Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to scale a Logging Infrastructure

Avatar for Paul Stack Paul Stack
June 03, 2015
Technology
0
190

How to scale a Logging Infrastructure

Logging infrastructure using ELK + Kafka

Avatar for Paul Stack

Paul Stack

June 03, 2015
Tweet

More Decks by Paul Stack

See All by Paul Stack
Infrastructure as Software
Avatar for Paul Stack stack72
0
75
Mirror, Mirror on the way, what is the vainest metric of them all?
Avatar for Paul Stack stack72
1
2.3k
Continuously Delivering Infrastructure to the Cloud
Avatar for Paul Stack stack72
0
200
DevOops 2016
Avatar for Paul Stack stack72
0
130
The Quest for Infrastructure Management 2.0
Avatar for Paul Stack stack72
0
150
The Biggest Trick Consultants Ever Pulled was Telling The World Continuous Delivery is Easy
Avatar for Paul Stack stack72
1
130
The Transition from Product to Infrastructure
Avatar for Paul Stack stack72
0
66
Continuous Delivery - the missing parts
Avatar for Paul Stack stack72
0
970
Windows: Having its ass kicked by puppet and powershell
Avatar for Paul Stack stack72
0
140

Other Decks in Technology

See All in Technology
CREが作る自己解決サイクルSlackワークフローに組み込んだAIによる社内ヘルプデスク改革 #cre_meetup
Avatar for 弁護士ドットコム bengo4com
0
340
20251027_マルチエージェントとは
Avatar for Almondoイベント担当 almondo_event
1
440
Biz職でもDifyでできる! 「触らないAIワークフロー」を実現する方法
Avatar for kanacan igarashikana
7
3.5k
アウトプットから始めるOSSコントリビューション 〜eslint-plugin-vueの場合〜 #vuefes
Avatar for 弁護士ドットコム bengo4com
3
1.8k
現場の壁を乗り越えて、 「計装注入」が拓く オブザーバビリティ / Beyond the Field Barriers: Instrumentation Injection and the Future of Observability
Avatar for Kento Kimura aoto
PRO
1
610
頭部ふわふわ浄酔器
Avatar for uyupun uyupun
0
110
入院医療費算定業務をAIで支援する:包括医療費支払い制度とDPCコーディング (公開版)
Avatar for Takashi Nishibayashi hagino3000
0
110
AWS re:Invent 2025事前勉強会資料 / AWS re:Invent 2025 pre study meetup
Avatar for Masanori Yamaguchi kinunori
0
340
AIでデータ活用を加速させる取り組み / Leveraging AI to accelerate data utilization
Avatar for okiyuki okiyuki99
1
480
混合雲環境整合異質工作流程工具運行關鍵業務 Job 的經驗分享
Avatar for Yao-Siang Su (蘇曜祥) yaosiang
0
190
OCIjp_Oracle AI World_Recap
Avatar for Shinya Omori shinpy
1
180
ゼロコード計装導入後のカスタム計装でさらに可観測性を高めよう
Avatar for SansanTech sansantech
PRO
1
460

Featured

See All Featured
The MySQL Ecosystem @ GitHub 2015
Avatar for Sam Lambert samlambert
251
13k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
52
3.5k
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
97
6.3k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
4.9k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
2.1k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
34
2.3k
Rails Girls Zürich Keynote
Avatar for Gregor Martynus gr2m
95
14k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9.1k
Code Review Best Practice
Avatar for Trisha Gee trishagee
72
19k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
116
20k
BBQ
Avatar for Matthew Crist matthewcrist
89
9.9k
The Language of Interfaces
Avatar for Des Traynor destraynor
162
25k

Transcript

  1. How do you scale a logging infrastructure to accept a

    billion messages a day? Paul Stack http://twitter.com/stack72 mail: [email protected]

  2. About Me Infrastructure Engineer for a cool startup :) Reformed

    ASP.NET / C# Developer DevOps Extremist Conference Junkie

  3. Background Project was to replace the legacy ‘logging solution’

  4. Iteration 0: A Developer created a single box with the

    ELK all in 1 jar

  5. Time to make it production ready now

  6. None

  7. Iteration 1: Using Redis as the input mechanism for LogStash

  8. None
  9. None

  10. Enter Apache Kafka

  11. “Kafka is a distributed publish- subscribe messaging system that is

    designed to be fast, scalable, and durable” Source: Cloudera Blog

  12. Introduction to Kafka • Kafka is made up of ‘topics’,

    ‘producers’, ‘consumers’ and ‘brokers’ • Communication is via TCP • Backed by Zookeeper

  13. Kafka Topics Source: http://kafka.apache.org/documentation.html

  14. Kafka Producers • Producers are responsible to chose what topic

    to publish data to • The producer is responsible for choosing a partition to write to • Can be handled round robin or partition functions

  15. Kafka Consumers • Consumption can be done via: • queuing

    • pub-sub

  16. Kafka Consumers • Kafka consumer group • Strong ordering

  17. Kafka Consumers • Strong ordering

  18. https://github.com/opentable/puppet-exhibitor

  19. None

  20. Iteration 2 Introduction of Kafka

  21. None
  22. None

  23. Iteration 3 Further ‘Improvements’ to the cluster layout

  24. None

  25. The Numbers • Logs kept in ES for 30 days

    then archived • 12 billion documents active in ES • ES space was about 25 - 30TB in EBS volumes • Average Doc Size ~ 1.2KB • V-Day 2015: ~750M docs collected without failure

  26. What about metrics and monitoring?

  27. Monitoring - Nagios • Alerts on • ES Cluster •

    zK and Kafka Nodes • Logstash / Redis nodes
  28. None

  29. https://github.com/stack72/nagios-elasticsearch

  30. Metrics - Kafka Offset Monitor

  31. https://github.com/opentable/KafkaOffsetMonitor

  32. Metrics - ElasticSearch

  33. None
  34. None
  35. None

  36. Visibility Rocks!

  37. None

  38. So what would I do differently?

  39. Questions?

  40. Paul Stack @stack72