building ha elk stack for drupal
play

BUILDING HA ELK STACK FOR DRUPAL Marji Cermak DevOps track, - PowerPoint PPT Presentation

Sep 18, 2023 •121 likes •1.16k views

BUILDING HA ELK STACK FOR DRUPAL Marji Cermak DevOps track, Experience level: Intermediate HA ELK Marji Cermak @cermakm Marji Cermak Systems Engineer at @cermakm HA ELK Marji Cermak @cermakm Scope of this presentation technical talk

  1. Elasticsearch - data storage maintenance Avoid using more than 80% of disk space Snapshot and restore module Allows to create snapshots into a remote repo ● Several backends - shared FS, AWS cloud, ● ES HDFS, Azure cloud ES AWS Cloud plugin - S3 backup ES HA ELK Marji Cermak @cermakm

  2. Elasticsearch - data storage maintenance Curator Tool to curate ES indices and snapshots ● Perfect for creating and deleting snapshots ● ES ES ES HA ELK Marji Cermak @cermakm

  3. Kibana Logstash indexer 1 ES node Logstash ES Message indexer 2 node queue ES node Kibana Logstash indexer N HA ELK Marji Cermak @cermakm

  4. Kibana Single instance (ready to be reprovisioned) If you have many heavy users, load balance across multiple Kibana instances Kibana HA ELK Marji Cermak @cermakm

  5. Kibana Don’t run kibana on existing ES node (master/data) Instead, install Kibana and ES client node on the same machine (ES client nodes are smart LB that are part of the cluster) Kibana HA ELK Marji Cermak @cermakm

  6. Progress check Are we there yet? Is it 17:28? HA ELK Marji Cermak @cermakm

  7. Progress check Some of the topics designing scalable, HA ELK stack ● Logstash indexer autoscaling ● preventing Elasticsearch to run out of diskspace ● securing log transmission with TLS/SSL, ssl offloading tricks, ELB ● upgrading your ELK stack without downtime ● different ways of getting logs from Drupal to Logstash ● HA ELK Marji Cermak @cermakm

  8. Upgrading / Patching ELK without losing data HA ELK Marji Cermak @cermakm

  9. Patching Logstash servers Shippers ELB with “Connection draining” enabled ● Add new (updated) instances ● Deregistering old instances ● Logstash shipper ELB Logstash shipper HA ELK Marji Cermak @cermakm

  10. Patching Logstash servers Indexers Provision a new instance or take it offline (no data lost, they ● consume from the queue) Logstash indexer 1 HA ELK Marji Cermak @cermakm

  11. Patching Elasticsearch nodes Rolling upgrade (no service interruption) or Full cluster restart Plugins must be upgraded alongside Elasticsearch ES ES ES HA ELK Marji Cermak @cermakm

  12. Patching Elasticsearch nodes Live migration from 1.x to 2.x or 2.x to 5 Provision new ES cluster ● Have logstash indexers write to both old and ● new cluster for a while Load data from snapshot ● ES Make Kibana use new cluster ● ES Terminate old cluster ● ES HA ELK Marji Cermak @cermakm

  13. Patching Kibana Provision new kibana server and take over the Elastic IP or ● update Kibana’s DNS record (route53) ● Kibana HA ELK Marji Cermak @cermakm

  14. Cost estimate HA ELK Marji Cermak @cermakm

  15. Cost estimate ES node Data B Source ES Logstash node Logstash shipper Message indexer ES Data queue B ELB node Source Logstash shipper Data Source Kibana HA ELK Marji Cermak @cermakm

  16. Cost estimate https://calculator.s3.amazonaws.com/index.html USD per month 1 x indexer: c4.large $77 2 x shipper: c4.large $154 3 x ES node: m4.xlarge ($175 each) $525 1 x kibana: t2.small $20 3 x SSD EBS (gp2), 1TB $350 S3, ELB, traffic ~ $80 TOTAL per month ~ $1200 HA ELK Marji Cermak @cermakm

  17. ELK Alternatives HA ELK Marji Cermak @cermakm

  18. ELK alternatives Elastic Cloud AKA “Hosted Elasticsearch & Kibana on AWS” ● no logstash ● starts at $45 per month ● Loggly, Sumo Logic, Papertrail, Logentries, many others HA ELK Marji Cermak @cermakm

  19. Complements to HA ELK HA ELK Marji Cermak @cermakm

  20. Monitoring ELK { Cluster health "cluster_name": "cluster02", "status": "green", GET _cluster/health "timed_out": false, "number_of_nodes": 1, green "number_of_data_nodes": 1, "active_primary_shards": 10, yellow "active_shards": 10, "relocating_shards": 0, red "initializing_shards": 0, "unassigned_shards": 0 } HA ELK Marji Cermak @cermakm

  21. Monitoring ELK Alerting on ES cluster status ● ES disk space and inode usage ● Logstash heartbeat ● Timestamp of the most recent record in ES cluster ● Kibana availability ● HA ELK Marji Cermak @cermakm

  22. Monitoring ELK Metrics be able to compare utilisation of cluster members ● memory and CPU, load, swap, descriptors trends ● ES monitoring - dozens of metrics, e.g. JVM performance ● HA ELK Marji Cermak @cermakm

  23. HA ELK Marji Cermak @cermakm

  24. HA ELK Marji Cermak @cermakm

  25. HA ELK Marji Cermak @cermakm

  27. Monitoring ELK Elasticsearch web admin plugins Kopf ● HA ELK Marji Cermak @cermakm

  28. HA ELK Marji Cermak @cermakm

  29. HA ELK Marji Cermak @cermakm

  30. Monitoring ELK Elasticsearch web admin plugins Kopf ● Elastic HQ ● HA ELK Marji Cermak @cermakm

  33. Getting logs from Drupal to ELK HA ELK Marji Cermak @cermakm

  34. Drupal Watchdog logs - shipping Logstash drupal_dblog input filter - not for production! input { drupal_dblog { databases => ["site1", "mysql://usr:pass@host/db"] interval => "1" } } HA ELK Marji Cermak @cermakm

  35. Drupal Watchdog logs - shipping Via syslog 1) Enable Drupal syslog module 2) Configure server rsyslog to write to dedicated logfile: create e.g. /etc/rsyslog.d/60-drupal.conf: local0.* /var/log/drupal.log HA ELK Marji Cermak @cermakm

  36. Drupal Watchdog logs - shipping Via syslog 3) Use filebeat to stream filebeat: the log lines to logstash prospectors: - paths: - /var/log/drupal.log input_type: drupalsyslog output: logstash: hosts: ["logstash.example.com:9876"] HA ELK Marji Cermak @cermakm

  37. Drupal Watchdog logs - processing Logstash grok filter - many pre-defined patterns: ● GREEDYDATA .* ● USERNAME [a-zA-Z0-9._-]+ ● POSINT \b(?:[1-9][0-9]*)\b HA ELK Marji Cermak @cermakm

  38. Drupal Watchdog logs - processing Logstash grok filter - define your owns: WATCHDOG https?://%{HOSTNAME:drupal_vhost}\|%{NUMBER:drupal_timestamp}\|( ?<drupal_action>[^\|]*)\|%{IP:drupal_ip}\|(?<drupal_request_uri> [^\|]*)\|(?<drupal_referer>[^\|]*)\|(?<drupal_uid>[^\|]*)\|(?<dr upal_link>[^\|]*)\|(?<drupal_message>.*) https://stg.d8.com|1474269512|cron|127.0.0.1|https://stg.d8.com/ ||0||Cron run completed. HA ELK Marji Cermak @cermakm

  39. Drupal Watchdog logs - processing Logstash grok filter - define your own patterns: WATCHDOG https?://%{HOSTNAME:drupal_vhost}\|%{NUMBER:drupal_timestamp}\|( ?<drupal_action>[^\|]*)\|%{IP:drupal_ip}\|(?<drupal_request_uri> [^\|]*)\|(?<drupal_referer>[^\|]*)\|(?<drupal_uid>[^\|]*)\|(?<dr upal_link>[^\|]*)\|(?<drupal_message>.*) SYSLOGWATCHDOG %{SYSLOGTIMESTAMP:logdate} %{IPORHOST:logsource} %{SYSLOGHOST:syslogprog}: %{ WATCHDOG } HA ELK Marji Cermak @cermakm

  40. Drupal Watchdog logs - processing Logstash grok filter - use your pattern filter { if [type] == "drupalsyslog" { grok { match => { "message" => "%{ SYSLOGWATCHDOG }" } } } HA ELK Marji Cermak @cermakm

  41. Drupal Watchdog logs - shipping Via the “Logs HTTP” module Provides JSON event pushing to Logs via the tag/http endpoint. ● when the Logs syslog agent is not an option ● HA ELK Marji Cermak @cermakm

  42. Wrapping up HA ELK Marji Cermak @cermakm

  43. Progress check Some of the topics designing scalable, HA ELK stack ● Logstash indexer autoscaling ● preventing Elasticsearch to run out of diskspace ● securing log transmission with TLS/SSL, ssl offloading tricks, ELB ● upgrading your ELK stack without downtime ● different ways of getting logs from Drupal to Logstash ● AND even more - cost estimates, monitoring brief, HA ELK Marji Cermak @cermakm

  44. Wrapping up Building HA ELK is a joy! The joy does not finish with its deployment, it is a continuous joy! Monitoring is a must have. HA ELK Marji Cermak @cermakm

  45. Links - where to start Official elastic ansible role / puppet module / chef cookbook: - https://github.com/elastic/ansible-elasticsearch - https://github.com/elastic/puppet-elasticsearch - https://github.com/elastic/cookbook-elasticsearch Kibana ansible role: https://github.com/marji/ansible-role-kibana Filebeat ansbile role: https://github.com/marji/ansible-role-filebeat Drupal Watchdog logstash config: - https://gist.github.com/marji/24494c3ae934a17d6f512ca855c0de69 HA ELK Marji Cermak @cermakm

  46. Links Main docs area for the ELK stack: https://www.elastic.co/guide/index.html Deploying and Scaling Logstash https://www.elastic.co/guide/en/logstash/current/deploying-and-scaling.html Follow up blog post: http://morpht.com/posts/ha-elk-drupal HA ELK Marji Cermak @cermakm

  47. Links Blog: Logs for Drupal: Why You Need Them and How to Do It https://www.loggly.com/blog/logs-for-drupal-why-you-need-them-and-how-to-do-it/ Presentation: Drupal and Logstash: centralised logging https://events.drupal.org/neworleans2016/sessions/drupal-and-logstash-centralised-logging HA ELK Marji Cermak @cermakm

  48. Questions? Thank you! @cermakm HA ELK Marji Cermak @cermakm

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

THE LEADER IN DRUPAL PLATFORM DESIGN AND DEVELOPMENT Friday, November 16, 12 SHORT STACK

THE LEADER IN DRUPAL PLATFORM DESIGN AND DEVELOPMENT Friday, November 16, 12 SHORT STACK

THE LEADER IN DRUPAL PLATFORM DESIGN AND DEVELOPMENT Friday, November 16, 12 SHORT STACK INGREDIENTS FOR A SHORTER, SWEETER DRUPAL HOSTING STACK Friday, November 16, 12 http://www.flickr.com/photos/crobj/3306760492/ Friday, November 16, 12

1.02k views • 85 slides
Building sites in Drupal 7 with an eye on Drupal 8 Ashraf Abed Frdric G. Marand Session

Building sites in Drupal 7 with an eye on Drupal 8 Ashraf Abed Frdric G. Marand Session

Building sites in Drupal 7 with an eye on Drupal 8 Ashraf Abed Frdric G. Marand Session track: Site Building Introduction Ashraf Abed ashrafabed Acquia: Officially D8 All In since 07/13/2015 Identified as a Leader in new Gartner

942 views • 44 slides
Hello Im Carlos Im Brad Full Stack Drupal Developer Web Designer &amp; Developer Who Are

Hello Im Carlos Im Brad Full Stack Drupal Developer Web Designer &amp; Developer Who Are

Hello Im Carlos Im Brad Full Stack Drupal Developer Web Designer &amp; Developer Who Are These Guys? Whats the Problem? DEVELOPER STRAIN NO CMS MORE EVENTS Increasing number of hosted Developers were required for Historically

1.17k views • 28 slides
Drupal Basics an introduction to Drupal This introductory session will get the Drupal juices

Drupal Basics an introduction to Drupal This introductory session will get the Drupal juices

Drupal Basics an introduction to Drupal This introductory session will get the Drupal juices flowing, and help give a broad overview of Drupal jargon, Drupal Architecture &amp; the Drupal Community... May 21st, 2010 - SNHU, Manchester, NH

1.12k views • 52 slides
Introduction to Drupal Andrew Rudy Outline What is Drupal Why use Drupal (Pros and

Introduction to Drupal Andrew Rudy Outline What is Drupal Why use Drupal (Pros and

Introduction to Drupal Andrew Rudy Outline What is Drupal Why use Drupal (Pros and Cons) Examples of what Drupal can do How to download and install Drupal How to use Drupals user interface What is Drupal? Drupal

319 views • 18 slides
ReactSA Drupal and React Drupal? History and Background Open Source CMS First release in 2001

ReactSA Drupal and React Drupal? History and Background Open Source CMS First release in 2001

23 OCTOBER 2018 ReactSA Drupal and React Drupal? History and Background Open Source CMS First release in 2001 by Dries Buytaert Written in PHP. Runs on LAMP stack. Come for the Code; Stay for the Community. Free as in freedom and free as in

444 views • 15 slides
Search API ecosystem in Drupal 8 Joris Vercammen | @borisson Site building https:/

Search API ecosystem in Drupal 8 Joris Vercammen | @borisson Site building https:/

Search API ecosystem in Drupal 8 Joris Vercammen | @borisson Site building https:/ /events.drupal.org/dublin2016/sessions/search-api-ecosystem-drupal-8 Search API Search API Solr Facets More addon modules Custom code

1.2k views • 71 slides
Mostly Core Constructing real world sites [mostly] using Drupal 8 core Karen Stevenson

Mostly Core Constructing real world sites [mostly] using Drupal 8 core Karen Stevenson

Mostly Core Constructing real world sites [mostly] using Drupal 8 core Karen Stevenson DrupalCamp Florida March 2016 Drupal Drupal Drupal Drupal Drupal Drupal Drupal User Stories Demo Site Drupal 8 core Bootstrap subtheme

537 views • 24 slides
LET THE PROJECT FLOW Front end and PM Lessons learned from building a Drupal 8 website for one of

LET THE PROJECT FLOW Front end and PM Lessons learned from building a Drupal 8 website for one of

LET THE PROJECT FLOW Front end and PM Lessons learned from building a Drupal 8 website for one of the nations largest water utilities, Denver Water Presented by James David Saul Intro/About Civic Research Drupal 8: Modules The Way and Why

678 views • 47 slides
Decoupled site building Drupal's next challenge Preston So 28 Sep 2017 DrupalCon

Decoupled site building Drupal's next challenge Preston So 28 Sep 2017 DrupalCon

Decoupled site building Drupal's next challenge Preston So 28 Sep 2017 DrupalCon Vienna 2017 Herzlich Willkommen! Preston So has been a web developer and designer since 2001, a creative professional since 2004, and a Drupal

1.35k views • 97 slides
Building Faster Drupal Sites Adventures in optimizing the critical path and intelligent asset

Building Faster Drupal Sites Adventures in optimizing the critical path and intelligent asset

Building Faster Drupal Sites Adventures in optimizing the critical path and intelligent asset management Who am I? Front-end Drupal Developer at Chapter Three Life-long HTML addict @bollskis Measure everything, for science

276 views • 24 slides
Why Im looking forward to Drupal 8 Who Am I? Jim Taylor drupal.org/u/bigjim @jalama

Why Im looking forward to Drupal 8 Who Am I? Jim Taylor drupal.org/u/bigjim @jalama

Why Im looking forward to Drupal 8 Who Am I? Jim Taylor drupal.org/u/bigjim @jalama Currently: Manager, Web Development @ Highlights for Children Yes Were Hiring! Started with Drupal in 2007 (Drupal 5.2) Past Roles: Owned a small

546 views • 31 slides
DRUPAL [ REMOTELY ] Is Remote Drupal Employment For You? Gray Sadler, Drupal Developer Drupal

DRUPAL [ REMOTELY ] Is Remote Drupal Employment For You? Gray Sadler, Drupal Developer Drupal

DRUPAL [ REMOTELY ] Is Remote Drupal Employment For You? Gray Sadler, Drupal Developer Drupal Camp 2014 | Orlando, Florida DRUPAL [ REMOTELY ] WHATS ON THE MENU TODAY? Working Remotely Challenges Finding Remote Employment [

578 views • 19 slides
Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella

Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella

Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella Power Photo credit: mumsabroad.com A bit about me Drupal hobbyist Founder of Annertech Backend developer

509 views • 38 slides
Developer Isolation: How DevOps Helps Team Building Baltimore Drupal Camp - Oct. 12 th , 2018

Developer Isolation: How DevOps Helps Team Building Baltimore Drupal Camp - Oct. 12 th , 2018

Developer Isolation: How DevOps Helps Team Building Baltimore Drupal Camp - Oct. 12 th , 2018 Matt Westgate @mettamatt About Me 15+ years of Drupal. Yikes! Iowa native DevOps is a collaboration movement. Development Production

908 views • 29 slides
site with Apache solr Presentation by Janmejaya Mishra (drupal.org id - janmejaya) Deepak

site with Apache solr Presentation by Janmejaya Mishra (drupal.org id - janmejaya) Deepak

Building search engine for Drupal site with Apache solr Presentation by Janmejaya Mishra (drupal.org id - janmejaya) Deepak Kumar (drupal.org id deepak_123) 1. Drupal default search 2. Limitations of drupal default search 3.

700 views • 19 slides
EU Codes Implementation Workshop Feedback and Future Event A really good bottom up A good

EU Codes Implementation Workshop Feedback and Future Event A really good bottom up A good

EU Codes Implementation Workshop Feedback and Future Event A really good bottom up A good range of Very useful to be able stakeholders, and not guide to how the to ask detailed changes will be just usual regulatory questions and

202 views • 3 slides
XRN4930 - Requirement to inform Shipper of Meter Link Code changes HLSO Supporting Slides

XRN4930 - Requirement to inform Shipper of Meter Link Code changes HLSO Supporting Slides

XRN4930 - Requirement to inform Shipper of Meter Link Code changes HLSO Supporting Slides Overview During DSG development and HLSO review, members asked a number of questions that would support any decision being made at ChMC Questions

407 views • 3 slides
i j = = i 1 j 1 Shipments from source i to destination j Shipments from x

i j = = i 1 j 1 Shipments from source i to destination j Shipments from x

Introduction to the transportation problem s Supply at source i : i d Contractual commitment to deliver to destination j : j For feasibility we require Total supply total demand m n s d i j = = i 1 j 1 Shipments

339 views • 4 slides
Running the Processing environment on ARM SBCs Lessons learned &amp; whats missing for

Running the Processing environment on ARM SBCs Lessons learned &amp; whats missing for

Running the Processing environment on ARM SBCs Lessons learned &amp; whats missing for having an Arduino equivalent on top of Linux Gottfried Haider @mrgohai Processing Processing a flexible software sketchbook and a language for

464 views • 29 slides
Monitor your containers with the Elastic Stack Monica Sarbu Monica Sarbu Team lead, Beats team

Monitor your containers with the Elastic Stack Monica Sarbu Monica Sarbu Team lead, Beats team

Monitor your containers with the Elastic Stack Monica Sarbu Monica Sarbu Team lead, Beats team monica@elastic.co @monicasarbu 3 Monitor your containers with the Elastic Stack Elastic Stack @monicasarbu 5 Beats are lightweight shippers

1.01k views • 45 slides
33:010:458 33:010:458 Accounting Information Accounting Information Systems Systems Dr. Peter

33:010:458 33:010:458 Accounting Information Accounting Information Systems Systems Dr. Peter

33:010:458 33:010:458 Accounting Information Accounting Information Systems Systems Dr. Peter R. Gillett Associate Professor Department of Accounting, Business Ethics and Information Systems Rutgers Business SchoolNewark and New

774 views • 42 slides
GAS INDUSTRY WORKSHOP TSO UPDATE 21 ST NOVEMBER 2016 PRESENTATION STRUCTURE CJV Update:

GAS INDUSTRY WORKSHOP TSO UPDATE 21 ST NOVEMBER 2016 PRESENTATION STRUCTURE CJV Update:

GAS INDUSTRY WORKSHOP TSO UPDATE 21 ST NOVEMBER 2016 PRESENTATION STRUCTURE CJV Update: CJV Overview CJV Activities Programme Single Code Extension of Transportation Agreement Capacity Statement

783 views • 74 slides
Communicatin Centered Programming for Embedded Systems Sakura Bhandari, Shoji Yuen (Nagoya

Communicatin Centered Programming for Embedded Systems Sakura Bhandari, Shoji Yuen (Nagoya

Communicatin Centered Programming for Embedded Systems Sakura Bhandari, Shoji Yuen (Nagoya University) Presented at SOA workshop in APSEC2007 (Dec. 2007, Nagoya) 1 Basics09 workshop( ), 10/12/2009 Motivation: Behavior descriptions

881 views • 48 slides

More recommend