Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to scale a Logging Infrastructure

Paul Stack
June 03, 2015
Technology
0
170

How to scale a Logging Infrastructure

Logging infrastructure using ELK + Kafka

Paul Stack

June 03, 2015
Tweet

More Decks by Paul Stack

See All by Paul Stack
Infrastructure as Software
stack72
0
63
Mirror, Mirror on the way, what is the vainest metric of them all?
stack72
1
2.3k
Continuously Delivering Infrastructure to the Cloud
stack72
0
170
DevOops 2016
stack72
0
120
The Quest for Infrastructure Management 2.0
stack72
0
130
The Biggest Trick Consultants Ever Pulled was Telling The World Continuous Delivery is Easy
stack72
1
110
The Transition from Product to Infrastructure
stack72
0
58
Continuous Delivery - the missing parts
stack72
0
920
Windows: Having its ass kicked by puppet and powershell
stack72
0
120

Other Decks in Technology

See All in Technology
OPENLOGI Company Profile
hr01
0
60k
Visualize, Visualize, Visualize and rclone
tomoaki0705
9
83k
あなたが人生で成功するための 5つの普遍的法則 #jawsug #jawsdays2025 / 20250301 HEROZ
yoshidashingo
2
310
スキルだけでは満たせない、 “組織全体に”なじむオンボーディング/Onboarding that fits “throughout the organization” and cannot be satisfied by skills alone
bitkey
0
190
IAMポリシーのAllow/Denyについて、改めて理解する
smt7174
2
210
データベースの負荷を紐解く/untangle-the-database-load
emiki
2
540
DeepSeekとは?何がいいの? - Databricksと学ぶDeepSeek! 〜これからのLLMに備えよ!〜
taka_aki
1
150
サイト信頼性エンジニアリングとAmazon Web Services / SRE and AWS
ymotongpoo
7
1.7k
Pwned Labsのすゝめ
ken5scal
2
470
データエンジニアリング領域におけるDuckDBのユースケース
chanyou0311
9
2.3k
設計を積み重ねてシステムを刷新する
sansantech
PRO
0
180
日経のデータベース事業とElasticsearch
hinatades
PRO
0
250

Featured

See All Featured
Making the Leap to Tech Lead
cromwellryan
133
9.1k
VelocityConf: Rendering Performance Case Studies
addyosmani
328
24k
Unsuck your backbone
ammeep
669
57k
Designing Experiences People Love
moore
140
23k
The Cult of Friendly URLs
andyhume
78
6.2k
Done Done
chrislema
182
16k
Embracing the Ebb and Flow
colly
84
4.6k
Fireside Chat
paigeccino
34
3.2k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
175
52k
Code Reviewing Like a Champion
maltzj
521
39k
Designing for Performance
lara
604
68k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
114
50k

Transcript

  1. How do you scale a logging infrastructure to accept a

    billion messages a day? Paul Stack http://twitter.com/stack72 mail: [email protected]

  2. About Me Infrastructure Engineer for a cool startup :) Reformed

    ASP.NET / C# Developer DevOps Extremist Conference Junkie

  3. Background Project was to replace the legacy ‘logging solution’

  4. Iteration 0: A Developer created a single box with the

    ELK all in 1 jar

  5. Time to make it production ready now

  6. None

  7. Iteration 1: Using Redis as the input mechanism for LogStash

  8. None
  9. None

  10. Enter Apache Kafka

  11. “Kafka is a distributed publish- subscribe messaging system that is

    designed to be fast, scalable, and durable” Source: Cloudera Blog

  12. Introduction to Kafka • Kafka is made up of ‘topics’,

    ‘producers’, ‘consumers’ and ‘brokers’ • Communication is via TCP • Backed by Zookeeper

  13. Kafka Topics Source: http://kafka.apache.org/documentation.html

  14. Kafka Producers • Producers are responsible to chose what topic

    to publish data to • The producer is responsible for choosing a partition to write to • Can be handled round robin or partition functions

  15. Kafka Consumers • Consumption can be done via: • queuing

    • pub-sub

  16. Kafka Consumers • Kafka consumer group • Strong ordering

  17. Kafka Consumers • Strong ordering

  18. https://github.com/opentable/puppet-exhibitor

  19. None

  20. Iteration 2 Introduction of Kafka

  21. None
  22. None

  23. Iteration 3 Further ‘Improvements’ to the cluster layout

  24. None

  25. The Numbers • Logs kept in ES for 30 days

    then archived • 12 billion documents active in ES • ES space was about 25 - 30TB in EBS volumes • Average Doc Size ~ 1.2KB • V-Day 2015: ~750M docs collected without failure

  26. What about metrics and monitoring?

  27. Monitoring - Nagios • Alerts on • ES Cluster •

    zK and Kafka Nodes • Logstash / Redis nodes
  28. None

  29. https://github.com/stack72/nagios-elasticsearch

  30. Metrics - Kafka Offset Monitor

  31. https://github.com/opentable/KafkaOffsetMonitor

  32. Metrics - ElasticSearch

  33. None
  34. None
  35. None

  36. Visibility Rocks!

  37. None

  38. So what would I do differently?

  39. Questions?

  40. Paul Stack @stack72