©ã³ã¶ã¯ã·ã§ã³ãå«ãããŒã¿ããŒã¹ããããŸãã
質å: API ããã°ã«äœããã®ã¡ãã»ãŒãžãçæããå¶åŸ¡ããã€ã¯ããµãŒãã¹ã«è»¢éãããšãã«ãç°ãªããã€ã¯ããµãŒãã¹ããã®ã¡ãã»ãŒãžãééã£ãé åºã§å°çãããšããåé¡ã«ééããããšããããŸãã? ããã¯æ··ä¹±ãåŒãèµ·ãããŸãã
çã: é çªãéãã®ã¯æ®éã®ããšã§ãã ããã«åããŠæºåããå¿ èŠããããŸãã ãããã¯ãŒã¯é ä¿¡ã§ã¯é åºãä¿èšŒãããªããããããã«ã¯ç¹å¥ãªãªãœãŒã¹ãè²»ããå¿ èŠããããŸãã ãã¡ã€ã« ã¹ãã¬ãŒãžã䜿çšããå Žåãå API ã¯ãã°ãç¬èªã®ãã¡ã€ã«ã«ä¿åããŸãã ãšããããrsyslog ããããããã£ã¬ã¯ããªã«åé¡ããŸãã å API ã«ã¯ç¬èªã®ãã°ããããããã«ã¢ã¯ã»ã¹ããŠç¢ºèªãããã®ãã°ã®ã¿ã€ã ã¹ã¿ã³ãã䜿çšããŠæ¯èŒã§ããŸãã Graylog ãåç §ãããšãã¿ã€ã ã¹ã¿ã³ãã«ãã£ãŠãœãŒããããŸãã ããã§ã¯ãã¹ãŠãããŸããããŸãã
質å: ã¿ã€ã ã¹ã¿ã³ãã¯ããªç§åäœã§ç°ãªãå ŽåããããŸãã
çã: ã¿ã€ã ã¹ã¿ã³ã㯠API èªäœã«ãã£ãŠçæãããŸãã å®éããããéèŠãªç¹ã§ãã NTPããããŸãã API ã¯ã¡ãã»ãŒãžèªäœã«ã¿ã€ã ã¹ã¿ã³ããçæããŸãã rsyslog ã§ã¯è¿œå ãããŸããã
質å: ããŒã¿ã»ã³ã¿ãŒéã®çžäºäœçšã¯ããŸãæ確ã§ã¯ãããŸããã ããŒã¿ã»ã³ã¿ãŒå ã§ã¯ããã°ãã©ã®ããã«åéãããåŠçãããããæããã§ãã ããŒã¿ã»ã³ã¿ãŒéã®ããåãã¯ã©ã®ããã«è¡ãããã®ã§ãããã? ãããšããåããŒã¿ã»ã³ã¿ãŒã¯ç¬èªã®ç掻ãéã£ãŠããã®ã§ãããã?
çãïŒ ã»ãšãã©ã æãåœã§ã¯ãååœã XNUMX ã€ã®ããŒã¿ã»ã³ã¿ãŒã«é 眮ãããŠããŸãã çŸæç¹ã§ã¯ãXNUMX ã€ã®åœãç°ãªãããŒã¿ ã»ã³ã¿ãŒã«é 眮ããããããªåæ£ã¯è¡ã£ãŠããŸããã ãããã£ãŠãããããçµã¿åãããå¿ èŠã¯ãããŸããã åã»ã³ã¿ãŒã«ã¯ãã°ãªã¬ãŒãå èµãããŠããŸãã ãã㯠Rsyslog ãµãŒããŒã§ãã å®éã«ã¯ç®¡çãã·ã³ã XNUMX å°ãããŸãã 圌ããåãæ 床ã§ãã ãããä»ã®ãšããããã©ãã£ãã¯ã¯ãã®ãã¡ã® XNUMX ã€ãééããã ãã§ãã ãã¹ãŠã®ãã°ãéçŽããŸãã äžãäžã«åããŠãã£ã¹ã¯ãã¥ãŒãçšæããŠããŸãã ãã°ãããŠã³ããŒãããŠäžå€®ããŒã¿ã»ã³ã¿ãŒ (ã·ã³ã¬ããŒã«) ã«éä¿¡ãããããã Graylog ã«éä¿¡ãããŸãã ãããŠãåããŒã¿ã»ã³ã¿ãŒã«ã¯ç¬èªã®ãã¡ã€ã« ã¹ãã¬ãŒãžããããŸãã æ¥ç¶ã倱ãããå Žåã«åããŠããã¹ãŠã®ãã°ãããã«ä¿åãããŠããŸãã 圌ãã¯ããã«æ®ãã§ãããã ãããã¯ããã«ä¿ç®¡ãããŸãã
質åïŒç°åžžäºæ ãçºçããå Žåããããããã°ãåä¿¡ããŸããïŒ
çãïŒããïŒãã¡ã€ã«ã¹ãã¬ãŒãžïŒã«è¡ã£ãŠèŠãŠããããã
質å: ãã°ã倱ãããŠããªãããšãã©ã®ããã«ç£èŠããŸãã?
çã: ç§ãã¡ã¯å®éã«åœŒãã倱ãã€ã€ããããããç£èŠããŠããŸãã ã¢ãã¿ãªã³ã°ã¯ XNUMX ãæåã«éå§ãããŸããã Go API ã䜿çšããã©ã€ãã©ãªã«ã¯ã¡ããªã¯ã¹ããããŸãã 圌女ã¯ããœã±ããã«æžã蟌ãããšãã§ããªãã£ãåæ°ãæ°ããããšãã§ããŸãã çŸåšãããã«ã¯è³¢ããã¥ãŒãªã¹ãã£ãã¯ããããŸãã ããã«ã¯ãããã¡ããããŸãã ãããããœã±ããã«ã¡ãã»ãŒãžãæžã蟌ãããšããŸãã ãããã¡ããªãŒããŒãããŒãããšããããã¡ã®åé€ãéå§ãããŸãã ãããŠã圌ã¯ãããã®ãã¡ã®äœåãèœãšããããæ°ããŸãã ããã§ã¡ãŒã¿ãŒããªãŒããŒãããŒãå§ããã°ããããããããŸãã ãããã¯çŸåšãprometheus ã«ãç»å ŽããŠãããGrafana ã§ã°ã©ããèŠãããšãã§ããŸãã ã¢ã©ãŒããèšå®ã§ããŸãã ãããã誰ã«éããã¯ãŸã æããã§ã¯ãªãã
質å: elasticsearch ã§ã¯ããã°ãåé·æ§ãæã£ãŠä¿åããŸãã ã¬ããªã«ã¯äœåãããŸãã?
çãïŒäžè¡ã
質åïŒããã¯äžè¡ã ãã§ããïŒ
çã: ããã¯ãã¹ã¿ãŒãšã¬ããªã«ã§ãã ããŒã¿ã¯ XNUMX ã€ã®ã³ããŒã«ä¿åãããŸãã
質å: rsyslog ãããã¡ ãµã€ãºãäœããã®æ¹æ³ã§èª¿æŽããŸããã?
çã: ããŒã¿ã°ã©ã ãã«ã¹ã¿ã UNIX ãœã±ããã«æžã蟌ã¿ãŸãã ããã«ãããããã« 128 ãããã€ãã®å¶éã課ããããŸãã ãã以äžæžã蟌ãããšã¯ã§ããŸããã ãããæšæºã«æžã蟌ã¿ãŸããã ã¹ãã¬ãŒãžã«ã¢ã¯ã»ã¹ããã人㯠128 ãããã€ããæžã蟌ã¿ãŸãã ããã«ãå³æžé€šã¯é®æãããã¡ãã»ãŒãžãé®æããããšãããã©ã°ãç«ãŠãããŸãã ã¡ãã»ãŒãžèªäœã®æšæºã«ã¯ãé²é³äžã«ã¡ãã»ãŒãžãéåãããã©ããã瀺ãç¹å¥ãªãã£ãŒã«ãããããŸãã ãããã£ãŠããã®ç¬éã远跡ããæ©äŒããããŸãã
質å: å£ãã JSON ãæžããŸãã?
çã: ãã±ããã倧ãããããããå£ãã JSON ã¯äžç¶äžã«ç Žæ£ãããŸãã ãŸãã¯ãGraylog 㯠JSON ã解æã§ããªãããç Žæ£ãããŸãã ãã ããä¿®æ£ããå¿ èŠããããã¥ã¢ã³ã¹ãããããããã¯ã»ãšãã©ã rsyslog ã«é¢é£ããŠããŸãã ãã§ã«ããã€ãã®åé¡ãèšå ¥ããŸãããããŸã åãçµãå¿ èŠããããŸãã
質åïŒãªãã«ãã«ïŒ RabbitMQ ãè©ŠããŠã¿ãŸããã? Graylog ã¯ãã®ãããªè² è·ã®äžã§ã¯å€±æããŸãã?
çã: Graylog ã§ã¯ããŸããããŸããã ãããŠãGraylog ã¯ç§ãã¡ã®ããã«åœ¢ã«ãªãã€ã€ãããŸãã 圌ã¯æ¬åœã«åé¡ããããã 圌ã¯å€ãã£ã人ã ã ãããŠå®éãããã¯å¿ èŠãããŸããã rsyslog ãã elasticsearch ã«çŽæ¥æžã蟌ãã§ãããKibana ã確èªããããšèããŠããŸãã ããããèŠåå¡ãšã®åé¡ã解決ããå¿ èŠããããŸãã ããã¯ãGraylog ãæšãŠãŠ Kibana ã䜿çšããå Žåã®éçºã§å¯èœãªãªãã·ã§ã³ã§ãã Logstash ã䜿çšããæå³ã¯ãããŸããã rsyslogã§ãåãããšãã§ããããã§ãã ãããŠãelasticsearchã«æžã蟌ãããã®ã¢ãžã¥ãŒã«ããããŸãã ãªããšãGraylogãšå ±åããŠããããšæã£ãŠããŸãã å°ã調æŽãããŸããã ãããããŸã æ¹åã®äœå°ããããŸãã
ã«ãã«ã«ã€ããŠã ãããæŽå²çã«èµ·ãã£ãæ¹æ³ã§ãã ç§ãå°çãããšããããã¯ãã§ã«ããã«ããããã°ããã§ã«æžã蟌ãŸããŠããŸããã åã«ã¯ã©ã¹ã¿ãŒãç«ã¡äžããŠãããã«ãã°ã移åããã ãã§ãã ç§ãã¡ã¯åœŒã®ãããŒãžã£ãŒã§ããã圌ã®æ°æã¡ãç¥ã£ãŠããŸãã RabbitMQ ã«é¢ããŠã¯... RabbitMQ ã§ã¯ããŸããããŸããã ãããŠãRabbitMQ ã圢ã«ãªãã€ã€ãããŸãã æ¬çªç°å¢ã«ãããŸãããåé¡ããããŸããã ããŠã販売åã«åœŒãã¯åœŒãé äºãã圌ã¯éåžžéãã«åãå§ããŸããã ãããããããŸã§ã¯æ¬çªç°å¢ã«ãªãªãŒã¹ããæºåãã§ããŠããŸããã§ããã ãã 0.9 ç¹ãããŸãã Graylog ã¯ããŒãžã§ã³ AMQP 1.0 ãèªã¿åãããšãã§ããrsyslog ã¯ããŒãžã§ã³ AMQP XNUMX ãæžã蟌ãããšãã§ããŸãã ãããŠããã®äž¡æ¹ãå®çŸã§ããåäžã®ãœãªã¥ãŒã·ã§ã³ã¯ååšããŸããã ã©ã¡ããäžæ¹ã§ãã ãããã£ãŠãçŸæç¹ã§ã¯ã«ãã«ã®ã¿ã§ãã ããããããã¯ç¬èªã®ãã¥ã¢ã³ã¹ããããŸãã ãªããªããç§ãã¡ã䜿çšããŠããããŒãžã§ã³ã® rsyslog ã® omkafka ã¯ãrsyslog ããããåºããã¡ãã»ãŒãž ãããã¡å šäœã倱ãå¯èœæ§ãããããã§ãã ä»ã®ãšããã¯ææ ¢ã§ãã
質å: Kafka ã¯æ¢ã«æã£ãŠããã®ã§äœ¿çšããŠããŸãã? ããäœã®ç®çã«ã䜿çšãããŠããŸãããïŒ
çã: Kafka ã¯ãããŒã¿ ãµã€ãšã³ã¹ ããŒã ã«ãã£ãŠäœ¿çšãããŠããŸãã ããã¯å®å šã«å¥ã®ãããžã§ã¯ãã§ãããæ®å¿µãªããããã«ã€ããŠã¯äœãèšããŸããã ç§ã¯ç¥ããªãã ããŒã¿ ãµã€ãšã³ã¹ ããŒã ã«ãã£ãŠéå¶ãããŸããã ãã°ãäœæããããšããç¬èªã®ãã°ãã€ã³ã¹ããŒã«ããªãããã«ãããã䜿çšããããšã«ããŸããã çŸåšãGraylog ãæŽæ°ããŸããããå€ãããŒãžã§ã³ã® Kafka ãå«ãŸããŠãããããäºææ§ã倱ãããŠããŸãã ç§ãã¡ã¯èªåãã¡ã§å§ããªããã°ãªããŸããã§ããã åæã«ãå API ã®ããã XNUMX ã€ã®ãããã¯ãåé€ããŸããã ãã¹ãŠã®ã©ã€ãã«å¯Ÿã㊠XNUMX ã€ã®åºããããã¯ãäœæãããã¹ãŠã®ã¹ããŒãžã³ã°ã«å¯Ÿã㊠XNUMX ã€ã®åºããããã¯ãäœæãããã¹ãŠãããã«é 眮ããŸããã Graylog ã¯ããããã¹ãŠã䞊è¡ããŠããåºããŸãã
質å: ãªããœã±ããã䜿ã£ããã®ã·ã£ãŒãããºã ãå¿ èŠãªã®ã§ãããã? ã³ã³ããçšã® syslog ãã° ãã©ã€ããŒã䜿çšããŠã¿ãŸããã?
çã: ãã®è³ªåãããæç¹ã§ã¯ã枯湟åŽåè ãšã®é¢ä¿ã¯ç·åŒµããŠããŸããã docker 1.0 ãŸã㯠0.9 ã§ããã Dockerèªäœãå¥åŠã§ããã 第äºã«ããã°ãããã·ã¥ãããš...ç§ã¯ããã¹ãŠã®ãã°ãããèªäœãã€ãŸã docker ããŒã¢ã³ãä»ããŠæž¡ãããã®ã§ã¯ãªãããšããæªæ€èšŒã®çããæã£ãŠããŸãã XNUMX ã€ã® API ããããããªããšãæ®ãã® API 㯠stdout ãš stderr ãéä¿¡ã§ããªããªããŸãã ãããã©ãã«ã€ãªããã®ãããããŸããã ããã§Docker syslogãã©ã€ãã䜿ãå¿ èŠã¯ãªãã®ã§ã¯ãªãããšæããã¬ãã«ã§çåãæããŸãã åœç€Ÿã®æ©èœãã¹ãéšéã«ã¯ããã°ãå«ãç¬èªã® Graylog ã¯ã©ã¹ã¿ãŒããããŸãã 圌ã㯠Docker ãã°ãã©ã€ããŒã䜿çšããŠããããã¹ãŠåé¡ãªãããã§ãã ãããã圌ãã¯ããã« GELF ã Graylog ã«æžã蟌ã¿ãŸãã ç§ãã¡ãããããã¹ãŠãéå§ããæç¹ã§ã¯ããããæ©èœããããšã ããå¿ èŠã§ããã ããããåŸã§èª°ããæ¥ãŠããããXNUMX幎éããŸãæ©èœããŠãããšèšã£ããšããç§ãã¡ã¯è©ŠããŠã¿ãŸãã
質å: ããŒã¿ã»ã³ã¿ãŒéã®é 信㯠rsyslog ã䜿çšããŠè¡ããŸãã ãªãã«ãã«ã§ã¯ãªãã®ã§ããããïŒ
çãïŒå®éã«ã¯äž¡æ¹ãã£ãŠãŸãã çç±ã¯ XNUMX ã€ãããŸãã ãã£ãã«ãå®å šã«åæ¢ããŠããå Žåããã¹ãŠã®ãã°ã¯ãå§çž®åœ¢åŒã§ãã£ãŠããã®ãã£ãã«ãã¯ããŒã«ã§ããŸããã ãããŠãKafka ã䜿çšãããšãããã»ã¹äžã«ããããåã«å€±ãããšãã§ããŸãã ãããããããã®ãã°ã®è©°ãŸããåãé€ãæ¹æ³ã§ãã ãã®å ŽåãKafka ãçŽæ¥äœ¿çšããŠããã ãã§ãã é©åãªãã£ãã«ããããããã解æŸãããå Žåã¯ããã® rsyslog ã䜿çšããŸãã ãããå®éã«ã¯ãé©åããªãã£ããã®ãããèªäœãããããããããã«æ§æã§ããŸãã çŸæç¹ã§ã¯ãã©ãã㧠rsyslog é ä¿¡ãçŽæ¥äœ¿çšããã©ãã㧠Kafka ã䜿çšããã ãã§ãã
åºæïŒ habr.com