This helps in building and maintaining a mental model of the system, which of course is very useful when debugging and maintaining the system in general. Step 0: RTFMĪs always, the first thing to do is to read up on the technology involved and get an intuition for how they work together and what they ought to be doing. So for now, I’m exploring other options, though I love that Graylog has tried to reduce the number of things you need to get together to watch logs.Īs this post is a series, it’s good to keep in mind that logging is just one small piece of application “observability” and I haven’t heard too much belly-aching about any of these tools – they’re the trusted go-to’s of the current day and age. In the past I’ve had issues trying to run Graylog using Docker Compose on a smallish 2-physical-core VM, and it just failed kind of silently (had to go find spelunking through logs, rather than the container exiting or failing obviously). ![]() The only indication of hardware requirements I’ve found is a blurb on the OpenStack Installation docs that suggest you reserve at least 4GB for the instance.Īs Graylog would most likely be IO bound rather than CPU bound I’m sure you could get away with 1 or 2 physical cores. ![]() The resource requirements for Graylog are surprisingly hard to find as well despite very good official documentation. What I lose in time I’m hoping I will gain in understanding/insight into these systems and Kubernetes adminisration at large.Ī note on why I didn’t use Graylog: I’ve used Graylog in the past and didn’t want to use it again here just because it was kind of heavy (including all it’s requisite components like Mongo and Elastic Search itself). I chose to go with the EFKK stack for monitoring because I’d like to try out FluentD, and I’m building it manually intead of using the addon code so I can get a feel for the pieces myself (if but a little). Use the Kubernetes ElasticSearch + FluentD addon (though the version is a little older, it’s officially supported and probably a super good bet).Graylog as a fully standalone replacement for the whole stack.LogStash instead of FluentD (the ELK “Elastic” stack, possibly using Elastic Search’s new “Beats” product instead of Logstash itself).FluentBit (feel free to check out the page on how they differ) instead of regular FluentD.There are lots of ways to do what I’m attempting to do, for example: Part 3: Adding distributed tracing with Jaeger. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |