|
| 1 | +--- |
| 2 | +layout: post |
| 3 | +title: "Meet Grafana LOKI, a log aggregation system for everything" |
| 4 | +date: 2021-10-22 8:00:00 -0500 |
| 5 | +categories: homelab |
| 6 | +tags: homelab proxmox grafana logging promtail prometheus |
| 7 | +--- |
| 8 | + |
| 9 | +[](https://www.youtube.com/watch?v=h_GGd7HfKQ8 "Meet Grafana LOKI, a log aggregation system for everything") |
| 10 | + |
| 11 | +I've been on a quest to find a new logging system. I've use quite a few in the past, some open source, some proprietary, and some home grown, but recently I've decided to switch. I've switched to Grafana Loki for all of my logs for all of my systems - this includes machines, devices, docker systems and hosts, and my all of my kubernetes clusters. If you're thinking of using Grafana and are also looking for a fast way to log all of your systems, join me as we discuss and configure Grafana Loki. |
| 12 | + |
| 13 | + |
| 14 | +[Watch Video](https://www.youtube.com/watch?v=h_GGd7HfKQ8) |
| 15 | + |
| 16 | +(see video description for links to gear, discord, and other ways to connect.) |
| 17 | + |
| 18 | +## Docker Setup |
| 19 | + |
| 20 | +See [this post](https://techno-tim.github.io/posts/docker-compose-install/) on how to install `docker` and `docker-compose` |
| 21 | + |
| 22 | +## Running the container |
| 23 | + |
| 24 | +If you're using Docker compose |
| 25 | + |
| 26 | +```bash |
| 27 | +mkdir grafana |
| 28 | +cd .. |
| 29 | +mkdir loki |
| 30 | +cd .. |
| 31 | +mkdir promtail |
| 32 | +cd .. |
| 33 | +touch docker-compose.yml |
| 34 | +nano docker-compose.yml # copy the contents from below |
| 35 | +ls |
| 36 | +docker-compose up -d --force-recreate |
| 37 | +``` |
| 38 | + |
| 39 | +`docker-compose.yml` |
| 40 | + |
| 41 | +```yml |
| 42 | +version: "3" |
| 43 | +networks: |
| 44 | + loki: |
| 45 | +services: |
| 46 | + loki: |
| 47 | + image: grafana/loki:2.4.0 |
| 48 | + volumes: |
| 49 | + - /home/serveradmin/docker_volumes/loki:/etc/loki |
| 50 | + ports: |
| 51 | + - "3100:3100" |
| 52 | + restart: unless-stopped |
| 53 | + command: -config.file=/etc/loki/loki-config.yml |
| 54 | + networks: |
| 55 | + - loki |
| 56 | + promtail: |
| 57 | + image: grafana/promtail:2.4.0 |
| 58 | + volumes: |
| 59 | + - /var/log:/var/log |
| 60 | + - /home/serveradmin/docker_volumes/promtail:/etc/promtail |
| 61 | + restart: unless-stopped |
| 62 | + command: -config.file=/etc/promtail/promtail-config.yml |
| 63 | + networks: |
| 64 | + - loki |
| 65 | + grafana: |
| 66 | + image: grafana/grafana:latest |
| 67 | + user: "1000" |
| 68 | + volumes: |
| 69 | + - /home/serveradmin/docker_volumes/grafana:/var/lib/grafana |
| 70 | + ports: |
| 71 | + - "3000:3000" |
| 72 | + restart: unless-stopped |
| 73 | + networks: |
| 74 | + - loki |
| 75 | +``` |
| 76 | +
|
| 77 | +``` |
| 78 | +touch nano loki/loki-config.yml |
| 79 | +``` |
| 80 | + |
| 81 | +`loki-config.yml` |
| 82 | + |
| 83 | +```yml |
| 84 | +auth_enabled: false |
| 85 | + |
| 86 | +server: |
| 87 | + http_listen_port: 3100 |
| 88 | + grpc_listen_port: 9096 |
| 89 | + |
| 90 | +common: |
| 91 | + path_prefix: /tmp/loki |
| 92 | + storage: |
| 93 | + filesystem: |
| 94 | + chunks_directory: /tmp/loki/chunks |
| 95 | + rules_directory: /tmp/loki/rules |
| 96 | + replication_factor: 1 |
| 97 | + ring: |
| 98 | + instance_addr: 127.0.0.1 |
| 99 | + kvstore: |
| 100 | + store: inmemory |
| 101 | + |
| 102 | +schema_config: |
| 103 | + configs: |
| 104 | + - from: 2020-10-24 |
| 105 | + store: boltdb-shipper |
| 106 | + object_store: filesystem |
| 107 | + schema: v11 |
| 108 | + index: |
| 109 | + prefix: index_ |
| 110 | + period: 24h |
| 111 | + |
| 112 | +ruler: |
| 113 | + alertmanager_url: http://localhost:9093 |
| 114 | +``` |
| 115 | +
|
| 116 | +
|
| 117 | +``` |
| 118 | +touch nano promtail/loki-config.yml |
| 119 | +``` |
| 120 | + |
| 121 | +`promtail-config.yml` |
| 122 | + |
| 123 | +```yml |
| 124 | +server: |
| 125 | + http_listen_port: 9080 |
| 126 | + grpc_listen_port: 0 |
| 127 | + |
| 128 | +positions: |
| 129 | + filename: /tmp/positions.yaml |
| 130 | + |
| 131 | +clients: |
| 132 | + - url: http://loki:3100/loki/api/v1/push |
| 133 | + |
| 134 | +# local machine logs |
| 135 | +scrape_configs: |
| 136 | +- job_name: local |
| 137 | + static_configs: |
| 138 | + - targets: |
| 139 | + - localhost |
| 140 | + labels: |
| 141 | + job: varlogs |
| 142 | + __path__: /var/log/*log |
| 143 | + |
| 144 | +## docker logs |
| 145 | +# scrape_configs: |
| 146 | +# - job_name: docker |
| 147 | +# pipeline_stages: |
| 148 | +# - docker: {} |
| 149 | +# static_configs: |
| 150 | +# - labels: |
| 151 | +# job: docker |
| 152 | +# __path__: /var/lib/docker/containers/*/*-json.log |
| 153 | + |
| 154 | +## syslog target |
| 155 | +# scrape_configs: |
| 156 | +# - job_name: syslog |
| 157 | +# syslog: |
| 158 | +# listen_address: 0.0.0.0:1514 |
| 159 | +# idle_timeout: 60s |
| 160 | +# label_structured_data: yes |
| 161 | +# labels: |
| 162 | +# job: "syslog" |
| 163 | +# relabel_configs: |
| 164 | +# - source_labels: ['__syslog_message_hostname'] |
| 165 | +# target_label: 'host' |
| 166 | +``` |
| 167 | + |
| 168 | + |
| 169 | + |
| 170 | +``` |
| 171 | +sudo nano /etc/daemon.json |
| 172 | +``` |
| 173 | + |
| 174 | +`daemon.json` |
| 175 | + |
| 176 | +```json |
| 177 | +{ |
| 178 | + "log-driver": "loki", |
| 179 | + "log-opts": { |
| 180 | + "loki-url": "http://localhost:3100/loki/api/v1/push", |
| 181 | + "loki-batch-size": "400" |
| 182 | + } |
| 183 | +} |
| 184 | +``` |
| 185 | + |
| 186 | +```bash |
| 187 | + sudo systemctl restart docker |
| 188 | +``` |
0 commit comments