PaaS-TA-5.5.0
Search…
Logging Service 설치 가이드

Table of Contents

1. 문서 개요

1.1. 목적

본 문서는 Logging 서비스 Release를 Bosh2.0을 이용하여 설치 하는 방법을 기술하였다.

1.2. 범위

설치 범위는 Logging 서비스 Release를 검증하기 위한 기본 설치를 기준으로 작성하였다.

1.3. 시스템 구성

본 장에서는 Logging 서비스의 시스템 구성에 대해 기술하였다. Logging 서비스 시스템은 Router, Collector, Queue, Parser, Elasticsearch, Visualization의 최소사항을 구성하였다.
시스템 구성도
VM명
인스턴스 수
vCPU수
메모리(GB)
디스크(GB)
Router
1
1
1
Root 8G
Collector
1
1
2
Root 10G
Queue
1
1
2
Root 10G + Persistent disk 10G
Parser
N
1
2
Root 10G
Elasticsearch Master
1
1
2
Root 10G + Persistent disk 10G
Elasticsearch Data
N
2
4
Root 20G + Persistent disk 30G
Visualization
1
1
2
Root 10G
maintenance
1
1
1
Root 8G

1.4. 참고자료

2. Logging 서비스 설치

2.1. Prerequisite

본 설치 가이드는 Linux 환경에서 설치하는 것을 기준으로 하였다. 서비스 설치를 위해서는 BOSH 2.0과 PaaS-TA 5.0 이상, PaaS-TA 포털이 설치되어 있어야 한다.
※ "firehose-to-syslog" uaac client 확인
uaac client에 "firehose-to-syslog"가 등록되어 있는지 확인 하여, 등록되어 있는 경우에는 "authorities"를 확인하여 "cloud_controller.admin" 권한을 부여한다.
1
# endpoint 설정
2
$ uaac target https://uaa.<DOMAIN> --skip-ssl-validation
3
4
# target 확인
5
$ uaac target
6
Target: https://uaa.<DOMAIN>
7
Context: uaa_admin, from client uaa_admin
8
9
# uaac 로그인
10
$ uaac token client get <UAA_ADMIN_CLIENT_ID> -s <UAA_ADMIN_CLIENT_SECRET>
11
12
# "firehose-to-syslog" uaac client 확인
13
$ uaac client get firehose-to-syslog
14
scope: cloud_controller.admin_read_only cloud_controller.global_auditor openid routing.router_groups.write network.write scim.read cloud_controller.admin uaa.user cloud_controller.read
15
password.write routing.router_groups.read cloud_controller.write network.admin doppler.firehose scim.write
16
client_id: firehose-to-syslog
17
resource_ids: none
18
authorized_grant_types: client_credentials
19
autoapprove:
20
authorities: uaa.none doppler.firehose >>>>>>>> cloud_controller.admin 권한 여부 확인
21
lastmodified: 1552530293656
22
23
# "firehose-to-syslog" uaac client 변경
24
$ uaac client update firehose-to-syslog --authorities "doppler.firehose, uaa.none, cloud_controller.admin"
25
26
# "firehose-to-syslog" uaac client 확인
27
$ uaac client get firehose-to-syslog
28
scope: cloud_controller.admin_read_only cloud_controller.global_auditor openid routing.router_groups.write network.write scim.read cloud_controller.admin uaa.user cloud_controller.read
29
password.write routing.router_groups.read cloud_controller.write network.admin doppler.firehose scim.write
30
client_id: firehose-to-syslog
31
resource_ids: none
32
authorized_grant_types: client_credentials
33
autoapprove:
34
authorities: uaa.none doppler.firehose cloud_controller.admin
35
lastmodified: 1552530293656
Copied!

2.2. Stemcell 확인

Stemcell 목록을 확인하여 서비스 설치에 필요한 Stemcell이 업로드 되어 있는 것을 확인한다. (PaaS-TA 5.5.1 과 동일 stemcell 사용)
$ bosh -e micro-bosh stemcells
1
Using environment '10.0.1.6' as client 'admin'
2
3
Name Version OS CPI CID
4
bosh-aws-xen-hvm-ubuntu-xenial-go_agent 621.94* ubuntu-xenial - ami-0297ff649e8eea21b
5
6
(*) Currently deployed
7
8
1 stemcells
9
10
Succeeded
Copied!

2.3. Deployment 다운로드

서비스 설치에 필요한 Deployment를 Git Repository에서 받아 서비스 설치 작업 경로로 위치시킨다.
1
# Deployment 다운로드 파일 위치 경로 생성 및 설치 경로 이동
2
$ mkdir -p ~/workspace/paasta-5.5.1/deployment
3
$ cd ~/workspace/paasta-5.5.1/deployment
4
5
# Deployment 파일 다운로드
6
$ git clone https://github.com/PaaS-TA/service-deployment.git -b v5.0.6
7
8
# common_vars.yml 파일 다운로드(common_vars.yml가 존재하지 않는다면 다운로드)
9
$ git clone https://github.com/PaaS-TA/common.git
Copied!

2.4. Deployment 파일 수정

BOSH Deployment manifest는 Components 요소 및 배포의 속성을 정의한 YAML 파일이다. Deployment 파일에서 사용하는 network, vm_type, disk_type 등은 Cloud config를 활용하고, 활용 방법은 BOSH 2.0 가이드를 참고한다.
  • Cloud config 설정 내용을 확인한다.
$ bosh -e micro-bosh cloud-config
1
Using environment '10.0.1.6' as client 'admin'
2
3
azs:
4
- cloud_properties:
5
availability_zone: ap-northeast-2a
6
name: z1
7
- cloud_properties:
8
availability_zone: ap-northeast-2a
9
name: z2
10
11
... ((생략)) ...
12
13
disk_types:
14
- disk_size: 1024
15
name: default
16
- disk_size: 1024
17
name: 1GB
18
19
... ((생략)) ...
20
21
networks:
22
- name: default
23
subnets:
24
- az: z1
25
cloud_properties:
26
security_groups: paasta-security-group
27
subnet: subnet-00000000000000000
28
dns:
29
- 8.8.8.8
30
gateway: 10.0.1.1
31
range: 10.0.1.0/24
32
reserved:
33
- 10.0.1.2 - 10.0.1.9
34
static:
35
- 10.0.1.10 - 10.0.1.120
36
37
... ((생략)) ...
38
39
vm_types:
40
- cloud_properties:
41
ephemeral_disk:
42
size: 3000
43
type: gp2
44
instance_type: t2.small
45
name: minimal
46
- cloud_properties:
47
ephemeral_disk:
48
size: 10000
49
type: gp2
50
instance_type: t2.small
51
name: small
52
53
... ((생략)) ...
54
55
Succeeded
Copied!
  • common_vars.yml을 서버 환경에 맞게 수정한다.
  • Logging 서비스에서 사용하는 변수는 system_domain, uaa_client_admin_id, uaa_client_admin_secret 이다.
$ vi ~/workspace/paasta-5.5.1/deployment/common/common_vars.yml
1
# BOSH INFO
2
bosh_ip: "10.0.1.6" # BOSH IP
3
bosh_url: "https://10.0.1.6" # BOSH URL (e.g. "https://00.000.0.0")
4
bosh_client_admin_id: "admin" # BOSH Client Admin ID
5
bosh_client_admin_secret: "ert7na4jpew48" # BOSH Client Admin Secret('echo $(bosh int ~/workspace/paasta-5.5.1/deployment/paasta-deployment/bosh/{iaas}/creds.yml --path /admin_password)' 명령어를 통해 확인 가능)
6
bosh_director_port: 25555 # BOSH director port
7
bosh_oauth_port: 8443 # BOSH oauth port
8
bosh_version: 271.2 # BOSH version('bosh env' 명령어를 통해 확인 가능, on-demand service용, e.g. "271.2")
9
10
# PAAS-TA INFO
11
system_domain: "61.252.53.246.xip.io" # Domain (xip.io를 사용하는 경우 HAProxy Public IP와 동일)
12
paasta_admin_username: "admin" # PaaS-TA Admin Username
13
paasta_admin_password: "admin" # PaaS-TA Admin Password
14
paasta_nats_ip: "10.0.1.121"
15
paasta_nats_port: 4222
16
paasta_nats_user: "nats"
17
paasta_nats_password: "7EZB5ZkMLMqT73h2Jh3UsqO" # PaaS-TA Nats Password (CredHub 로그인후 'credhub get -n /micro-bosh/paasta/nats_password' 명령어를 통해 확인 가능)
18
paasta_nats_private_networks_name: "default" # PaaS-TA Nats 의 Network 이름
19
paasta_database_ips: "10.0.1.123" # PaaS-TA Database IP (e.g. "10.0.1.123")
20
paasta_database_port: 5524 # PaaS-TA Database Port (e.g. 5524(postgresql)/13307(mysql)) -- Do Not Use "3306"&"13306" in mysql
21
paasta_database_type: "postgresql" # PaaS-TA Database Type (e.g. "postgresql" or "mysql")
22
paasta_database_driver_class: "org.postgresql.Driver" # PaaS-TA Database driver-class (e.g. "org.postgresql.Driver" or "com.mysql.jdbc.Driver")
23
paasta_cc_db_id: "cloud_controller" # CCDB ID (e.g. "cloud_controller")
24
paasta_cc_db_password: "cc_admin" # CCDB Password (e.g. "cc_admin")
25
paasta_uaa_db_id: "uaa" # UAADB ID (e.g. "uaa")
26
paasta_uaa_db_password: "uaa_admin" # UAADB Password (e.g. "uaa_admin")
27
paasta_api_version: "v3"
28
29
# UAAC INFO
30
uaa_client_admin_id: "admin" # UAAC Admin Client Admin ID
31
uaa_client_admin_secret: "admin-secret" # UAAC Admin Client에 접근하기 위한 Secret 변수
32
uaa_client_portal_secret: "clientsecret" # UAAC Portal Client에 접근하기 위한 Secret 변수
33
34
# Monitoring INFO
35
metric_url: "10.0.161.101" # Monitoring InfluxDB IP
36
syslog_address: "10.0.121.100" # Logsearch의 ls-router IP
37
syslog_port: "2514" # Logsearch의 ls-router Port
38
syslog_transport: "relp" # Logsearch Protocol
39
saas_monitoring_url: "61.252.53.248" # Pinpoint HAProxy WEBUI의 Public IP
40
monitoring_api_url: "61.252.53.241" # Monitoring-WEB의 Public IP
41
42
### Portal INFO
43
portal_web_user_ip: "52.78.88.252"
44
portal_web_user_url: "http://portal-web-user.52.78.88.252.xip.io"
45
46
### ETC INFO
47
abacus_url: "http://abacus.61.252.53.248.xip.io" # abacus url (e.g. "http://abacus.xxx.xxx.xxx.xxx.xip.io")
Copied!
  • Deployment YAML에서 사용하는 변수 파일을 서버 환경에 맞게 수정한다.
$ vi ~/workspace/paasta-5.5.1/deployment/service-deployment/logging-service/vars.yml
1
# STEMCELL
2
stemcell_os: "ubuntu-xenial" # stemcell os
3
stemcell_version: "621.94" # stemcell version
4
5
# VM_TYPE
6
vm_type_minimal: "minimal" # vm type minimal
7
vm_type_default: "small" # vm type small
8
vm_type_medium: "medium" # vm type medium
9
10
# NETWORK
11
private_networks_name: "default" # private network name
12
public_networks_name: "vip" # public network name
13
private_nat_networks_name: "default" # AWS의 경우, NATS Network Name
14
15
# ELASTICSEARCH_MASTER
16
es_master_azs: [z3] # elasticsearch master : azs
17
es_master_instances: 1 # elasticsearch master : instances (1)
18
es_master_persistent_disk_type: "10GB" # elasticsearch master : persistent disk type
19
es_master_private_ips: "<ES_MASTER_PRIVATE_IPS>" # elasticsearch master : private ips (e.g. ["10.0.81.11"])
20
es_master_private_url: "<ES_MASTER_PRIVATE_URL>" # elasticsearch master : private url (e.g. "10.0.81.11")
21
22
# QUEUE
23
queue_azs: [z3] # queue : azs
24
queue_instances: 1 # queue : instances (1)
25
queue_persistent_disk_type: "10GB" # queue : persistent disk type
26
queue_private_ips: "<QUEUE_PRIVATE_IPS>" # queue : private ips (e.g. ["10.0.81.12"])
27
queue_private_url: "<QUEUE_PRIVATE_URL>" # queue : private url (e.g. "10.0.81.12")
28
29
# MAINTENANCE
30
maintenance_azs: [z3] # maintenance : azs
31
maintenance_instances: 1 # maintenance : instances (1)
32
maintenance_private_ips: "<MAINTENANCE_PRIVATE_IPS>" # maintenance : private ips (e.g. ["10.0.81.13"])
33
34
# ELASTICSEARCH_DATA
35
es_data_azs: [z3] # elasticsearch data : azs
36
es_data_instances: 2 # elasticsearch data : instances (N)
37
es_data_persistent_disk_type: "20GB" # elasticsearch data : persistent disk type
38
es_data_private_ips: "<ES_DATA_PRIVATE_IPS>" # elasticsearch data : private ips (e.g. ["10.0.81.14", "10.0.81.15"])
39
40
# VISUALIZATION
41
visualization_azs: [z3] # visualization : azs
42
visualization_instances: 1 # visualization : instances (1)
43
visualization_private_ips: "<VISUALIZATION_PRIVATE_IPS>" # visualization : private ips (e.g. ["10.0.81.16"])
44
visualization_version: "5.3.0" # visualization : version (5.3.0)
45
46
# COLLECTOR
47
collector_azs: [z3] # collector : azs
48
collector_instances: 1 # collector : instances (1)
49
collector_private_ips: "<COLLECTOR_PRIVATE_IPS>" # collector : private ips (e.g. ["10.0.81.17"])
50
51
# PARSER
52
parser_azs: [z3] # parser : azs
53
parser_instances: 2 # parser : instances (N)
54
parser_private_ips: "<PARSER_PRIVATE_IPS>" # parser : private ips (e.g. ["10.0.81.18", "10.0.81.19"])
55
parser_es_index: "%{[@metadata][index]}-%{+YYYY.MM.dd.HH}" # parser : elasticsearch index
56
parser_es_index_type: '%{[@metadata][type]}' # parser : elasticsearch index type
57
58
# ROUTER
59
router_azs: [z7] # router : azs
60
router_instances: 1 # router : instances (1)
61
router_private_ips: "<ROUTER_PRIVATE_IPS>" # router : private ips (e.g. ["10.0.0.101"])
62
router_public_ips: "<ROUTER_PUBLIC_IPS>" # router : public ips (e.g. "13.209.212.226")
63
router_private_url: "<ROUTER_PRIVATE_URL>" # router : private url (e.g. "10.0.0.101")
64
65
# UAAC
66
uaa_client_laas_id: "laasclient" # logging service uaa client id
67
uaa_client_laas_secret: "clientsecret" # logging service uaa client secret
68
69
# LOGGING SERVICE
70
es_config_index_prefix: "laas-" # logging service elasticsearch index prefix ("laas-")
71
retention_period: 7 # logging service retention period
72
laas_logo: "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAALQAAABGCAYAAABll74gAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAA3FpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQyIDc5LjE2MDkyNCwgMjAxNy8wNy8xMy0wMTowNjozOSAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDpkYzhkNmI4YS1kZWNkLThkNGItOThiNC0zMjRjZjU1OTE0NmYiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6MkRBNUQ0REMyQ0EwMTFFOEI2QkZBQUY2QUYwM0UzRjkiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6MkRBNUQ0REIyQ0EwMTFFOEI2QkZBQUY2QUYwM0UzRjkiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIChXaW5kb3dzKSI+IDx4bXBNTTpEZXJpdmVkRnJvbSBzdFJlZjppbnN0YW5jZUlEPSJ4bXAuaWlkOjQ5YzFjOTUyLWE2MDEtZTI0NC1iMzIzLTMzYTIyNzI1NDcxYiIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpkYzhkNmI4YS1kZWNkLThkNGItOThiNC0zMjRjZjU1OTE0NmYiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz7OZxN8AAAHtUlEQVR42uyde4hUZRjGz6y7W+stMl0LFbtJ/VGZFogabAptZZrrrSKzBBMsDKysWBF210IzK0VNy+yiXcxbec1Q3FwoJUKxMJDQLLG8lWSuKevi9Ly779jH8czMN2fOzJxZnwcezpzb55nv/M573vf7ZjESjUYdimopKmAXUASaogg0RRFoiiLQFIGmKAJNUQSaogg0RRFoikBTFIGmqNCo0PbASCSS1QtrXFM2EIvP4LNweWFF3V5j3xAsWsMrsf18vDb4wysCHQopzBvgEt00DJ6B7fJULYAn6PZr4Dm8jVRogfaA+Qz8pX42YRaV6jnFWMyF+8BTELU38dZemorYvpazkXLEgXkwAK3FvsH4vN44fA9cBtfDq+Ahun03ju/FlINFYRgjcxPMun6ZC+aB2HcCy/cMmEXf8bYyQuc0QseDuXLx0a+xHA/3KCqMzJ42tnQ4PneGZyvMcu5fWHTQ8ySCj8S+BkZo5tC5isy9E8B8IWc+1xjtDlAfks8vDL45Al+Lj4fgmfBLmmePi8FMMeXIlR5MBrOxT2CWAnA1fADegWPfBMRXwWOw3hYPyHR4Euznu70igd3Skrtvh5+QF5hF21Efrk6hzdctr6PKsi/MthfCRZbnVWWoL2rzBeiV8GH4qJEzT3XBLDnzZIVZCsBhuv1OuKtG+k5Y1MGVkpLAo3xci/y70yyPbQP3hT+E37eEKRXVWABt6nn4I7g4yXHVKUAdk9yLLXBHi2P9tG/bH+FMOc7M79pXO2kjAF4BGLs0XUxFXSzpHeYuAOGTrtEM0Rfwbzi/gz7Btxj7/vV5eVUWN+RqeLTCLxM8Y+Ft8BLb2iVDXSvXJA/2CH2DJILOGhKVjCh9Dw+Ff7SA2rb9QPuiIAcwC5xb4cfhT7FeKiCLAWY/+HZsn69AfpMAZikAH5m1Ya88BM+6YH4b7a1PA+hkOgK/AU8yto3P8Ztusr6ay/Xh6mwJnY2ekjIGlrrlW3i4ZaRu2aMcCrNZAAqo3Yq63lCvED+t2+8FkJuNnNkL5pGAuUHTjYlYzIvBLO3IA+JzlCOWu9pElzZGJDwtOXySdoOOSu42R2v6I322D74P3u/zOtzHlel96Kj7avQNFfXRfib6IrtAe8DcVAACZq8C8DkAOTsRzPAVWgiVFBVGJk0bWyppzFmct/FCr/kH2rGE+kr4hA+gg3oNe4FRrkVzW61LHoB3BgC0oxF6LXybrq/WdKs+DaADTUmyAnQ8mEsmHpIZwMe0mDFz5v6Vi4+e0hx5aByYzZx5FqL1ixqte2IxSM5tNXTb3gCiXiJJmrFIP8uIR/8QAC26Q+oTTTtOaZ9tDgBoRx+UJUba8QNcAf8aBqAznkMnglnXu7gLQETZf7DsaQmzo6/X2ATNDni6cQMzIbmGMfqGiOndFG9SIqcrich3abrRTvvu0YC+e73ehxoFs6cWi2V+s4Qg+6IgxzA7mm7M1dx3AGA+rtt/cZonThx9zcVy5hXuAlBg8phtvDygr1HtXDwm+je8FG6vxyxNYYQjW9qnb4ydmlN/rEN7QeXu0i+jFPCOOqw3IddfOqMpB4A+YlTbTTDDkjO/Cj8Dr5FCBoBHNcIWa3HXD56CtEPGla+X15qOZkiReFqHyi4UgDOe7DzA68FBylHr82a5X3fVHqMfp3X4apHCHPXRbhAPW1WSNttpHVKe4uvcpm1HI/Qaza9t28/PohBAS5S9zgWzuwDsDqAPKsxmAbgH0fpWBV0i4Tj4J0AuEykyqrFOXnvxYJYJmjSLwqA728/F2EyuxMBLdK3Stx94pB2RANp2NEKv8kg7IgH2hQS3u5MdlOmJlXv0tbRJo5kb5l3w70YOao5mbFeYO5k5MwDuBVh7Gzlzol/o5bNsZwptjpFUTYrvwymmHdWWx/2p93puBtMOq2vJ1ihHxAPmpgIQ0fm4wnnMaZ7lMgvA9hrVzZy5P4DdjuMHaCUfF+aQRWgqC8rGKEdSmFUyMnFch/BiPwF92QXzAoVZ2lzWQiMzlYYKcwUzfBL7X8PyRrgSMMrfBs7xeFWaoxkTjfXzGYK5xsnMj2uofAY6GczOxTOAw/W8Vk7zL+gOOs2/fvtD8+xPzh3a3xb7SwDvMUTpWH6+Duu7MpCrEWoC7RvmfXqe5NBfwVL0LQOoUpXP1H1y7uewQD0a+5bLqEcuCxDqEsihfcAsBeBUhblWYRZVGG3GRjNkhk4i+P1Z6BtCfakD7RPmeNPZ81wwmwXgO7x1lJcCG7YLGOamGUDYc9LENXUeV/wjWUbodDQrTDBTjNC+IzSiszwYDZrfhgZmRmhGaF8CaDImvEVXdzMyU7lSkMN2Am4P5/8/+SHMVP4WhUb6URwWmJlyMOVIS2GCmWKETitCpwHzTU7zz0gDh5kRmhE6q5FZ/1KlDyMzFRqg04RZtFaP+RkeRJipnKUcAcCcUTHlYITOZmSmqHAAnQTm1oSZyhugE8EMYBt05IIwU+EH2gJm0QFj30LCTIWyKDz7VjcbmGPgy0RJAbZvzeWXY1FIoBMBLf+r68PJYA6TCDRTjkQakU8wUwQ6maS4a4SXE2Yq71MOimppEZqiCDRFEWiKItAURaApAk1RBJqiCDRFEWiKQFMUgaaoEOo/AQYAt8WQmU5T9v8AAAAASUVORK5CYII="
Copied!

2.5. 서비스 설치

  • 서버 환경에 맞추어 Deploy 스크립트 파일의 VARIABLES 설정을 수정하고, Option file을 추가할지 선택한다.
    (선택) -o operations/use-compiled-releases.yml (ubuntu-xenial/621.94로 컴파일 된 릴리즈 사용)
$ vi ~/workspace/paasta-5.5.1/deployment/service-deployment/logging-service/deploy.sh
1
#!/bin/bash
2
3
# VARIABLES
4
COMMON_VARS_PATH="<COMMON_VARS_FILE_PATH>" # common_vars.yml File Path (e.g. ../../common/common_vars.yml)
5
CURRENT_IAAS="${CURRENT_IAAS}" # IaaS Information (PaaS-TA에서 제공되는 create-bosh-login.sh 미 사용시 aws/azure/gcp/openstack/vsphere 입력)
6
BOSH_ENVIRONMENT="${BOSH_ENVIRONMENT}" # bosh director alias name (PaaS-TA에서 제공되는 create-bosh-login.sh 미 사용시 bosh envs에서 이름을 확인하여 입력)
7
8
# DEPLOY
9
bosh -e ${BOSH_ENVIRONMENT} -n -d logging-service deploy --no-redact logging-service.yml \
10
-o operations/${CURRENT_IAAS}-network.yml \
11
-l ${COMMON_VARS_PATH} \
12
-l vars.yml
Copied!
  • 서비스를 설치한다.
1
$ cd ~/workspace/paasta-5.5.1/deployment/service-deployment/logging-service
2
$ sh ./deploy.sh
Copied!

2.6. 서비스 설치 - 다운로드 된 PaaS-TA Release 파일 이용 방식

  • 서비스 설치에 필요한 릴리즈 파일을 다운로드 받아 Local machine의 서비스 설치 작업 경로로 위치시킨다.
  • 설치 릴리즈 파일 다운로드 : paasta-logging-service-release.tgz
1
# 릴리즈 다운로드 파일 위치 경로 생성
2
$ mkdir -p ~/workspace/paasta-5.5.1/release/service
3
4
# 릴리즈 파일 다운로드 및 파일 경로 확인
5
$ ls ~/workspace/paasta-5.5.1/release/service
6
paasta-logging-service-release.tgz
Copied!
  • 서버 환경에 맞추어 Deploy 스크립트 파일의 VARIABLES 설정을 수정하고 Option file 및 변수를 추가한다.
    (추가) -o operations/use-offline-releases.yml (미리 다운받은 offline 릴리즈 사용)
    (추가) -v releases_dir=""
$ vi ~/workspace/paasta-5.5.1/deployment/service-deployment/logging-service/deploy.sh
1
#!/bin/bash
2
3
# VARIABLES
4
COMMON_VARS_PATH="<COMMON_VARS_FILE_PATH>" # common_vars.yml File Path (e.g. ../../common/common_vars.yml)
5
CURRENT_IAAS="${CURRENT_IAAS}" # IaaS Information (PaaS-TA에서 제공되는 create-bosh-login.sh 미 사용시 aws/azure/gcp/openstack/vsphere 입력)
6
BOSH_ENVIRONMENT="${BOSH_ENVIRONMENT}" # bosh director alias name (PaaS-TA에서 제공되는 create-bosh-login.sh 미 사용시 bosh envs에서 이름을 확인하여 입력)
7
8
# DEPLOY
9
bosh -e ${BOSH_ENVIRONMENT} -n -d logging-service deploy --no-redact logging-service.yml \
10
-o operations/${CURRENT_IAAS}-network.yml \
11
-l ${COMMON_VARS_PATH} \
12
-l vars.yml \
13
-v releases_dir="/home/ubuntu/workspace/paasta-5.5.1/release"
Copied!
  • 서비스를 설치한다.
1
$ cd ~/workspace/paasta-5.5.1/deployment/service-deployment/logging-service
2
$ sh ./deploy.sh
Copied!

2.7. 서비스 설치 확인

설치 완료된 서비스를 확인한다.
$ bosh -e micro-bosh -d logging-service vms
1
Using environment '10.30.40.111' as client 'admin'
2
3
Task 68432. Done
4
5
Deployment 'logging-service'
6
7
Instance Process State AZ IPs VM CID VM Type Active
8
collector/d2a1aed9-d10f-42df-91ec-e21f1baecfb8 running z5 10.30.107.131 vm-e73085ec-e336-4c54-a842-37989dc4fe1d default true
9
elasticsearch_data/d779c528-8f75-4b4c-b2d9-ac367c1e5ece running z5 10.30.107.133 vm-5b1fed2f-774f-47cf-9a14-edc015e790f1 medium true
10
elasticsearch_data/fa38698e-913c-4296-aac8-c0b56c84a71e running z5 10.30.107.134 vm-36a47dab-8d09-4daa-bb8c-0394f4d83fd7 medium true
11
elasticsearch_master/4698c36b-413d-4370-b671-44ee075a0cf0 running z5 10.30.107.135 vm-46152b8f-d660-413c-9396-8b4068a4a454 default true
12
maintenance/dba09e1e-06c0-42bf-a30d-d97a62c536bc running z5 10.30.107.136 vm-780e1595-9aa9-445c-b056-27ff4e844017 minimal true
13
parser/3dfdc7bc-8dde-4ed1-95d0-eb638d4900fa running z5 10.30.107.138 vm-44210be7-0dab-46db-8cb6-d71a2c29d3c8 default true
14
parser/7ef8ffd6-7d8b-4ae0-bd8c-17f5e7092ca2 running z5 10.30.107.137 vm-1eb78459-3050-4ab2-8f49-78f0ddb795b0 default true
15
queue/cc986003-b6c1-4570-b2d7-32ecfd40eedf running z5 10.30.107.139 vm-f11ec996-5c1e-46a0-972a-8b1415267df0 default true
16
router/c64e9519-713c-4f24-9b04-4bbf2d0ac457 running z5 10.30.107.140 vm-32ebc53c-6bef-48d7-854e-4b09a4dd9d01 minimal true
17
115.68.47.181
18
visualization/d1ac0c78-aa4c-465d-9193-64f2e2de269a running z5 10.30.107.143 vm-75fdb6a6-e77f-4adb-8336-ec77254c82fa default true
Copied!

3. Logging 서비스 관리

서비스 설치가 완료 되면, PaaS-TA 포탈에서 서비스를 사용하기 위해 Logging 서비스 UAA Client 등록 및 Logging 서비스 활성화 코드 등록을 해 주어야 한다.

3.1. UAA Client 등록

  • uaac server의 endpoint를 설정한다.
1
# endpoint 설정
2
$ uaac target https://uaa.<DOMAIN> --skip-ssl-validation
3
4
# target 확인
5
$ uaac target
6
Target: https://uaa.<DOMAIN>
7
Context: uaa_admin, from client uaa_admin
Copied!
  • uaac 로그인을 한다.
1
$ uaac token client get <UAA_ADMIN_CLIENT_ID> -s <UAA_ADMIN_CLIENT_SECRET>
2
Successfully fetched token via client credentials grant.
3
Target: https://uaa.<DOMAIN>
4
Context: admin, from client admin
Copied!
  • Logging 서비스 계정을 생성 한다. $ uaac client add -s --redirect_uri --scope <퍼미션 범위> --authorized_grant_types <권한 타입> --authorities=<권한 퍼미션> --autoapprove=<자동승인권한>
    • : uaac 클라이언트 id
    • : uaac 클라이언트 secret
    • : 성공적으로 리다이렉션 할 Logging 서비스 접근 URI (http://)
    • <퍼미션 범위> : 클라이언트가 사용자를 대신하여 얻을 수있는 허용 범위 목록
    • <권한 타입> : 서비스가 제공하는 API를 사용할 수 있는 권한 목록
    • <권한 퍼미션> : 클라이언트에 부여 된 권한 목록
    • <자동승인권한> : 사용자 승인이 필요하지 않은 권한 목록
1
# e.g. Logging 서비스 계정 생성
2
$ uaac client add laasclient -s clientsecret --redirect_uri " http://115.68.47.181" \
3
--scope "cloud_controller_service_permissions.read , openid , cloud_controller.read , cloud_controller.write , cloud_controller.admin" \
4
--authorized_grant_types "authorization_code , client_credentials , refresh_token" \
5
--authorities="uaa.resource" \
6
--autoapprove="openid , cloud_controller_service_permissions.read"
7
8
# e.g. Logging 서비스 계정 생성 확인
9
$ uaac clients
10
laasclient
11
scope: cloud_controller.read cloud_controller.write cloud_controller_service_permissions.read openid
12
cloud_controller.admin
13
resource_ids: none
14
authorized_grant_types: refresh_token client_credentials authorization_code
15
redirect_uri: http://115.68.47.181
16
autoapprove: cloud_controller_service_permissions.read openid
17
authorities: uaa.resource
18
name: laasclient
19
lastmodified: 1542894096080
Copied!

3.2. Logging 서비스 활성화 코드 등록

  • PaaS-TA 운영자 포탈에 접속한다.
  • 운영관리의 코드관리 메뉴로 이동하여 다음과 같이 코드를 등록한다.
※ Group Table 코드 ID : LAAS 코드 이름 : Logging Service
※ Detail Table Key : laas_base_url Value : http:///app/laas 요약 : Logging Service Base URL 사용 : Y
Last modified 8mo ago