Loki(Minio存储) + Promtail + Grafana
一、Docker部署
1、准备三个文件依次为loki配置文件loki-config.yaml,promtail配置文件promtail-config.yaml,docker-compose.yaml
# vim loki-config.yaml
auth_enabled: false
server:
http_listen_port: 3100
grpc_listen_port: 9096
log_level: debug
grpc_server_max_concurrent_streams: 1000
common:
instance_addr: 127.0.0.1
path_prefix: /tmp/loki
#storage:
# filesystem:
# chunks_directory: /tmp/loki/chunks
# rules_directory: /tmp/loki/rules
replication_factor: 1
ring:
kvstore:
store: inmemory
query_range:
results_cache:
cache:
embedded_cache:
enabled: true
max_size_mb: 100
limits_config:
metric_aggregation_enabled: true
schema_config:
configs:
- from: 2020-10-24
store: tsdb
object_store: s3 #对象存储配置
schema: v13
index:
prefix: index_
period: 24h
storage_config:
tsdb_shipper:
active_index_directory: /loki/index
cache_location: /loki/index_cache
cache_ttl: 24h # Can be increased
# minio存储配置
aws:
s3: http://172.17.0.1:9000
endpoint: 172.17.0.1:9000
access_key_id: minioadmin
secret_access_key: minioadmin
bucketnames: loki-data
insecure: true
s3forcepathstyle: true
pattern_ingester:
enabled: true
metric_aggregation:
loki_address: localhost:3100
ruler:
alertmanager_url: http://172.17.0.1:9093
frontend:
encoding: protobuf
# vim promtail-config.yaml
server:
http_listen_port: 9080
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
clients:
- url: http://loki:3100/loki/api/v1/push # loki通信地址
scrape_configs:
- job_name: system
static_configs:
- targets:
- localhost
labels:
instance: oracle-vps1
job: varlogs
__path__: /var/log/*log
- targets:
- localhost
labels:
instance: oracle-vps1
job: nginxlogs
__path__: /var/log/nginx/*log
# vim docker-compose.yaml
version: "3"
networks:
loki:
services:
loki:
image: grafana/loki:3.4.1
ports:
- "3100:3100"
volumes:
- ./loki-config.yaml:/etc/loki-config.yaml
command: -config.file=/etc/loki-config.yaml
networks:
- loki
promtail:
image: grafana/promtail:3.4.1
volumes:
- ./promtail-config.yaml:/etc/promtail-config.yml
- /var/log:/var/log # 挂载宿主机日志目录
- /var/log/nginx:/var/log/nginx # 挂载宿主机nginx日志目录
command: -config.file=/etc/promtail-config.yml
networks:
- loki
grafana:
image: grafana/grafana
container_name: "grafana"
ports:
- "3010:3000"
restart: always
volumes:
- "./grafana_data:/var/lib/grafana"
- /etc/timezone:/etc/timezone
- /etc/localtime:/etc/localtime:ro
二、Minio作为Loki的存储
三、grafana(借用部署Prometheus时创建的)
此处Loki URL,如docker-compose部署,直接填写 http://loki:3100
监控nginx服务的日志情况
根据https://grafana.com/grafana/dashboards/12559-loki-nginx-service-mesh-json-version/这个模板修改
修改nginx日志格式
log_format main escape=json '{'
'"remote_addr":"$remote_addr",'
'"remote_user":"$remote_user",'
'"time_local":"$time_local",'
'"request_method": "$request_method",'
'"request":"$request",'
'"request_time":"$request_time",'
'"status":$status,'
'"body_bytes_sent":$body_bytes_sent,'
'"http_referer":"$http_referer",'
'"http_user_agent":"$http_user_agent",'
'"http_x_forwarded_for":"$http_x_forwarded_for",'
'"upstream_addr":"$upstream_addr",'
'"geoip2_country_code":"$geoip2_country_code"'
'}';
geoip2 /etc/nginx/GeoLite2-Country.mmdb { # 涉及使用到geoip2模块,需要自行重新编译nginx
$geoip2_country_code country iso_code;
}
// 格式化之后的nginx日志
{"remote_addr":"156.221.111.111","remote_user":"","time_local":"18/Apr/2025:10:27:57 +0800","request_method": "GET","request":"GET /minio/ui/ws/objectManager HTTP/1.1","request_time":"30.372","status":101,"body_bytes_sent":4,"http_referer":"","http_user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36","http_x_forwarded_for":"156.221.111.111","upstream_addr":"127.0.0.1:9001","geoip2_country_code":"SC"}
四、利用nginx保护loki的通信接口
location /loki/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://loki;
}
# 修改相应的promtail配置
clients:
- url: https://xxx.xxx.xxx.xxx/loki/api/v1/push
basic_auth:
username: admin
password: admin123.