Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to scale a Logging Infrastructure
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Paul Stack
June 03, 2015
Technology
210
0
Share
How to scale a Logging Infrastructure
Logging infrastructure using ELK + Kafka
Paul Stack
June 03, 2015
More Decks by Paul Stack
See All by Paul Stack
Infrastructure as Software
stack72
0
99
Mirror, Mirror on the way, what is the vainest metric of them all?
stack72
1
2.4k
Continuously Delivering Infrastructure to the Cloud
stack72
0
240
DevOops 2016
stack72
0
130
The Quest for Infrastructure Management 2.0
stack72
0
170
The Biggest Trick Consultants Ever Pulled was Telling The World Continuous Delivery is Easy
stack72
1
150
The Transition from Product to Infrastructure
stack72
0
91
Continuous Delivery - the missing parts
stack72
0
1k
Windows: Having its ass kicked by puppet and powershell
stack72
0
160
Other Decks in Technology
See All in Technology
カオナビに Suspenseを導入するまで / The Road to Suspense at kaonavi
kaonavi
1
240
Agents CLI と Gemini Enterprise Agent Platform で マルチエージェント開発が楽しくなる!
kaz1437
0
230
Anthropic「Long-running a gents」をGeminiで再現してみた
tkikuchi
0
770
もっとコンテンツをよく構造化して理解したいので、LLM 時代こそ Taxonomy の設計品質に目を向けたい〜!
morinota
0
160
ボトムアップの改善の火を灯し続けろ!〜支援現場で学んだ、消えないための3つの打ち手〜 / 20260509 Kazuki Mori
shift_evolve
PRO
2
390
AIと乗り切った1,500ページ超のヘルプサイト基盤刷新とさらにその先の話
mugi_uno
2
300
Google Cloud Next '26 の裏でこっそりリリースされたCloud Number Registry & Cloud Hub コスト分析 を試してみた
hikaru1001
0
150
Angular Architecture Revisited Modernizing Angular Architectural Patterns
rainerhahnekamp
0
120
M5Stack CoreS3とZephyr(RTOS)で Edge AIっぽいことしてみた
iotengineer22
0
420
Microsoft 365 / Microsoft 365 Copilot : 自分の状態を確認する「ラベル」について
taichinakamura
0
450
QAエンジニアはどうやって プロダクト議論の場に入れるのか?
moritamasami
2
350
色を視る
yuzneri
0
320
Featured
See All Featured
The Invisible Side of Design
smashingmag
302
52k
The Curse of the Amulet
leimatthew05
1
12k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
2.9k
Navigating Weather and Climate Data
rabernat
0
180
For a Future-Friendly Web
brad_frost
183
10k
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.2k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.9k
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
300
BBQ
matthewcrist
89
10k
Docker and Python
trallard
47
3.8k
A Modern Web Designer's Workflow
chriscoyier
698
190k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Transcript
How do you scale a logging infrastructure to accept a
billion messages a day? Paul Stack http://twitter.com/stack72 mail:
[email protected]
About Me Infrastructure Engineer for a cool startup :) Reformed
ASP.NET / C# Developer DevOps Extremist Conference Junkie
Background Project was to replace the legacy ‘logging solution’
Iteration 0: A Developer created a single box with the
ELK all in 1 jar
Time to make it production ready now
None
Iteration 1: Using Redis as the input mechanism for LogStash
None
None
Enter Apache Kafka
“Kafka is a distributed publish- subscribe messaging system that is
designed to be fast, scalable, and durable” Source: Cloudera Blog
Introduction to Kafka • Kafka is made up of ‘topics’,
‘producers’, ‘consumers’ and ‘brokers’ • Communication is via TCP • Backed by Zookeeper
Kafka Topics Source: http://kafka.apache.org/documentation.html
Kafka Producers • Producers are responsible to chose what topic
to publish data to • The producer is responsible for choosing a partition to write to • Can be handled round robin or partition functions
Kafka Consumers • Consumption can be done via: • queuing
• pub-sub
Kafka Consumers • Kafka consumer group • Strong ordering
Kafka Consumers • Strong ordering
https://github.com/opentable/puppet-exhibitor
None
Iteration 2 Introduction of Kafka
None
None
Iteration 3 Further ‘Improvements’ to the cluster layout
None
The Numbers • Logs kept in ES for 30 days
then archived • 12 billion documents active in ES • ES space was about 25 - 30TB in EBS volumes • Average Doc Size ~ 1.2KB • V-Day 2015: ~750M docs collected without failure
What about metrics and monitoring?
Monitoring - Nagios • Alerts on • ES Cluster •
zK and Kafka Nodes • Logstash / Redis nodes
None
https://github.com/stack72/nagios-elasticsearch
Metrics - Kafka Offset Monitor
https://github.com/opentable/KafkaOffsetMonitor
Metrics - ElasticSearch
None
None
None
Visibility Rocks!
None
So what would I do differently?
Questions?
Paul Stack @stack72
SiteGround - Reliable hosting with speed, security, and support you can count on.
stack72
kaonavi
kaz1437
tkikuchi
morinota
shift_evolve
mugi_uno
hikaru1001
rainerhahnekamp
iotengineer22
taichinakamura
moritamasami
yuzneri
smashingmag
leimatthew05
garrettdimon
rabernat
brad_frost
charlesmeaden
reverentgeek
apolaine
matthewcrist
trallard
chriscoyier
cassininazir
