Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to scale a Logging Infrastructure

Avatar for Paul Stack Paul Stack
June 03, 2015
Technology
0
180

How to scale a Logging Infrastructure

Logging infrastructure using ELK + Kafka
Avatar for Paul Stack

Paul Stack

June 03, 2015
Tweet

More Decks by Paul Stack

See All by Paul Stack
Infrastructure as Software
Avatar for Paul Stack stack72
0
71
Mirror, Mirror on the way, what is the vainest metric of them all?
Avatar for Paul Stack stack72
1
2.3k
Continuously Delivering Infrastructure to the Cloud
Avatar for Paul Stack stack72
0
190
DevOops 2016
Avatar for Paul Stack stack72
0
120
The Quest for Infrastructure Management 2.0
Avatar for Paul Stack stack72
0
140
The Biggest Trick Consultants Ever Pulled was Telling The World Continuous Delivery is Easy
Avatar for Paul Stack stack72
1
120
The Transition from Product to Infrastructure
Avatar for Paul Stack stack72
0
61
Continuous Delivery - the missing parts
Avatar for Paul Stack stack72
0
950
Windows: Having its ass kicked by puppet and powershell
Avatar for Paul Stack stack72
0
130

Other Decks in Technology

See All in Technology
“日本一のM&A企業”を支える、少人数SREの効率化戦略 / SRE NEXT 2025
Avatar for GENDA genda
1
280
AIエージェントが書くのなら直接CloudFormationを書かせればいいじゃないですか何故AWS CDKを使う必要があるのさ
Avatar for watany watany
19
7.6k
P2P通信の標準化 WebRTCを知ろう
Avatar for Akira Takahashi faithandbrave
1
420
振り返りTransit Gateway ~VPCをいい感じでつなげるために~
Avatar for モブエンジニア(Masaki Okuda) masakiokuda
4
210
マルチプロダクト環境におけるSREの役割 / SRE NEXT 2025 lunch session
Avatar for sugamasao sugamasao
1
760
ソフトウェアQAがハードウェアの人になったの
Avatar for Matsu mineo_matsuya
3
220
AIでテストプロセス自動化に挑戦する
Avatar for K_SAK sakatakazunori
1
550
Deep Security Conference 2025:生成AI時代のセキュリティ監視 /dsc2025-genai-secmon
Avatar for Masayoshi Mizutani mizutani
4
3k
QuickSight SPICE の効果的な運用戦略~S3 + Athena 構成での実践ノウハウ~/quicksight-spice-s3-athena-best-practices
Avatar for emi emiki
0
290
セキュアなAI活用のためのLiteLLMの可能性
Avatar for Hiroki Takatsuka tk3fftk
1
360
対話型音声AIアプリケーションの信頼性向上の取り組み
Avatar for 株式会社IVRy(社員登壇資料) ivry_presentationmaterials
3
1.1k
All About Sansan – for New Global Engineers
Avatar for Sansan, Inc. sansan33
PRO
1
1.2k

Featured

See All Featured
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
51
3.3k
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1031
460k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
246
12k
Docker and Python
Avatar for Tania Allard trallard
45
3.5k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
35
2.4k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
69
4.7k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
248
1.3M
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
51
8.6k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
1.9k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.5k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
8
340
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
47
9.6k

Transcript

  1. How do you scale a logging infrastructure to accept a

    billion messages a day? Paul Stack http://twitter.com/stack72 mail: paul@paulstack.co.uk

  2. About Me Infrastructure Engineer for a cool startup :) Reformed

    ASP.NET / C# Developer DevOps Extremist Conference Junkie

  3. Background Project was to replace the legacy ‘logging solution’

  4. Iteration 0: A Developer created a single box with the

    ELK all in 1 jar

  5. Time to make it production ready now

  6. None

  7. Iteration 1: Using Redis as the input mechanism for LogStash

  8. None
  9. None

  10. Enter Apache Kafka

  11. “Kafka is a distributed publish- subscribe messaging system that is

    designed to be fast, scalable, and durable” Source: Cloudera Blog

  12. Introduction to Kafka • Kafka is made up of ‘topics’,

    ‘producers’, ‘consumers’ and ‘brokers’ • Communication is via TCP • Backed by Zookeeper

  13. Kafka Topics Source: http://kafka.apache.org/documentation.html

  14. Kafka Producers • Producers are responsible to chose what topic

    to publish data to • The producer is responsible for choosing a partition to write to • Can be handled round robin or partition functions

  15. Kafka Consumers • Consumption can be done via: • queuing

    • pub-sub

  16. Kafka Consumers • Kafka consumer group • Strong ordering

  17. Kafka Consumers • Strong ordering

  18. https://github.com/opentable/puppet-exhibitor

  19. None

  20. Iteration 2 Introduction of Kafka

  21. None
  22. None

  23. Iteration 3 Further ‘Improvements’ to the cluster layout

  24. None

  25. The Numbers • Logs kept in ES for 30 days

    then archived • 12 billion documents active in ES • ES space was about 25 - 30TB in EBS volumes • Average Doc Size ~ 1.2KB • V-Day 2015: ~750M docs collected without failure

  26. What about metrics and monitoring?

  27. Monitoring - Nagios • Alerts on • ES Cluster •

    zK and Kafka Nodes • Logstash / Redis nodes
  28. None

  29. https://github.com/stack72/nagios-elasticsearch

  30. Metrics - Kafka Offset Monitor

  31. https://github.com/opentable/KafkaOffsetMonitor

  32. Metrics - ElasticSearch

  33. None
  34. None
  35. None

  36. Visibility Rocks!

  37. None

  38. So what would I do differently?

  39. Questions?

  40. Paul Stack @stack72