building ha elk stack for drupal
play

BUILDING HA ELK STACK FOR DRUPAL Marji Cermak DevOps track, - PowerPoint PPT Presentation

Sep 18, 2023 •121 likes •1.16k views

BUILDING HA ELK STACK FOR DRUPAL Marji Cermak DevOps track, Experience level: Intermediate HA ELK Marji Cermak @cermakm Marji Cermak Systems Engineer at @cermakm HA ELK Marji Cermak @cermakm Scope of this presentation technical talk

  1. Elasticsearch - data storage maintenance Avoid using more than 80% of disk space Snapshot and restore module Allows to create snapshots into a remote repo ● Several backends - shared FS, AWS cloud, ● ES HDFS, Azure cloud ES AWS Cloud plugin - S3 backup ES HA ELK Marji Cermak @cermakm

  2. Elasticsearch - data storage maintenance Curator Tool to curate ES indices and snapshots ● Perfect for creating and deleting snapshots ● ES ES ES HA ELK Marji Cermak @cermakm

  3. Kibana Logstash indexer 1 ES node Logstash ES Message indexer 2 node queue ES node Kibana Logstash indexer N HA ELK Marji Cermak @cermakm

  4. Kibana Single instance (ready to be reprovisioned) If you have many heavy users, load balance across multiple Kibana instances Kibana HA ELK Marji Cermak @cermakm

  5. Kibana Don’t run kibana on existing ES node (master/data) Instead, install Kibana and ES client node on the same machine (ES client nodes are smart LB that are part of the cluster) Kibana HA ELK Marji Cermak @cermakm

  6. Progress check Are we there yet? Is it 17:28? HA ELK Marji Cermak @cermakm

  7. Progress check Some of the topics designing scalable, HA ELK stack ● Logstash indexer autoscaling ● preventing Elasticsearch to run out of diskspace ● securing log transmission with TLS/SSL, ssl offloading tricks, ELB ● upgrading your ELK stack without downtime ● different ways of getting logs from Drupal to Logstash ● HA ELK Marji Cermak @cermakm

  8. Upgrading / Patching ELK without losing data HA ELK Marji Cermak @cermakm

  9. Patching Logstash servers Shippers ELB with “Connection draining” enabled ● Add new (updated) instances ● Deregistering old instances ● Logstash shipper ELB Logstash shipper HA ELK Marji Cermak @cermakm

  10. Patching Logstash servers Indexers Provision a new instance or take it offline (no data lost, they ● consume from the queue) Logstash indexer 1 HA ELK Marji Cermak @cermakm

  11. Patching Elasticsearch nodes Rolling upgrade (no service interruption) or Full cluster restart Plugins must be upgraded alongside Elasticsearch ES ES ES HA ELK Marji Cermak @cermakm

  12. Patching Elasticsearch nodes Live migration from 1.x to 2.x or 2.x to 5 Provision new ES cluster ● Have logstash indexers write to both old and ● new cluster for a while Load data from snapshot ● ES Make Kibana use new cluster ● ES Terminate old cluster ● ES HA ELK Marji Cermak @cermakm

  13. Patching Kibana Provision new kibana server and take over the Elastic IP or ● update Kibana’s DNS record (route53) ● Kibana HA ELK Marji Cermak @cermakm

  14. Cost estimate HA ELK Marji Cermak @cermakm

  15. Cost estimate ES node Data B Source ES Logstash node Logstash shipper Message indexer ES Data queue B ELB node Source Logstash shipper Data Source Kibana HA ELK Marji Cermak @cermakm

  16. Cost estimate https://calculator.s3.amazonaws.com/index.html USD per month 1 x indexer: c4.large $77 2 x shipper: c4.large $154 3 x ES node: m4.xlarge ($175 each) $525 1 x kibana: t2.small $20 3 x SSD EBS (gp2), 1TB $350 S3, ELB, traffic ~ $80 TOTAL per month ~ $1200 HA ELK Marji Cermak @cermakm

  17. ELK Alternatives HA ELK Marji Cermak @cermakm

  18. ELK alternatives Elastic Cloud AKA “Hosted Elasticsearch & Kibana on AWS” ● no logstash ● starts at $45 per month ● Loggly, Sumo Logic, Papertrail, Logentries, many others HA ELK Marji Cermak @cermakm

  19. Complements to HA ELK HA ELK Marji Cermak @cermakm

  20. Monitoring ELK { Cluster health "cluster_name": "cluster02", "status": "green", GET _cluster/health "timed_out": false, "number_of_nodes": 1, green "number_of_data_nodes": 1, "active_primary_shards": 10, yellow "active_shards": 10, "relocating_shards": 0, red "initializing_shards": 0, "unassigned_shards": 0 } HA ELK Marji Cermak @cermakm

  21. Monitoring ELK Alerting on ES cluster status ● ES disk space and inode usage ● Logstash heartbeat ● Timestamp of the most recent record in ES cluster ● Kibana availability ● HA ELK Marji Cermak @cermakm

  22. Monitoring ELK Metrics be able to compare utilisation of cluster members ● memory and CPU, load, swap, descriptors trends ● ES monitoring - dozens of metrics, e.g. JVM performance ● HA ELK Marji Cermak @cermakm

  23. HA ELK Marji Cermak @cermakm

  24. HA ELK Marji Cermak @cermakm

  25. HA ELK Marji Cermak @cermakm

  27. Monitoring ELK Elasticsearch web admin plugins Kopf ● HA ELK Marji Cermak @cermakm

  28. HA ELK Marji Cermak @cermakm

  29. HA ELK Marji Cermak @cermakm

  30. Monitoring ELK Elasticsearch web admin plugins Kopf ● Elastic HQ ● HA ELK Marji Cermak @cermakm

  33. Getting logs from Drupal to ELK HA ELK Marji Cermak @cermakm

  34. Drupal Watchdog logs - shipping Logstash drupal_dblog input filter - not for production! input { drupal_dblog { databases => ["site1", "mysql://usr:pass@host/db"] interval => "1" } } HA ELK Marji Cermak @cermakm

  35. Drupal Watchdog logs - shipping Via syslog 1) Enable Drupal syslog module 2) Configure server rsyslog to write to dedicated logfile: create e.g. /etc/rsyslog.d/60-drupal.conf: local0.* /var/log/drupal.log HA ELK Marji Cermak @cermakm

  36. Drupal Watchdog logs - shipping Via syslog 3) Use filebeat to stream filebeat: the log lines to logstash prospectors: - paths: - /var/log/drupal.log input_type: drupalsyslog output: logstash: hosts: ["logstash.example.com:9876"] HA ELK Marji Cermak @cermakm

  37. Drupal Watchdog logs - processing Logstash grok filter - many pre-defined patterns: ● GREEDYDATA .* ● USERNAME [a-zA-Z0-9._-]+ ● POSINT \b(?:[1-9][0-9]*)\b HA ELK Marji Cermak @cermakm

  38. Drupal Watchdog logs - processing Logstash grok filter - define your owns: WATCHDOG https?://%{HOSTNAME:drupal_vhost}\|%{NUMBER:drupal_timestamp}\|( ?<drupal_action>[^\|]*)\|%{IP:drupal_ip}\|(?<drupal_request_uri> [^\|]*)\|(?<drupal_referer>[^\|]*)\|(?<drupal_uid>[^\|]*)\|(?<dr upal_link>[^\|]*)\|(?<drupal_message>.*) https://stg.d8.com|1474269512|cron|127.0.0.1|https://stg.d8.com/ ||0||Cron run completed. HA ELK Marji Cermak @cermakm

  39. Drupal Watchdog logs - processing Logstash grok filter - define your own patterns: WATCHDOG https?://%{HOSTNAME:drupal_vhost}\|%{NUMBER:drupal_timestamp}\|( ?<drupal_action>[^\|]*)\|%{IP:drupal_ip}\|(?<drupal_request_uri> [^\|]*)\|(?<drupal_referer>[^\|]*)\|(?<drupal_uid>[^\|]*)\|(?<dr upal_link>[^\|]*)\|(?<drupal_message>.*) SYSLOGWATCHDOG %{SYSLOGTIMESTAMP:logdate} %{IPORHOST:logsource} %{SYSLOGHOST:syslogprog}: %{ WATCHDOG } HA ELK Marji Cermak @cermakm

  40. Drupal Watchdog logs - processing Logstash grok filter - use your pattern filter { if [type] == "drupalsyslog" { grok { match => { "message" => "%{ SYSLOGWATCHDOG }" } } } HA ELK Marji Cermak @cermakm

  41. Drupal Watchdog logs - shipping Via the “Logs HTTP” module Provides JSON event pushing to Logs via the tag/http endpoint. ● when the Logs syslog agent is not an option ● HA ELK Marji Cermak @cermakm

  42. Wrapping up HA ELK Marji Cermak @cermakm

  43. Progress check Some of the topics designing scalable, HA ELK stack ● Logstash indexer autoscaling ● preventing Elasticsearch to run out of diskspace ● securing log transmission with TLS/SSL, ssl offloading tricks, ELB ● upgrading your ELK stack without downtime ● different ways of getting logs from Drupal to Logstash ● AND even more - cost estimates, monitoring brief, HA ELK Marji Cermak @cermakm

  44. Wrapping up Building HA ELK is a joy! The joy does not finish with its deployment, it is a continuous joy! Monitoring is a must have. HA ELK Marji Cermak @cermakm

  45. Links - where to start Official elastic ansible role / puppet module / chef cookbook: - https://github.com/elastic/ansible-elasticsearch - https://github.com/elastic/puppet-elasticsearch - https://github.com/elastic/cookbook-elasticsearch Kibana ansible role: https://github.com/marji/ansible-role-kibana Filebeat ansbile role: https://github.com/marji/ansible-role-filebeat Drupal Watchdog logstash config: - https://gist.github.com/marji/24494c3ae934a17d6f512ca855c0de69 HA ELK Marji Cermak @cermakm

  46. Links Main docs area for the ELK stack: https://www.elastic.co/guide/index.html Deploying and Scaling Logstash https://www.elastic.co/guide/en/logstash/current/deploying-and-scaling.html Follow up blog post: http://morpht.com/posts/ha-elk-drupal HA ELK Marji Cermak @cermakm

  47. Links Blog: Logs for Drupal: Why You Need Them and How to Do It https://www.loggly.com/blog/logs-for-drupal-why-you-need-them-and-how-to-do-it/ Presentation: Drupal and Logstash: centralised logging https://events.drupal.org/neworleans2016/sessions/drupal-and-logstash-centralised-logging HA ELK Marji Cermak @cermakm

  48. Questions? Thank you! @cermakm HA ELK Marji Cermak @cermakm

Recommend

THE LEADER IN DRUPAL PLATFORM DESIGN AND DEVELOPMENT Friday, November 16, 12 SHORT STACK

THE LEADER IN DRUPAL PLATFORM DESIGN AND DEVELOPMENT Friday, November 16, 12 SHORT STACK

THE LEADER IN DRUPAL PLATFORM DESIGN AND DEVELOPMENT Friday, November 16, 12 SHORT STACK INGREDIENTS FOR A SHORTER, SWEETER DRUPAL HOSTING STACK Friday, November 16, 12 http://www.flickr.com/photos/crobj/3306760492/ Friday, November 16, 12

1.02k views • 85 slides
Building sites in Drupal 7 with an eye on Drupal 8 Ashraf Abed Frdric G. Marand Session

Building sites in Drupal 7 with an eye on Drupal 8 Ashraf Abed Frdric G. Marand Session

Building sites in Drupal 7 with an eye on Drupal 8 Ashraf Abed Frdric G. Marand Session track: Site Building Introduction Ashraf Abed ashrafabed Acquia: Officially D8 All In since 07/13/2015 Identified as a Leader in new Gartner

942 views • 44 slides
Hello Im Carlos Im Brad Full Stack Drupal Developer Web Designer &amp; Developer Who Are

Hello Im Carlos Im Brad Full Stack Drupal Developer Web Designer &amp; Developer Who Are

Hello Im Carlos Im Brad Full Stack Drupal Developer Web Designer &amp; Developer Who Are These Guys? Whats the Problem? DEVELOPER STRAIN NO CMS MORE EVENTS Increasing number of hosted Developers were required for Historically

1.17k views • 28 slides
Drupal Basics an introduction to Drupal This introductory session will get the Drupal juices

Drupal Basics an introduction to Drupal This introductory session will get the Drupal juices

Drupal Basics an introduction to Drupal This introductory session will get the Drupal juices flowing, and help give a broad overview of Drupal jargon, Drupal Architecture &amp; the Drupal Community... May 21st, 2010 - SNHU, Manchester, NH

1.12k views • 52 slides
Introduction to Drupal Andrew Rudy Outline What is Drupal Why use Drupal (Pros and

Introduction to Drupal Andrew Rudy Outline What is Drupal Why use Drupal (Pros and

Introduction to Drupal Andrew Rudy Outline What is Drupal Why use Drupal (Pros and Cons) Examples of what Drupal can do How to download and install Drupal How to use Drupals user interface What is Drupal? Drupal

319 views • 18 slides
ReactSA Drupal and React Drupal? History and Background Open Source CMS First release in 2001

ReactSA Drupal and React Drupal? History and Background Open Source CMS First release in 2001

23 OCTOBER 2018 ReactSA Drupal and React Drupal? History and Background Open Source CMS First release in 2001 by Dries Buytaert Written in PHP. Runs on LAMP stack. Come for the Code; Stay for the Community. Free as in freedom and free as in

444 views • 15 slides
Search API ecosystem in Drupal 8 Joris Vercammen | @borisson Site building https:/

Search API ecosystem in Drupal 8 Joris Vercammen | @borisson Site building https:/

Search API ecosystem in Drupal 8 Joris Vercammen | @borisson Site building https:/ /events.drupal.org/dublin2016/sessions/search-api-ecosystem-drupal-8 Search API Search API Solr Facets More addon modules Custom code

1.2k views • 71 slides
Mostly Core Constructing real world sites [mostly] using Drupal 8 core Karen Stevenson

Mostly Core Constructing real world sites [mostly] using Drupal 8 core Karen Stevenson

Mostly Core Constructing real world sites [mostly] using Drupal 8 core Karen Stevenson DrupalCamp Florida March 2016 Drupal Drupal Drupal Drupal Drupal Drupal Drupal User Stories Demo Site Drupal 8 core Bootstrap subtheme

537 views • 24 slides
LET THE PROJECT FLOW Front end and PM Lessons learned from building a Drupal 8 website for one of

LET THE PROJECT FLOW Front end and PM Lessons learned from building a Drupal 8 website for one of

LET THE PROJECT FLOW Front end and PM Lessons learned from building a Drupal 8 website for one of the nations largest water utilities, Denver Water Presented by James David Saul Intro/About Civic Research Drupal 8: Modules The Way and Why

678 views • 47 slides
Decoupled site building Drupal's next challenge Preston So 28 Sep 2017 DrupalCon

Decoupled site building Drupal's next challenge Preston So 28 Sep 2017 DrupalCon

Decoupled site building Drupal's next challenge Preston So 28 Sep 2017 DrupalCon Vienna 2017 Herzlich Willkommen! Preston So has been a web developer and designer since 2001, a creative professional since 2004, and a Drupal

1.35k views • 97 slides
Building Faster Drupal Sites Adventures in optimizing the critical path and intelligent asset

Building Faster Drupal Sites Adventures in optimizing the critical path and intelligent asset

Building Faster Drupal Sites Adventures in optimizing the critical path and intelligent asset management Who am I? Front-end Drupal Developer at Chapter Three Life-long HTML addict @bollskis Measure everything, for science

276 views • 24 slides
Why Im looking forward to Drupal 8 Who Am I? Jim Taylor drupal.org/u/bigjim @jalama

Why Im looking forward to Drupal 8 Who Am I? Jim Taylor drupal.org/u/bigjim @jalama

Why Im looking forward to Drupal 8 Who Am I? Jim Taylor drupal.org/u/bigjim @jalama Currently: Manager, Web Development @ Highlights for Children Yes Were Hiring! Started with Drupal in 2007 (Drupal 5.2) Past Roles: Owned a small

546 views • 31 slides
DRUPAL [ REMOTELY ] Is Remote Drupal Employment For You? Gray Sadler, Drupal Developer Drupal

DRUPAL [ REMOTELY ] Is Remote Drupal Employment For You? Gray Sadler, Drupal Developer Drupal

DRUPAL [ REMOTELY ] Is Remote Drupal Employment For You? Gray Sadler, Drupal Developer Drupal Camp 2014 | Orlando, Florida DRUPAL [ REMOTELY ] WHATS ON THE MENU TODAY? Working Remotely Challenges Finding Remote Employment [

578 views • 19 slides
Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella

Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella

Lessons Learned from Building a Large Multilingual, Multi-region Website in Drupal 8 Stella Power Photo credit: mumsabroad.com A bit about me Drupal hobbyist Founder of Annertech Backend developer

509 views • 38 slides
Developer Isolation: How DevOps Helps Team Building Baltimore Drupal Camp - Oct. 12 th , 2018

Developer Isolation: How DevOps Helps Team Building Baltimore Drupal Camp - Oct. 12 th , 2018

Developer Isolation: How DevOps Helps Team Building Baltimore Drupal Camp - Oct. 12 th , 2018 Matt Westgate @mettamatt About Me 15+ years of Drupal. Yikes! Iowa native DevOps is a collaboration movement. Development Production

908 views • 29 slides
site with Apache solr Presentation by Janmejaya Mishra (drupal.org id - janmejaya) Deepak

site with Apache solr Presentation by Janmejaya Mishra (drupal.org id - janmejaya) Deepak

Building search engine for Drupal site with Apache solr Presentation by Janmejaya Mishra (drupal.org id - janmejaya) Deepak Kumar (drupal.org id deepak_123) 1. Drupal default search 2. Limitations of drupal default search 3.

700 views • 19 slides
FolderShare: Building a data sharing cloud on Drupal 8 for researchers Amit Chourasia, David

FolderShare: Building a data sharing cloud on Drupal 8 for researchers Amit Chourasia, David

FolderShare: Building a data sharing cloud on Drupal 8 for researchers Amit Chourasia, David Nadeau &amp; Michael Norman San Diego Supercomputer Center, UC San Diego Project code: dibbs.seedme.org/downloads or drupal.org/projects/foldershare

716 views • 54 slides
2016-09-28 Routing in Drupal 9, and lessons learned in Drupal 8 Peter Wolanin

2016-09-28 Routing in Drupal 9, and lessons learned in Drupal 8 Peter Wolanin

2016-09-28 Routing in Drupal 9, and lessons learned in Drupal 8 Peter Wolanin drupal.org/u/pwolanin Track: Core Conversations events.drupal.org/dublin2016/sessions/routing-drupal-9-and-lessons-learned-drupal-8 This is a Conversation If I get

631 views • 23 slides
Drupal for Designers Not decorating on top of what Drupal gives you, but rather, letting

Drupal for Designers Not decorating on top of what Drupal gives you, but rather, letting

Drupal for Designers Not decorating on top of what Drupal gives you, but rather, letting Drupals default behavior simply provide a guide for your design. Drupal for Designers by Dani Nordin http://my.safaribooksonline.com

736 views • 26 slides
Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Hello My Name Is Frank

Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Hello My Name Is Frank

Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Hello My Name Is Frank Hello My Name Is Frank I am a Christian, Father, and Technology Enthusiast. Online my name is frob (IRC, d.o, github) On Twitter I am @frobdfas My Blog

616 views • 44 slides
15+ Ways to Debug Drupal 8 Zakiya Khabir Drupal Developer, Chapter Three Why this talk?

15+ Ways to Debug Drupal 8 Zakiya Khabir Drupal Developer, Chapter Three Why this talk?

Stanford Drupal Camp 15+ Ways to Debug Drupal 8 Zakiya Khabir Drupal Developer, Chapter Three Why this talk? End of dpm() Kint complaints Rumors of a better way Audience D7 front-enders New to Drupal Current D8 devs

1.41k views • 48 slides
Stack and Queue Stack Overview Stack ADT Basic operations of stack Pushing, popping

Stack and Queue Stack Overview Stack ADT Basic operations of stack Pushing, popping

Stack and Queue Stack Overview Stack ADT Basic operations of stack Pushing, popping etc. Implementations of stacks using array linked list The Stack ADT A stack is a list with the restriction that insertions and

566 views • 44 slides
How Drupal serves global biosecurity Joshua Li Senior Drupal Developer Technocrat About me

How Drupal serves global biosecurity Joshua Li Senior Drupal Developer Technocrat About me

Birds, bees and monster fish: How Drupal serves global biosecurity Joshua Li Senior Drupal Developer Technocrat About me Drupal dev in Technocrat Australia Drupal ID: rli Public sector Twitter: rujiali Module maintainer My

614 views • 30 slides
Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Speaker notes Talk to me

Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Speaker notes Talk to me

Talk to me Drupal Talk to me Drupal Using Drupal to power a Voice App Speaker notes Talk to me Drupal; Using Drupal to power a Voice App You should be able to follow along by visiting the link below. If you have an Echo device, please mute the

1.67k views • 87 slides

More recommend