Linux系统之部署Rsyslog 日志服务器
【摘要】 Linux系统之部署Rsyslog 日志服务器
一、检查服务器系统版本
[root@master ~]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
二、在master节点上配置
1.修改/etc/rsyslog.conf
取消以下几行注释
2.开启日志服务
[root@master ~]# systemctl start rsyslog
[root@master ~]# systemctl enable rsyslog
3.查看日志服务状态
[root@master ~]# systemctl status rsyslog
● rsyslog.service - System Logging Service
Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2022-10-26 15:06:24 CST; 2h 47min ago
Docs: man:rsyslogd(8)
http://www.rsyslog.com/doc/
Main PID: 7775 (rsyslogd)
CGroup: /system.slice/rsyslog.service
└─7775 /usr/sbin/rsyslogd -n
Oct 26 15:06:18 master systemd[1]: Starting System Logging Service...
Oct 26 15:06:24 master rsyslogd[7775]: [origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="7775" x-info="http://www.rsyslog.com"] start
Oct 26 15:06:24 master systemd[1]: Started System Logging Service.
Hint: Some lines were ellipsized, use -l to show in full.
4.关闭防火墙
[root@master ~]# systemctl disable firewalld
[root@master ~]# systemctl stop firewalld
三、在node节点操作
1.编辑/etc/rsyslog.conf
将 info 级别日志传送到日志服务器
2.重启日志服务
systemctl restart rsyslog
四、在master日志服务器查看node节点日志信息
[root@master ~]# tail /var/log/messages
Oct 26 18:07:23 master systemd: Stopped System Logging Service.
Oct 26 18:07:23 master systemd: Starting System Logging Service...
Oct 26 18:07:23 master rsyslogd: [origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="129582" x-info="http://www.rsyslog.com"] start
Oct 26 18:07:23 master systemd: Started System Logging Service.
Oct 26 18:07:16 node01 systemd: Stopping System Logging Service...
Oct 26 18:07:16 node01 rsyslogd: [origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="129134" x-info="http://www.rsyslog.com"] exiting on signal 15.
Oct 26 18:07:16 node01 systemd: Stopped System Logging Service.
Oct 26 18:07:16 node01 systemd: Starting System Logging Service...
Oct 26 18:07:16 node01 rsyslogd: [origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="130443" x-info="http://www.rsyslog.com"] start
Oct 26 18:07:16 node01 systemd: Started System Logging Service.
五、修改日志文件主机名为 IP 地址
1.mster节点修改/etc/rsyslog.conf
新增以下内容,注释原来默认模板
$template TraditionalFileFormat,"%TIMESTAMP% %FROMHOST-IP% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
$ActionFileDefaultTemplate TraditionalFileFormat
2.重启日志服务
systemctl restart rsyslog
4.在node节点重启ssh服务
[root@node01 ~]# systemctl restart rsyslog
[root@node01 ~]# systemctl restart sshd
5.在master日志服务器查看日志效果
[root@master ~]# tail /var/log/messages
Oct 26 18:28:58 192.168.3.91 image-cri-shim: 2022-10-26T18:28:58 #033[34minfo#033[0m #033[34mdomain: k8s.gcr.io, imageName: pause:3.7, action: ImageStatus#033[0m
Oct 26 18:28:58 192.168.3.91 image-cri-shim: 2022-10-26T18:28:58 #033[34minfo#033[0m #033[34maddress: http://sealos.hub:5000, base64: YWRtaW46cGFzc3cwcmQ=, imageName: pause#033[0m
Oct 26 18:28:58 192.168.3.91 image-cri-shim: 2022-10-26T18:28:58 #033[34minfo#033[0m #033[34mpre image name: pause, pre image tag: 3.7#033[0m
Oct 26 18:29:21 127.0.0.1 registry: time="2022-10-26T18:29:21.527136696+08:00" level=info msg="authorized request" go.version=go1.16.15 http.request.host="sealos.hub:5000" http.request.id=6d08c26d-a4fd-454c-a850-0c5c17a53d31 http.request.method=GET http.request.remoteaddr="192.168.3.91:38332" http.request.uri="/v2/pause/tags/list" http.request.useragent="kube-probe/v0.0.0-master+unknown" vars.name=pause
Oct 26 18:29:21 127.0.0.1 registry: time="2022-10-26T18:29:21.527326642+08:00" level=info msg="response completed" go.version=go1.16.15 http.request.host="sealos.hub:5000" http.request.id=6d08c26d-a4fd-454c-a850-0c5c17a53d31 http.request.method=GET http.request.remoteaddr="192.168.3.91:38332" http.request.uri="/v2/pause/tags/list" http.request.useragent="kube-probe/v0.0.0-master+unknown" http.response.contenttype="application/json; charset=utf-8" http.response.duration=59.004744ms http.response.status=200 http.response.written=32
Oct 26 18:29:21 127.0.0.1 registry: 192.168.3.91 - - [26/Oct/2022:18:29:21 +0800] "GET /v2/pause/tags/list HTTP/1.1" 200 32 "" "kube-probe/v0.0.0-master+unknown"
Oct 26 18:28:58 192.168.3.91 image-cri-shim: 2022-10-26T18:28:58 #033[34minfo#033[0m #033[34mdata: {"name":"pause","tags":["3.7"]}
Oct 26 18:28:58 192.168.3.91 image-cri-shim: #033[0m
Oct 26 18:28:58 192.168.3.91 image-cri-shim: 2022-10-26T18:28:58 #033[34minfo#033[0m #033[34mimageTag found in registry.Tags#033[0m
Oct 26 18:28:58 192.168.3.91 image-cri-shim: 2022-10-26T18:28:58 #033[34minfo#033[0m #033[34mbegin image: k8s.gcr.io/pause:3.7, after image: sealos.hub:5000/pause:3.7, action: ImageStatus#033[0m
【版权声明】本文为华为云社区用户原创内容,转载时必须标注文章的来源(华为云社区)、文章链接、文章作者等基本信息, 否则作者和本社区有权追究责任。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱:
cloudbbs@huaweicloud.com
- 点赞
- 收藏
- 关注作者
评论(0)