From 87477e610e9c8c71aef5fe96d6a53e8e8c9b564a Mon Sep 17 00:00:00 2001 From: Greg Kolesar Date: Sun, 19 Jan 2025 11:48:32 -0600 Subject: [PATCH] Initial --- .gitignore | 2 ++ docker-compose.yml | 31 +++++++++++++++++++++++++++++++ fluentd/Dockerfile | 24 ++++++++++++++++++++++++ fluentd/conf/fluent.conf | 28 ++++++++++++++++++++++++++++ fluentd/entrypoint.sh | 22 ++++++++++++++++++++++ 5 files changed, 107 insertions(+) create mode 100644 .gitignore create mode 100644 docker-compose.yml create mode 100644 fluentd/Dockerfile create mode 100644 fluentd/conf/fluent.conf create mode 100644 fluentd/entrypoint.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9bea433 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ + +.DS_Store diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..0187253 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,31 @@ +version: "3" +volumes: + esdata: +services: + fluentd: + build: ./fluentd + links: # Sends incoming logs to the elasticsearch container. + - elasticsearch + depends_on: + - elasticsearch + ports: # Exposes the port 24224 on both TCP and UDP protocol for log aggregation + - 24224:24224 + - 24224:24224/udp + elasticsearch: + image: elasticsearch:7.17.0 + expose: # Exposes the default port 9200 + - 9200 + environment: + - discovery.type=single-node # Runs as a single-node + volumes: # Stores elasticsearch data locally on the esdata Docker volume + - esdata:/usr/share/elasticsearch/data + kibana: + image: kibana:7.17.0 + links: # Links kibana service to the elasticsearch container + - elasticsearch + depends_on: + - elasticsearch + ports: # Runs kibana service on default port 5601 + - 5601:5601 + environment: # Defined host configuration + - ELASTICSEARCH_HOSTS=http://elasticsearch:9200 \ No newline at end of file diff --git a/fluentd/Dockerfile b/fluentd/Dockerfile new file mode 100644 index 0000000..f1a8b18 --- /dev/null +++ b/fluentd/Dockerfile @@ -0,0 +1,24 @@ +# image based on fluentd v1.14-1 +FROM fluentd:v1.14-1 +# Use root account to use apk +USER root +# Install the required version of faraday +RUN gem uninstall -I faraday +RUN gem install faraday -v 2.8.1 +# Install dependencies and gems +RUN apk --no-cache --update add \ + sudo \ + build-base \ + ruby-dev \ + && gem uninstall -I elasticsearch \ + && gem install elasticsearch -v 7.17.0 \ + && gem install fluent-plugin-elasticsearch \ + && gem sources --clear-all \ + && apk del build-base ruby-dev \ + && rm -rf /tmp/* /var/tmp/* /usr/lib/ruby/gems/*/cache/*.gem +# Copy fluentd configuration from host image +COPY ./conf/fluent.conf /fluentd/etc/ +# Copy binary start file +COPY entrypoint.sh /bin/ +RUN chmod +x /bin/entrypoint.sh +USER fluent \ No newline at end of file diff --git a/fluentd/conf/fluent.conf b/fluentd/conf/fluent.conf new file mode 100644 index 0000000..d0ad306 --- /dev/null +++ b/fluentd/conf/fluent.conf @@ -0,0 +1,28 @@ +# bind fluentd on IP 0.0.0.0 +# port 24224 + + @type forward + port 24224 + bind 0.0.0.0 + +# sendlog to the elasticsearch +# the host must match to the elasticsearch +# container service + + @type copy + + @type elasticsearch + host elasticsearch + port 9200 + logstash_format true + logstash_prefix fluentd + logstash_dateformat %Y%m%d + include_tag_key true + type_name access_log + tag_key @log_name + flush_interval 20s + + + @type stdout + + \ No newline at end of file diff --git a/fluentd/entrypoint.sh b/fluentd/entrypoint.sh new file mode 100644 index 0000000..d791f21 --- /dev/null +++ b/fluentd/entrypoint.sh @@ -0,0 +1,22 @@ +#!/bin/sh +# Source vars if file exists +DEFAULT=/etc/default/fluentd +if [ -r $DEFAULT ]; then + set -o allexport + . $DEFAULT + set +o allexport +fi +# If the user has supplied only arguments, append them to `fluentd` command +if [ "${1#-}" != "$1" ]; then + set -- fluentd "$@" +fi +# If the user does not supply a config file or plugins, use the default +if [ "$1" = "fluentd" ]; then + if ! echo $@ | grep -e ' \-c' -e ' \-\-config' ; then + set -- "$@" --config /fluentd/etc/${FLUENTD_CONF} + fi + if ! echo $@ | grep -e ' \-p' -e ' \-\-plugin' ; then + set -- "$@" --plugin /fluentd/plugins + fi +fi +exec "$@" \ No newline at end of file