Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to scale a Logging Infrastructure

Avatar for Paul Stack Paul Stack
June 03, 2015
Technology
0
190

How to scale a Logging Infrastructure

Logging infrastructure using ELK + Kafka

Avatar for Paul Stack

Paul Stack

June 03, 2015
Tweet

More Decks by Paul Stack

See All by Paul Stack
Infrastructure as Software
Avatar for Paul Stack stack72
0
75
Mirror, Mirror on the way, what is the vainest metric of them all?
Avatar for Paul Stack stack72
1
2.3k
Continuously Delivering Infrastructure to the Cloud
Avatar for Paul Stack stack72
0
200
DevOops 2016
Avatar for Paul Stack stack72
0
120
The Quest for Infrastructure Management 2.0
Avatar for Paul Stack stack72
0
150
The Biggest Trick Consultants Ever Pulled was Telling The World Continuous Delivery is Easy
Avatar for Paul Stack stack72
1
130
The Transition from Product to Infrastructure
Avatar for Paul Stack stack72
0
65
Continuous Delivery - the missing parts
Avatar for Paul Stack stack72
0
970
Windows: Having its ass kicked by puppet and powershell
Avatar for Paul Stack stack72
0
140

Other Decks in Technology

See All in Technology
How to achieve interoperable digital identity across Asian countries
Avatar for Naohiro Fujie fujie
0
120
GA technologiesでのAI-Readyの取り組み@DataOps Night
Avatar for yuto16 yuto16
0
270
BirdCLEF+2025 Noir 5位解法紹介
Avatar for MYSO myso
0
190
生成AIとM5Stack / M5 Japan Tour 2025 Autumn 東京
Avatar for you(@youtoy) you
PRO
0
210
Azure Well-Architected Framework入門
Avatar for tomokusaba tomokusaba
1
290
それでも私はContextに値を詰めたい | Go Conference 2025 / go conference 2025 fill context
Avatar for Yoichiro Shimizu budougumi0617
4
1.2k
自作LLM Native GORM Pluginで実現する AI Agentバックテスト基盤構築
Avatar for po3rin po3rin
2
250
VCC 2025 Write-up
Avatar for bata_24 bata_24
0
180
社内お問い合わせBotの仕組みと学び
Avatar for Tomoyuki Nishimura nish01
0
270
データエンジニアがこの先生きのこるには...?
Avatar for 10xinc 10xinc
0
440
GopherCon Tour 概略
Avatar for Takuto Nagami logica0419
2
190
Access-what? why and how, A11Y for All - Nordic.js 2025
Avatar for Geisy Domiciano gdomiciano
1
110

Featured

See All Featured
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
46
7.6k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.2k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
27
2k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
2.1k
Easily Structure & Communicate Ideas using Wireframe
Avatar for Afnizar Nur Ghifari afnizarnur
194
16k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
4
680
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
71
11k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.5k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
30
2.9k
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
59
9.6k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
180
9.9k
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
273
27k

Transcript

  1. How do you scale a logging infrastructure to accept a

    billion messages a day? Paul Stack http://twitter.com/stack72 mail: [email protected]

  2. About Me Infrastructure Engineer for a cool startup :) Reformed

    ASP.NET / C# Developer DevOps Extremist Conference Junkie

  3. Background Project was to replace the legacy ‘logging solution’

  4. Iteration 0: A Developer created a single box with the

    ELK all in 1 jar

  5. Time to make it production ready now

  6. None

  7. Iteration 1: Using Redis as the input mechanism for LogStash

  8. None
  9. None

  10. Enter Apache Kafka

  11. “Kafka is a distributed publish- subscribe messaging system that is

    designed to be fast, scalable, and durable” Source: Cloudera Blog

  12. Introduction to Kafka • Kafka is made up of ‘topics’,

    ‘producers’, ‘consumers’ and ‘brokers’ • Communication is via TCP • Backed by Zookeeper

  13. Kafka Topics Source: http://kafka.apache.org/documentation.html

  14. Kafka Producers • Producers are responsible to chose what topic

    to publish data to • The producer is responsible for choosing a partition to write to • Can be handled round robin or partition functions

  15. Kafka Consumers • Consumption can be done via: • queuing

    • pub-sub

  16. Kafka Consumers • Kafka consumer group • Strong ordering

  17. Kafka Consumers • Strong ordering

  18. https://github.com/opentable/puppet-exhibitor

  19. None

  20. Iteration 2 Introduction of Kafka

  21. None
  22. None

  23. Iteration 3 Further ‘Improvements’ to the cluster layout

  24. None

  25. The Numbers • Logs kept in ES for 30 days

    then archived • 12 billion documents active in ES • ES space was about 25 - 30TB in EBS volumes • Average Doc Size ~ 1.2KB • V-Day 2015: ~750M docs collected without failure

  26. What about metrics and monitoring?

  27. Monitoring - Nagios • Alerts on • ES Cluster •

    zK and Kafka Nodes • Logstash / Redis nodes
  28. None

  29. https://github.com/stack72/nagios-elasticsearch

  30. Metrics - Kafka Offset Monitor

  31. https://github.com/opentable/KafkaOffsetMonitor

  32. Metrics - ElasticSearch

  33. None
  34. None
  35. None

  36. Visibility Rocks!

  37. None

  38. So what would I do differently?

  39. Questions?

  40. Paul Stack @stack72