Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to scale a Logging Infrastructure

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Paul Stack Paul Stack
June 03, 2015
Technology
0
200

How to scale a Logging Infrastructure

Logging infrastructure using ELK + Kafka

Avatar for Paul Stack

Paul Stack

June 03, 2015
Tweet

More Decks by Paul Stack

See All by Paul Stack
Infrastructure as Software
Avatar for Paul Stack stack72
0
88
Mirror, Mirror on the way, what is the vainest metric of them all?
Avatar for Paul Stack stack72
1
2.4k
Continuously Delivering Infrastructure to the Cloud
Avatar for Paul Stack stack72
0
220
DevOops 2016
Avatar for Paul Stack stack72
0
130
The Quest for Infrastructure Management 2.0
Avatar for Paul Stack stack72
0
160
The Biggest Trick Consultants Ever Pulled was Telling The World Continuous Delivery is Easy
Avatar for Paul Stack stack72
1
140
The Transition from Product to Infrastructure
Avatar for Paul Stack stack72
0
81
Continuous Delivery - the missing parts
Avatar for Paul Stack stack72
0
990
Windows: Having its ass kicked by puppet and powershell
Avatar for Paul Stack stack72
0
150

Other Decks in Technology

See All in Technology
モダンUIでフルサーバーレスなAIエージェントをAmplifyとCDKでサクッとデプロイしよう
Avatar for みのるん minorun365
4
170
Bedrock PolicyでAmazon Bedrock Guardrails利用を強制してみた
Avatar for Yudai Jinno yuu551
0
170
あたらしい上流工程の形。 0日導入からはじめるAI駆動PM
Avatar for 熊井悠 kumaiu
5
760
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
Avatar for Serverless Operations slsops
2
220
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
Avatar for Cybozu cybozuinsideout
PRO
10
73k
インフラエンジニア必見!Kubernetesを用いたクラウドネイティブ設計ポイント大全
Avatar for 高棹大樹 daitak
0
330
30万人の同時アクセスに耐えたい!新サービスの盤石なリリースを支える負荷試験 / SRE Kaigi 2026
Avatar for GENDA genda
1
610
Oracle Cloud Observability and Management Platform - OCI 運用監視サービス概要 -
Avatar for oracle4engineer oracle4engineer
PRO
2
14k
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
Avatar for ktykogm 0gm
0
820
CDK対応したAWS DevOps Agentを試そう_20260201
Avatar for モブエンジニア(Masaki Okuda) masakiokuda
1
210
小さく始めるBCP ― 多プロダクト環境で始める最初の一歩
Avatar for kekke-n kekke_n
1
360
We Built for Predictability; The Workloads Didn’t Care
Avatar for Michael Stahnke stahnma
0
130

Featured

See All Featured
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
32
2.8k
Tell your own story through comics
Avatar for letsgokoyo letsgokoyo
1
810
Become a Pro
Avatar for Speaker Deck speakerdeck
PRO
31
5.8k
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
275
41k
Writing Fast Ruby
Avatar for Erik Berlin sferik
630
62k
Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth
Avatar for Umar Saidu Auna auna
0
51
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
Avatar for Szymon szymonslowik
1
910
Save Time (by Creating Custom Rails Generators)
Avatar for Garrett Dimon garrettdimon
PRO
32
2.1k
My Coaching Mixtape
Avatar for mlcsv mlcsv
0
46
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
Kristin Tynski - Automating Marketing Tasks With AI
Avatar for Tech SEO Connect techseoconnect
PRO
0
130
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.3k

Transcript

  1. How do you scale a logging infrastructure to accept a

    billion messages a day? Paul Stack http://twitter.com/stack72 mail: [email protected]

  2. About Me Infrastructure Engineer for a cool startup :) Reformed

    ASP.NET / C# Developer DevOps Extremist Conference Junkie

  3. Background Project was to replace the legacy ‘logging solution’

  4. Iteration 0: A Developer created a single box with the

    ELK all in 1 jar

  5. Time to make it production ready now

  6. None

  7. Iteration 1: Using Redis as the input mechanism for LogStash

  8. None
  9. None

  10. Enter Apache Kafka

  11. “Kafka is a distributed publish- subscribe messaging system that is

    designed to be fast, scalable, and durable” Source: Cloudera Blog

  12. Introduction to Kafka • Kafka is made up of ‘topics’,

    ‘producers’, ‘consumers’ and ‘brokers’ • Communication is via TCP • Backed by Zookeeper

  13. Kafka Topics Source: http://kafka.apache.org/documentation.html

  14. Kafka Producers • Producers are responsible to chose what topic

    to publish data to • The producer is responsible for choosing a partition to write to • Can be handled round robin or partition functions

  15. Kafka Consumers • Consumption can be done via: • queuing

    • pub-sub

  16. Kafka Consumers • Kafka consumer group • Strong ordering

  17. Kafka Consumers • Strong ordering

  18. https://github.com/opentable/puppet-exhibitor

  19. None

  20. Iteration 2 Introduction of Kafka

  21. None
  22. None

  23. Iteration 3 Further ‘Improvements’ to the cluster layout

  24. None

  25. The Numbers • Logs kept in ES for 30 days

    then archived • 12 billion documents active in ES • ES space was about 25 - 30TB in EBS volumes • Average Doc Size ~ 1.2KB • V-Day 2015: ~750M docs collected without failure

  26. What about metrics and monitoring?

  27. Monitoring - Nagios • Alerts on • ES Cluster •

    zK and Kafka Nodes • Logstash / Redis nodes
  28. None

  29. https://github.com/stack72/nagios-elasticsearch

  30. Metrics - Kafka Offset Monitor

  31. https://github.com/opentable/KafkaOffsetMonitor

  32. Metrics - ElasticSearch

  33. None
  34. None
  35. None

  36. Visibility Rocks!

  37. None

  38. So what would I do differently?

  39. Questions?

  40. Paul Stack @stack72