rsyslog介绍及安装配置
在centos 6及之前的版本叫做syslog,centos 7开始叫做rsyslog,根据官方的介绍,rsyslog(2013年版本)可以达到每秒转发百万条日志的级别,官方网址:http://www.rsyslog.com/
安装配置rsyslog
#安装rsyslog
[root@linux-node1 ~]# yum install -y rsyslog
#编辑rsyslog配置文件
[root@linux-node1 ~]# vim /etc/rsyslog.conf
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 514
local6.* /var/log/haproxy/haproxy.log # 日志记录文件
#最后面一行添加,local6对应haproxy配置文件定义的local级别,端口为Logstash的端口
local6.* @@192.168.6.240:2222创建日志文件并授权
mkdir /var/log/haproxy
chown -R haproxy.haproxy /var/log/haproxy
systemctl restart rsyslog安装配置haproxy
法一:
#安装haproxy
[root@linux-node1 ~]# yum install -y haproxy
#编辑haproxy配置文件
[root@linux-node1 ~]# vim /etc/haproxy/haproxy.cfg
global
maxconn 100000
chroot /var/lib/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /var/run/haproxy.pid
log 127.0.0.1 local6 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:123456
#frontend web_port
frontend web_port
bind 0.0.0.0:80
mode http
option httplog
log global
option forwardfor
###################ACL Setting##########################
acl pc hdr_dom(host) -i www.elk.com
acl mobile hdr_dom(host) -i m.elk.com
###################USE ACL##############################
use_backend pc_host if pc
use_backend mobile_host if mobile
########################################################
backend pc_host
mode http
option httplog
balance source
server web1 192.168.6.240:8081 check inter 2000 rise 3 fall 2 weight 1
backend mobile_host
mode http
option httplog
balance source
server web1 192.168.6.240:8080 check inter 2000 rise 3 fall 2 weight 1
#启动haproxy
[root@linux-node1 ~]# /etc/init.d/haproxy start
正在启动 haproxy: [确定]
#启动rsyslog
[root@linux-node1 ~]# /etc/init.d/rsyslog start
启动系统日志记录器:
#验证端口
[root@linux-node1 ~]# netstat -lntup
tcp 0 0 0.0.0.0:9999 0.0.0.0:* LISTEN 9082/haproxy
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 9631/haproxy
#验证进程
[root@linux-node1 ~]# ps -ef|grep haproxy
nobody 9082 1 0 14:04 ? 00:00:00 /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
#修改nginx配置文件,将端口改为8081
[root@linux-node1 ~]# vim /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
log_format access_json '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamhost":"$upstream_addr",'
'"http_host":"$host",'
'"url":"$uri",'
'"domain":"$host",'
'"xff":"$http_x_forwarded_for",'
'"referer":"$http_referer",'
'"status":"$status"}';
access_log logs/access_json.log access_json;
server {
listen 8081;
server_name 192.168.6.240;
location / {
root /code/html;
index index.html index.htm;
}
}
}
#修改tomcat配置文件,将默认站点目录改成/webapps/webdir
[root@linux-node1 ~]# vim /usr/local/tomcat/conf/server.xml
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Context path="" docBase="/usr/local/tomcat/webapps/webdir" debug="0" reloadable="false"
crossContext="true"/>
#重启nginx
[root@linux-node1 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx-1.10.3/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx-1.10.3/conf/nginx.conf test is successful
[root@linux-node1 ~]# /usr/local/nginx/sbin/nginx -s reload
#重启tomcat
[root@linux-node1 ~]# cd /usr/local/tomcat/bin/
[root@linux-node1 bin]# ./catalina.sh stop
[root@linux-node1 bin]# ./catalina.sh start
#修改本地hosts文件
192.168.6.240 www.elk.com
192.168.6.240 m.elk.com测试域名访问:
测试haproxy,打开浏览器,访问:http://www.elk.com/
测试haproxy,打开浏览器,访问:http://m.elk.com/
法二:(了解)
1.安装配置haproxy
yum -y install gcc pcre pcre-devel openssl openssl-devel
cd /usr/local/src/
wget https://www.haproxy.org/download/1.7/src/haproxy-1.7.11.tar.gz
tar xf haproxy-1.7.11.tar.gz
cd haproxy-1.7.11/
make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy
make install PREFIX=/usr/local/haproxy
/usr/local/haproxy/sbin/haproxy -v
cat /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
cat /etc/sysconfig/haproxy
# Add extra options to the haproxy daemon here. This can be useful for
# specifying multiple configuration files with multiple -f options.
# See haproxy(1) for a complete list of options.
OPTIONS=""
cp /usr/local/src/haproxy-1.7.11/haproxy /usr/sbin/
cp /usr/local/src/haproxy-1.7.11/haproxy-systemd-wrapper /usr/sbin/2.准备haproxy配置文件
mkdir /etc/haproxy
cat /etc/haproxy/haproxy.cfg
global
maxconn 100000
chroot /usr/local/haproxy
uid 1000
gid 1000
daemon
nbproc 1
pidfile /usr/local/haproxy/run/haproxy.pid
log 127.0.0.1 local6 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:123456
#frontend web_port
frontend web_port
bind 0.0.0.0:80
mode http
option httplog
log global
option forwardfor
#ACL Setting
acl pc hdr_dom(host) -i www.elk1.com
acl mobile hdr_dom(host) -i m.elk1.com
#USE ACL
use_backend pc_host if pc
use_backend mobile_host if mobile
backend pc_host
mode http
option httplog
balance source
server web1 10.0.0.22:88 check inter 2000 rise 3 fall 2 weight 1
backend mobile_host
mode http
option httplog
balance source
server web1 10.0.0.22:88 check inter 2000 rise 3 fall 2 weight 1
useradd haproxy -M -s /sbin/nologin --uid 1000
id haproxy
uid=1000(haproxy) gid=1000(haproxy) groups=1000(haproxy)
systemctl start haproxy.service
ss -tnl # 查看80端口是否启动
# haproxy不允许ip直接访问80端口,修改windows的hosts,win+r-->drivers快速打开hosts
10.0.0.22 www.elk1.com
10.0.0.22 m.elk1.com配置Logstash
#编辑Logstash配置文件
[root@linux-node1 conf.d]# vim haproxy.conf
input{
syslog {
type => "rsyslog_haproxy"
port => "2222"
}}
output{
stdout{
codec => rubydebug
}}
#启动Logstash
[root@linux-node1 conf.d]# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/haproxy.conf
#检查Logstash端口
[root@linux-node1 ~]# netstat -lntup|grep 2222
tcp 0 0 :::2222 :::* LISTEN 9867/java
udp 0 0 :::2222 :::* 9867/java访问haproxy管理页面测试数据
打开浏览器,访问:http://192.168.6.240:9999/haproxy-status
输入haproxy配置文件中的用户名和密码
用户名:haadmin
密码:123456
将输出改成ES
#进入Logstash配置文件目录
[root@linux-node1 ~]# cd /etc/logstash/conf.d
#编辑配置文件
[root@linux-node1 conf.d]# vim haproxy.conf
input{
syslog {
type => "rsyslog_haproxy"
port => "2222"
}
}
output{
elasticsearch {
hosts => ["192.168.6.241:9200"]
index => "logstash_rsyslog-%{+YYYY.MM.dd}"
}
}
#启动Logstash
[root@linux-node1 conf.d]# /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/haproxy.conf &打开浏览器,访问:http://192.168.6.241:9100/
将ES索引添加到Kibana中
打开浏览器,访问:http://192.168.6.243:5601
文档更新时间: 2019-08-02 14:49 作者:李延召
