README.md

Demo nginMesh streaming using Graylog

Graylog is a powerful log management and analysis tool that has many use cases, from monitoring to debugging applications.

It has 3 main components:

Server nodes: Serves as a worker that receives and processes messages, and communicates with all other non-server components. Its performance is CPU dependent.
Elasticsearch nodes: Stores all of the logs/messages. Its performance is RAM and disk I/O dependent.
MongoDB: Stores metadata and does not experience much load.

Architecture

Please, check link for documentation.

Quick Start

Below are instructions to quickly install and configure Graylog v2.4.3.

Prerequisites

Make sure below requirements are met:

Version	Name	Details
1.9	Kubernetes cluster	Without alpha feature, link
0.7.0	Istio	link
0.7.0	nginMesh	link
1.5.0	Bookinfo Application	link
1.1.0	Kafka	link

Install Graylog

1. Install graylog deployment in graylog namespace:

 kubectl create -f graylog.yaml

2. Make sure following pods are up and running:

kubectl get pods -n graylog

NAME                            READY     STATUS    RESTARTS   AGE
elasticsearch-97c476698-7tmpd   1/1       Running   0          1m
graylog-c4d976795-vfhpf         1/1       Running   0          1m
mongo-6bb464754d-d6fd8          1/1       Running   0          1m

3. Make sure following services are up and running:

kubectl get svc -n graylog

NAME            TYPE           CLUSTER-IP     EXTERNAL-IP       PORT(S)                          AGE
elasticsearch   ClusterIP      None           <none>            55555/TCP                        2m
graylog         LoadBalancer   10.55.242.76   100.100.100.100   9000:31927/TCP,12201:30371/TCP   2m
mongo           ClusterIP      None           <none>            55555/TCP                        2m

4. Activate port-forwarding for running graylog pod:

./graylog-portforward.sh

5. Access to Graylog Dashboard from browser using default credentials:

username: admin
password: somesaltpassword

http://127.0.0.1:9000/

Note: Check graylog deployment file for username/password passed as environment variable.

Configure Kafka

1. Select Content Packs tab from System menu:

2. Upload nginmesh_kafka_package.json file which contains all configuration related to Kafka input/extractor/dashboard:

3. Apply content of package:

4. Generate few requests towards sample application deployed and monitor dashboard widgets in Dashboards menu:

Configure Geo-Location plugin

1. Install Map database provided by MaxMind:

./install_map.sh

Note: Please, refer for plugin details.

2. Enable Geo-Location processor and set path to "/usr/share/graylog/plugin/GeoLite2-City.mmdb" in System/Configurations menu:

3. Enable Message processors in below order in System/Configurations menu:

Uninstalling the Graylog

1. To uninstall Graylog deployment, run:

kubectl delete -f graylog.yaml