$30 off During Our Annual Pro Sale. View Details »

How to scale a Logging Infrastructure

Avatar for Paul Stack Paul Stack
June 03, 2015
Technology
0
190

How to scale a Logging Infrastructure

Logging infrastructure using ELK + Kafka

Avatar for Paul Stack

Paul Stack

June 03, 2015
Tweet

More Decks by Paul Stack

See All by Paul Stack
Infrastructure as Software
Avatar for Paul Stack stack72
0
82
Mirror, Mirror on the way, what is the vainest metric of them all?
Avatar for Paul Stack stack72
1
2.4k
Continuously Delivering Infrastructure to the Cloud
Avatar for Paul Stack stack72
0
210
DevOops 2016
Avatar for Paul Stack stack72
0
130
The Quest for Infrastructure Management 2.0
Avatar for Paul Stack stack72
0
160
The Biggest Trick Consultants Ever Pulled was Telling The World Continuous Delivery is Easy
Avatar for Paul Stack stack72
1
130
The Transition from Product to Infrastructure
Avatar for Paul Stack stack72
0
75
Continuous Delivery - the missing parts
Avatar for Paul Stack stack72
0
980
Windows: Having its ass kicked by puppet and powershell
Avatar for Paul Stack stack72
0
150

Other Decks in Technology

See All in Technology
Bakuraku Engineering Team Deck
Avatar for LayerX layerx
PRO
12
6.9k
セキュリティAIエージェントの現在と未来 / PSS #2 Takumi Session
Avatar for GMO Flatt Security flatt_security
3
1.5k
Oracle Database@AWS:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
0
170
Overture Maps Foundationの3年を振り返る
Avatar for Toru Mori moritoru
0
140
AI時代におけるアジャイル開発について
Avatar for Polyscape Inc. polyscape_inc
0
120
小さな判断で育つ、大きな意思決定力 / 20251204 Takahiro Kinjo
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
530
re:Invent2025 コンテナ系アップデート振り返り(+CloudWatchログのアップデート紹介)
Avatar for 枡川健太郎 masukawa
0
280
21st ACRi Webinar - Univ of Tokyo Presentation Slide (Ayumi Ohno)
Avatar for Nao Sumikawa nao_sumikawa
0
120
安いGPUレンタルサービスについて
Avatar for Aratako aratako
2
2.6k
A Compass of Thought: Guiding the Future of Test Automation ( #jassttokai25 , #jassttokai )
Avatar for teyamagu teyamagu
PRO
1
230
直接メモリアクセス
Avatar for KOBA789 koba789
0
270
世界最速級 memcached 互換サーバー作った
Avatar for yasukata yasukata
0
310

Featured

See All Featured
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.5k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.5k
Fireside Chat
Avatar for paigeccino paigeccino
41
3.7k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
10
710
Scaling GitHub
Avatar for Zach Holman holman
464
140k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
698
190k
Building an army of robots
Avatar for Kyle Neath kneath
306
46k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
273
21k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
180
10k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
190
11k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
508
140k
Docker and Python
Avatar for Tania Allard trallard
47
3.7k

Transcript

  1. How do you scale a logging infrastructure to accept a

    billion messages a day? Paul Stack http://twitter.com/stack72 mail: [email protected]

  2. About Me Infrastructure Engineer for a cool startup :) Reformed

    ASP.NET / C# Developer DevOps Extremist Conference Junkie

  3. Background Project was to replace the legacy ‘logging solution’

  4. Iteration 0: A Developer created a single box with the

    ELK all in 1 jar

  5. Time to make it production ready now

  6. None

  7. Iteration 1: Using Redis as the input mechanism for LogStash

  8. None
  9. None

  10. Enter Apache Kafka

  11. “Kafka is a distributed publish- subscribe messaging system that is

    designed to be fast, scalable, and durable” Source: Cloudera Blog

  12. Introduction to Kafka • Kafka is made up of ‘topics’,

    ‘producers’, ‘consumers’ and ‘brokers’ • Communication is via TCP • Backed by Zookeeper

  13. Kafka Topics Source: http://kafka.apache.org/documentation.html

  14. Kafka Producers • Producers are responsible to chose what topic

    to publish data to • The producer is responsible for choosing a partition to write to • Can be handled round robin or partition functions

  15. Kafka Consumers • Consumption can be done via: • queuing

    • pub-sub

  16. Kafka Consumers • Kafka consumer group • Strong ordering

  17. Kafka Consumers • Strong ordering

  18. https://github.com/opentable/puppet-exhibitor

  19. None

  20. Iteration 2 Introduction of Kafka

  21. None
  22. None

  23. Iteration 3 Further ‘Improvements’ to the cluster layout

  24. None

  25. The Numbers • Logs kept in ES for 30 days

    then archived • 12 billion documents active in ES • ES space was about 25 - 30TB in EBS volumes • Average Doc Size ~ 1.2KB • V-Day 2015: ~750M docs collected without failure

  26. What about metrics and monitoring?

  27. Monitoring - Nagios • Alerts on • ES Cluster •

    zK and Kafka Nodes • Logstash / Redis nodes
  28. None

  29. https://github.com/stack72/nagios-elasticsearch

  30. Metrics - Kafka Offset Monitor

  31. https://github.com/opentable/KafkaOffsetMonitor

  32. Metrics - ElasticSearch

  33. None
  34. None
  35. None

  36. Visibility Rocks!

  37. None

  38. So what would I do differently?

  39. Questions?

  40. Paul Stack @stack72