• 大数据学习之Flume框架 24

    1Flume概述

    1)官网地址

    http://flume.apache.org/

    2)日志采集工具

    Flume是一种分布式,可靠且可用的服务,用于有效地收集,聚合和移动大量日志数据。它具有基于

    流数据流的简单灵活的架构。它具有可靠的可靠性机制和许多故障转移和恢复机制,具有强大的容错

    能力。它使用简单的可扩展数据模型,允许在线分析应用程序。

    3)为什么需要flume

    数据从哪里来?

    -》爬虫

    -》日志数据 flume

    -》传统型数据库 sqoop

    4)flume架构

    source:数据源

    产生数据流,同时source将产生的数据流传输到channel

    channel:传输通道

    用于桥接Source和sinks

    sinks:下沉

    channel收集数据

    event:传输单元

    Flume数据传传输的基本单元,以事件的形式将数据送往目的地。

    2Flume安装部署

    1)下载安装包

    http://archive.apache.org/dist/flume/1.6.0/

    2)上传到linux

    alt+p

    3)解压

    tar -zxvf .tar

    4) 重命名

    mv flume-env.sh.template flume-env.sh

    5) 修改配置文件

    export JAVA_HOME=/root/training/jdk1.8.0_141

    3Flume案例

    案例一:Flume监听端口

    1)安装telnet

    yum search telnet

    yum intsall telnet.x86_64

    2) 写配置文件

    vi flumejob_telnet.conf

    #smple.conf: A single-node Flume configuration

# Name the components on this agent 定义变量方便调用 加s可以有多个此角色
a1.sources = r1
a1.sinks = k1
a1.channels = c1

# Describe/configure the source 描述source角色 进行内容定制
# 此配置属于tcp source 必须是netcat类型
a1.sources.r1.type = netcat 
a1.sources.r1.bind = localhost
a1.sources.r1.port = 44444

# Describe the sink 输出日志文件
a1.sinks.k1.type = logger

# Use a channel which buffers events in memory(file) 使用内存 总大小1000 每次传输100
a1.channels.c1.type = memory
a1.channels.c1.capacity = 1000
a1.channels.c1.transactionCapacity = 100

# Bind the source and sink to the channel 一个source可以绑定多个channel 
# 一个sinks可以只能绑定一个channel  使用的是图二的模型
a1.sources.r1.channels = c1
a1.sinks.k1.channel = c1

      

    3)启动

    bin/flume-ng agent --conf conf/ --name a1 --conf-file conf/flumejob_telne

    t.conf -Dflume.root.logger==INFO,console

    4)发送数据

    telnet localhost 44444

    5) 查看控制台打印的日志

    案例二:实时的采集文件到HDFS

    启动

    bin/flume-ng agent --conf conf/ --name a1 --conf-file conf/flumejob_hdfs.conf

    # Name the components on this agent 
a1.sources = r1
a1.sinks = k1
a1.channels = c1

# Describe/configure the source 
# exec 执行一个命令的方式去查看文件 tail -F 实时查看
a1.sources.r1.type = exec
# 要执行的脚本command tail -F 默认10行 man tail  查看帮助
a1.sources.r1.command = tail -F /tmp/root/hive.log
# 执行这个command使用的是哪个脚本 -c 指定使用什么命令
# whereis bash
# bash: /usr/bin/bash /usr/share/man/man1/bash.1.gz 
a1.sources.r1.shell = /usr/bin/bash -c

# Describe the sink 
a1.sinks.k1.type = hdfs
a1.sinks.k1.hdfs.path = hdfs://hd09-01:9000/flume/%Y%m%d/%H
#上传文件的前缀
a1.sinks.k1.hdfs.filePrefix = logs-
#是否按照时间滚动文件夹
a1.sinks.k1.hdfs.round = true
#多少时间单位创建一个新的文件夹  秒 (默认30s)
a1.sinks.k1.hdfs.roundValue = 1
#重新定义时间单位(每小时滚动一个文件夹)
a1.sinks.k1.hdfs.roundUnit = minute
#是否使用本地时间戳
a1.sinks.k1.hdfs.useLocalTimeStamp = true
#积攒多少个 Event 才 flush 到 HDFS 一次
a1.sinks.k1.hdfs.batchSize = 500
#设置文件类型,可支持压缩
a1.sinks.k1.hdfs.fileType = DataStream
#多久生成一个新的文件 秒
a1.sinks.k1.hdfs.rollInterval = 30
#设置每个文件的滚动大小 字节(最好128M)
a1.sinks.k1.hdfs.rollSize = 134217700
#文件的滚动与 Event 数量无关
a1.sinks.k1.hdfs.rollCount = 0
#最小冗余数(备份数 生成滚动功能则生效roll hadoop本身有此功能 无需配置) 1份 不冗余
a1.sinks.k1.hdfs.minBlockReplicas = 1

# Use a channel which buffers events in memory 
a1.channels.c1.type = memory 
a1.channels.c1.capacity = 1000
a1.channels.c1.transactionCapacity = 100

# Bind the source and sink to the channel
a1.sources.r1.channels = c1
a1.sinks.k1.channel = c1

      

    案例三:实时监听文件夹

    bin/flume-ng agent --conf conf/ --name a1 --conf-file conf/flumejob_dir.con

    # 定义
a1.sources = r1
a1.sinks = k1
a1.channels = c1

# Describe/configure the source
a1.sources.r1.type = spooldir
# 监控的文件夹
a1.sources.r1.spoolDir = /root/spooldir
# 上传成功后显示后缀名 
a1.sources.r1.fileSuffix = .COMPLETED
# 如论如何 加绝对路径的文件名 默认false
a1.sources.r1.fileHeader = true

#忽略所有以.tmp 结尾的文件(正在被写入),不上传
# ^以任何开头 出现无限次 以.tmp结尾的
a1.sources.r1.ignorePattern = ([^ ]*.tmp)

# Describe the sink 
a1.sinks.k1.type = hdfs
a1.sinks.k1.hdfs.path = hdfs://hd09-01:9000/flume/spooldir/%Y%m%d/%H
#上传文件的前缀
a1.sinks.k1.hdfs.filePrefix = spooldir-
#是否按照时间滚动文件夹
a1.sinks.k1.hdfs.round = true
#多少时间单位创建一个新的文件夹
a1.sinks.k1.hdfs.roundValue = 1
#重新定义时间单位
a1.sinks.k1.hdfs.roundUnit = hour
#是否使用本地时间戳
a1.sinks.k1.hdfs.useLocalTimeStamp = true
#积攒多少个 Event 才 flush 到 HDFS 一次
a1.sinks.k1.hdfs.batchSize = 50

#设置文件类型,可支持压缩
a1.sinks.k1.hdfs.fileType = DataStream
#多久生成一个新的文件
a1.sinks.k1.hdfs.rollInterval = 600
#设置每个文件的滚动大小大概是 128M 
a1.sinks.k1.hdfs.rollSize = 134217700
#文件的滚动与 Event 数量无关
a1.sinks.k1.hdfs.rollCount = 0
#最小副本数
a1.sinks.k1.hdfs.minBlockReplicas = 1

# Use a channel which buffers events in memory 
a1.channels.c1.type = memory 
a1.channels.c1.capacity = 1000
a1.channels.c1.transactionCapacity = 100

# Bind the source and sink to the channel
a1.sources.r1.channels = c1 
a1.sinks.k1.channel = c1

      

    案例四:多个channel/sink

    需求:监控hive.log文件,用同时产生两个channel,一个channel对应的sink存储到hdfs中,

    另外一个channel对应的sink存储到本地。

    想对应的启动命令我放在每个配置文件的第一行的

    flumejob_1.conf 监听hive的日志文件,将sink指向2个端口

    #bin/flume-ng agent --conf conf/ --name a1 --conf-file conf/flumejob_1.conf 
# name the components on this agent 
a1.sources = r1
a1.sinks = k1 k2 
a1.channels = c1 c2
# 将数据流复制给多个 channel
a1.sources.r1.selector.type = replicating

# Describe/configure the source 
a1.sources.r1.type = exec
a1.sources.r1.command = tail -F /tmp/root/hive.log
a1.sources.r1.shell = /bin/bash -c


# Describe the sink
# 分两个端口发送数据 
a1.sinks.k1.type = avro 
a1.sinks.k1.hostname = bigdata11 
a1.sinks.k1.port = 4141

a1.sinks.k2.type = avro 
a1.sinks.k2.hostname = bigdata11
a1.sinks.k2.port = 4142

# Describe the channel 
a1.channels.c1.type = memory 
a1.channels.c1.capacity = 1000
a1.channels.c1.transactionCapacity = 100

a1.channels.c2.type = memory 
a1.channels.c2.capacity = 1000
a1.channels.c2.transactionCapacity = 100

# Bind the source and sink to the channel 
a1.sources.r1.channels = c1 c2 
a1.sinks.k1.channel = c1
a1.sinks.k2.channel = c2

      

    flumejob_2.conf 保存到hdfs

    #bin/flume-ng agent --conf conf/ --name a1 --conf-file conf/flumejob_2.conf
# Name the components on this agent 
a1.sources = r1
a1.sinks = k1
a1.channels = c1

# Describe/configure the source 
a1.sources.r1.type = avro
a1.sources.r1.bind = bigdata11
a1.sources.r1.port = 4141

# Describe the sink 
a1.sinks.k1.type = hdfs
a1.sinks.k1.hdfs.path = hdfs://bigdata11:9000/flume/%Y%m%d/%H
#上传文件的前缀
a1.sinks.k1.hdfs.filePrefix = logs-
#是否按照时间滚动文件夹
a1.sinks.k1.hdfs.round = true
#多少时间单位创建一个新的文件夹  秒 (默认30s)
a1.sinks.k1.hdfs.roundValue = 1
#重新定义时间单位(每小时滚动一个文件夹)
a1.sinks.k1.hdfs.roundUnit = minute
#是否使用本地时间戳
a1.sinks.k1.hdfs.useLocalTimeStamp = true
#积攒多少个 Event 才 flush 到 HDFS 一次
a1.sinks.k1.hdfs.batchSize = 500
#设置文件类型,可支持压缩
a1.sinks.k1.hdfs.fileType = DataStream
#多久生成一个新的文件 秒
a1.sinks.k1.hdfs.rollInterval = 30
#设置每个文件的滚动大小 字节(最好128M)
a1.sinks.k1.hdfs.rollSize = 134217700
#文件的滚动与 Event 数量无关
a1.sinks.k1.hdfs.rollCount = 0
#最小冗余数(备份数 生成滚动功能则生效roll hadoop本身有此功能 无需配置) 1份 不冗余
a1.sinks.k1.hdfs.minBlockReplicas = 1

# Use a channel which buffers events in memory 
a1.channels.c1.type = memory 
a1.channels.c1.capacity = 1000
a1.channels.c1.transactionCapacity = 100

# Bind the source and sink to the channel
a1.sources.r1.channels = c1
a1.sinks.k1.channel = c1

      

    flumejob_3.conf,保存到本地

    #bin/flume-ng agent --conf conf/ --name a3 --conf-file conf/flumejob_3.conf
# Name the components on this agent 
a3.sources = r1
a3.sinks = k1 
a3.channels = c1

# Describe/configure the source 
a3.sources.r1.type = avro
a3.sources.r1.bind = bigdata11
a3.sources.r1.port = 4142

# Describe the sink 
a3.sinks.k1.type = file_roll
a3.sinks.k1.sink.directory = /root/temp/flume2

# Describe the channel 
a3.channels.c1.type = memory 
a3.channels.c1.capacity = 1000
a3.channels.c1.transactionCapacity = 100


# Bind the source and sink to the channel 
a3.sources.r1.channels = c1
a3.sinks.k1.channel = c1

      
  • 相关阅读:
    5、Android Service测试
    javassist示例
    HeaderExchangeClient
    dubbo 心跳
    javassist和jdk动态代理
    dubbo为consumer创建代理
    线程同步知识点
    SynchronousQueue类
    Executors类的newFixedThreadPool, newCachedThreadPool, newScheduledThreadPool
    eclipse设置条件断点
  • 原文地址:https://www.cnblogs.com/hidamowang/p/10916128.html
Copyright © 2020-2023  润新知