DataStax Academy, profile picture
Uploaded byDataStax Academy
PDF, PPTX1,210 views

Big Data Open Source Security LLC: Realtime log analysis with Mesos, Docker, Kafka, Spark, Cassandra and Solr at scale

This document discusses real-time log analysis using Mesos, Docker, Kafka, Spark, Cassandra and Solr at scale. It provides an overview of the architecture, describing how data from various sources like syslog can be ingested into Kafka via Docker producers. It then discusses consuming from Kafka to write to Cassandra in real-time and running Spark jobs on Cassandra data. The document uses these open source tools together in a reference architecture to enable real-time analytics and search capabilities on streaming data.

Download as PDF, PPTX
Real-Time log analysis with Mesos, Docker, Kafka, Spark, Cassandra and Solr at scale
whoami CEO of Elodina http://www.elodina.net/ a big data as a service platform built on top open source software. The Elodina platform enables customers to analyze data streams and programmatically react to the results in real-time. We solve today’s data analytics needs by providing the tools and support necessary to utilize open source technologies. As users, contributors and committers, Elodina also provides support for frameworks that run on Mesos including Apache Kafka, Exhibitor (Zookeeper), Apache Storm, Apache Cassandra and a whole lot more! Apache Kafka Committer & PMC Member LinkedIn: http://linkedin.com/in/charmalloc Twitter : @allthingshadoop 2© 2015. All Rights Reserved.
1 Intro To Mesos, Kafka, Etc 2 Architecture Overview 3 Breaking it down into pieces 4 Questions? 3© 2015. All Rights Reserved.
Apache Mesos 4© 2015. All Rights Reserved.
Mesos Papers Mesos: A Platform for Fine-Grained Resource Sharing in the Data Center http://static.usenix.org/event/nsdi11/tech/full_papers/Hindman_new.pdf Google Borg - https://research.google.com/pubs/pub43438.html Google Omega: flexible, scalable schedulers for large compute clusters http: //eurosys2013.tudos.org/wp-content/uploads/2013/paper/Schwarzkopf.pdf 5
Static Partitioning 6
Static Partitioning 7
Static Partitioning 8
Static Partitioning 9
Fine Grained Resource Elasticity "If people knew how low it really is, we’d all get fired." https://gigaom.com/2013/11/30/the-sorry-state-of-server-utilization-and-the-impending-post-hypervisor-era/ 10
An operating system for your data center 11
EVERYTHING ON MESOS 12
How it works 13
Marathon 14 https://github.com/mesosphere/marathon Cluster-wide init and control system for services in cgroups or docker based on Apache Mesos
Docker on Marathon { "id": "basic-3", "cmd": "python3 -m http.server 8080", "cpus": 0.5, "mem": 32.0, "container": { "type": "DOCKER", "docker": { "image": "python:3", "network": "BRIDGE", "portMappings": [ { "containerPort": 8080, "hostPort": 0 } ] } } } 15
Apache Kafka 16
Kafka papers Apache Kafka was first open sourced by LinkedIn in 2011 Papers ● Building a Replicated Logging System with Apache Kafka http://www.vldb.org/pvldb/vol8/p1654-wang.pdf ● Kafka: A Distributed Messaging System for Log Processing http://research.microsoft.com/en- us/um/people/srikanth/netdb11/netdb11papers/netdb11-final12.pdf ● Building LinkedIn’s Real-time Activity Data Pipeline http://sites.computer.org/debull/A12june/pipeline.pdf ● The Log: What Every Software Engineer Should Know About Real-time Data's Unifying Abstraction http://engineering. linkedin.com/distributed-systems/log-what-every-software-engineer-should-know-about-real-time-datas-unifying http://kafka.apache.org/ 17
How Big Data Starts 18
More Big Data! More! 19
uhhhh 20
eeesh 21
Kafka de-couples data pipelines 22
Distributed Replicated Log Read & Write In real time As much as you want As fast as your network 23
Reference Architecture 24
Producers syslog → Kafka via docker https://hub.docker.com/r/stealthly/syslog/ syslog → Kafka scheduler https://github.com/stealthly/syslog-service statsd → Kafka scheduler https://github.com/stealthly/statsd-mesos-kafka system stats collection → Kafka scheduler https://github.com/stealthly/syscol tailf → Kafka https://github.com/stealthly/go_kafka_client/tree/master/producers/tailf Any language https://cwiki.apache.org/confluence/display/KAFKA/Clients 25
Reference Architecture 26
Kafka on Mesos https://github.com/mesos/kafka 27
Kafka on Mesos ● smart broker.id assignment. ● preservation of broker placement (through constraints and/or new features). ● ability to-do configuration changes. ● rolling restarts (for things like configuration changes). ● scaling the cluster up and down with automatic, programmatic and manual options. ● smart partition assignment via constraints visa vi roles, resources and attributes. 28
CLI & REST API ● scheduler - starts the scheduler. ● broker ○ add - adds one more more brokers to the cluster. ○ update - changes resources, constraints or broker properties one or more brokers. ○ remove - take a broker out of the cluster. ○ start - starts a broker up. ○ stop - this can either a graceful shutdown or will force kill it (./kafka-mesos.sh help stop) ● topic ○ list - list topics in cluster ○ add - add new topics in cluster ○ update - change topics in cluster ○ rebalance - allows you to rebalance a cluster either by selecting the brokers or topics to rebalance. Manual assignment is still possible using the Apache Kafka project tools. Rebalance can also change the replication factor on a topic. ● help - ./kafka-mesos.sh help || ./kafka-mesos.sh help {command} 29
Reference Architecture 30
Schema Avro or ProtoBuff - https://github.com/stealthly/go_kafka_client/blob/master/syslog/syslog_proto/logline.proto - https://github.com/stealthly/go_kafka_client/blob/master/logline.avsc logline • line • logtypeid • source • tags (k/v pairs) • timings (k/v pairs) 31
Consume from Kafka → Write to Cassandra Implement CQL write here https://github. com/stealthly/go_kafka_client/blob/master/consumers/consum ers.go#L186-L194 with https://github.com/gocql/gocql Go Kafka Client does fan out work processing, rebalance doesn’ t upset consumers that are reading already. 32
Reference Architecture 33
Sample Spark Job → Cassandra https://github.com/stealthly/gauntlet Uses the Cassandra Spark Connector https://github. com/datastax/spark-cassandra-connector 34
Use DataStax Enterprise to enable Search http://docs.datastax.com/en/datastax_enterprise/4. 8/datastax_enterprise/srch/srchOverview.html 35
Questions? 36 http://www.elodina.net
Thank you

More Related Content

PPTX
Making Apache Kafka Elastic with Apache Mesos
byJoe Stein
 
PDF
Mixing Metrics and Logs with Grafana + Influx by David Kaltschmidt, Director ...
byInfluxData
 
PDF
Spark Summit EU talk by Jiri Simsa
bySpark Summit
 
PPTX
HBaseConEast2016: Coprocessors – Uses, Abuses and Solutions
byMichael Stack
 
PDF
Streaming ETL - from RDBMS to Dashboard with KSQL
byBjoern Rost
 
PDF
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
bykawamuray
 
PPTX
Apache phoenix
byOsama Hussein
 
PPTX
Flink history, roadmap and vision
byStephan Ewen
 
Making Apache Kafka Elastic with Apache Mesos
byJoe Stein
 
Mixing Metrics and Logs with Grafana + Influx by David Kaltschmidt, Director ...
byInfluxData
 
Spark Summit EU talk by Jiri Simsa
bySpark Summit
 
HBaseConEast2016: Coprocessors – Uses, Abuses and Solutions
byMichael Stack
 
Streaming ETL - from RDBMS to Dashboard with KSQL
byBjoern Rost
 
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
bykawamuray
 
Apache phoenix
byOsama Hussein
 
Flink history, roadmap and vision
byStephan Ewen
 

What's hot

PDF
Analyze corefile and backtraces with GDB for Mysql/MariaDB on Linux - Nilanda...
byMydbops
 
PDF
War Stories: DIY Kafka
byconfluent
 
PDF
Multitenancy: Kafka clusters for everyone at LINE
bykawamuray
 
PDF
Redpanda and ClickHouse
byAltinity Ltd
 
PPTX
HBaseConEast2016: How yarn timeline service v.2 unlocks 360 degree platform i...
byMichael Stack
 
PPTX
DalmatinerDB and cockroachDB monitoring plataform
byLeandro Totino Pereira
 
PDF
LINE's messaging service architecture underlying more than 200 million monthl...
bykawamuray
 
PDF
Red Hat Summit 2017: Wicked Fast PaaS: Performance Tuning of OpenShift and D...
byJeremy Eder
 
PDF
Stream Processing made simple with Kafka
byDataWorks Summit/Hadoop Summit
 
PPTX
Why you’re going to fail running java on docker!
byRed Hat Developers
 
PDF
Kafka Summit SF 2017 - Exactly-once Stream Processing with Kafka Streams
byconfluent
 
PPTX
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021
byStreamNative
 
PDF
Espresso: LinkedIn's Distributed Data Serving Platform (Talk)
byAmy W. Tang
 
PDF
Wars of MySQL Cluster ( InnoDB Cluster VS Galera )
byMydbops
 
PDF
Postgres clusters
byStas Kelvich
 
PPTX
Espresso Database Replication with Kafka, Tom Quiggle
byconfluent
 
PDF
Continuous SQL with Apache Streaming (FLaNK and FLiP)
byTimothy Spann
 
PDF
Solution for events logging with akka streams and kafka
byAnatoly Sementsov
 
PPTX
Stephan Ewen - Running Flink Everywhere
byFlink Forward
 
PPTX
Apache Apex & Bigtop
byApache Apex
 
Analyze corefile and backtraces with GDB for Mysql/MariaDB on Linux - Nilanda...
byMydbops
 
War Stories: DIY Kafka
byconfluent
 
Multitenancy: Kafka clusters for everyone at LINE
bykawamuray
 
Redpanda and ClickHouse
byAltinity Ltd
 
HBaseConEast2016: How yarn timeline service v.2 unlocks 360 degree platform i...
byMichael Stack
 
DalmatinerDB and cockroachDB monitoring plataform
byLeandro Totino Pereira
 
LINE's messaging service architecture underlying more than 200 million monthl...
bykawamuray
 
Red Hat Summit 2017: Wicked Fast PaaS: Performance Tuning of OpenShift and D...
byJeremy Eder
 
Stream Processing made simple with Kafka
byDataWorks Summit/Hadoop Summit
 
Why you’re going to fail running java on docker!
byRed Hat Developers
 
Kafka Summit SF 2017 - Exactly-once Stream Processing with Kafka Streams
byconfluent
 
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021
byStreamNative
 
Espresso: LinkedIn's Distributed Data Serving Platform (Talk)
byAmy W. Tang
 
Wars of MySQL Cluster ( InnoDB Cluster VS Galera )
byMydbops
 
Postgres clusters
byStas Kelvich
 
Espresso Database Replication with Kafka, Tom Quiggle
byconfluent
 
Continuous SQL with Apache Streaming (FLaNK and FLiP)
byTimothy Spann
 
Solution for events logging with akka streams and kafka
byAnatoly Sementsov
 
Stephan Ewen - Running Flink Everywhere
byFlink Forward
 
Apache Apex & Bigtop
byApache Apex
 

Viewers also liked

PDF
Docker @ RelateIQ Presentation
byJohn Fiedler
 
PDF
BIG DATA サービス と ツール
byNgoc Dao
 
PDF
Scala, Apache Spark, The PlayFramework and Docker in IBM Platform As A Service
byRomeo Kienzler
 
PDF
Using docker for data science - part 2
byCalvin Giles
 
PDF
Real-Time Data Processing Pipeline & Visualization with Docker, Spark, Kafka ...
byRoberto Hashioka
 
PDF
Growing the Mesos Ecosystem
byMesosphere Inc.
 
PDF
Time Series Processing with Solr and Spark
byJosef Adersberger
 
PDF
Overview of DataStax OpsCenter
byDataStax
 
PPTX
High Performance Processing of Streaming Data
byGeoffrey Fox
 
PPTX
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
byData Con LA
 
PDF
Data analysis with Pandas and Spark
byFelix Crisan
 
PDF
Securing Kafka
byconfluent
 
PDF
The basics of fluentd
byTreasure Data, Inc.
 
PDF
Fluentd and Kafka
byN Masahiro
 
PPTX
Being Ready for Apache Kafka - Apache: Big Data Europe 2015
byMichael Noll
 
PPTX
Hadoop on Docker
byRakesh Saha
 
PDF
Big Data Day LA 2016/ Hadoop/ Spark/ Kafka track - Real-time Aggregations, Ap...
byData Con LA
 
PPTX
I Heart Log: Real-time Data and Apache Kafka
byJay Kreps
 
PDF
Docker introduction
byJulien Maitrehenry
 
PDF
Data processing platforms with SMACK: Spark and Mesos internals
byAnton Kirillov
 
Docker @ RelateIQ Presentation
byJohn Fiedler
 
BIG DATA サービス と ツール
byNgoc Dao
 
Scala, Apache Spark, The PlayFramework and Docker in IBM Platform As A Service
byRomeo Kienzler
 
Using docker for data science - part 2
byCalvin Giles
 
Real-Time Data Processing Pipeline & Visualization with Docker, Spark, Kafka ...
byRoberto Hashioka
 
Growing the Mesos Ecosystem
byMesosphere Inc.
 
Time Series Processing with Solr and Spark
byJosef Adersberger
 
Overview of DataStax OpsCenter
byDataStax
 
High Performance Processing of Streaming Data
byGeoffrey Fox
 
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
byData Con LA
 
Data analysis with Pandas and Spark
byFelix Crisan
 
Securing Kafka
byconfluent
 
The basics of fluentd
byTreasure Data, Inc.
 
Fluentd and Kafka
byN Masahiro
 
Being Ready for Apache Kafka - Apache: Big Data Europe 2015
byMichael Noll
 
Hadoop on Docker
byRakesh Saha
 
Big Data Day LA 2016/ Hadoop/ Spark/ Kafka track - Real-time Aggregations, Ap...
byData Con LA
 
I Heart Log: Real-time Data and Apache Kafka
byJay Kreps
 
Docker introduction
byJulien Maitrehenry
 
Data processing platforms with SMACK: Spark and Mesos internals
byAnton Kirillov
 

Similar to Big Data Open Source Security LLC: Realtime log analysis with Mesos, Docker, Kafka, Spark, Cassandra and Solr at scale

PPTX
Real-Time Log Analysis with Apache Mesos, Kafka and Cassandra
byJoe Stein
 
PDF
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
byC4Media
 
PPTX
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
byJoe Stein
 
PPTX
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
byAccumulo Summit
 
PPTX
Containerized Data Persistence on Mesos
byJoe Stein
 
PPTX
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
byJoe Stein
 
PDF
SMACK Stack 1.1
byJoe Stein
 
PPTX
Introduction To Apache Mesos
byJoe Stein
 
PDF
Apache Mesos Overview and Integration
byAlex Baretto
 
PPTX
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
byCodemotion
 
PDF
Make 2016 your year of SMACK talk
byDataStax Academy
 
PPTX
Developing Real-Time Data Pipelines with Apache Kafka
byJoe Stein
 
PPTX
Hadoop: Components and Key Ideas, -part1
bySandeep Kunkunuru
 
PDF
Dataservices based on mesos and kafka kostiantyn bokhan dataconf 21 04 18
byOlga Zinkevych
 
PDF
Apache Kafka + Apache Mesos + Kafka Streams - Highly Scalable Streaming Micro...
byKai Wähner
 
PDF
Streaming Processing with a Distributed Commit Log
byJoe Stein
 
PDF
Introducing Apache Mesos
byMatthias Furrer
 
PPTX
Developing Frameworks for Apache Mesos
byJoe Stein
 
PPTX
Apache Kafka, HDFS, Accumulo and more on Mesos
byJoe Stein
 
PDF
Mesos at OpenTable
byPablo Delgado
 
Real-Time Log Analysis with Apache Mesos, Kafka and Cassandra
byJoe Stein
 
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
byC4Media
 
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
byJoe Stein
 
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
byAccumulo Summit
 
Containerized Data Persistence on Mesos
byJoe Stein
 
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
byJoe Stein
 
SMACK Stack 1.1
byJoe Stein
 
Introduction To Apache Mesos
byJoe Stein
 
Apache Mesos Overview and Integration
byAlex Baretto
 
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
byCodemotion
 
Make 2016 your year of SMACK talk
byDataStax Academy
 
Developing Real-Time Data Pipelines with Apache Kafka
byJoe Stein
 
Hadoop: Components and Key Ideas, -part1
bySandeep Kunkunuru
 
Dataservices based on mesos and kafka kostiantyn bokhan dataconf 21 04 18
byOlga Zinkevych
 
Apache Kafka + Apache Mesos + Kafka Streams - Highly Scalable Streaming Micro...
byKai Wähner
 
Streaming Processing with a Distributed Commit Log
byJoe Stein
 
Introducing Apache Mesos
byMatthias Furrer
 
Developing Frameworks for Apache Mesos
byJoe Stein
 
Apache Kafka, HDFS, Accumulo and more on Mesos
byJoe Stein
 
Mesos at OpenTable
byPablo Delgado
 

More from DataStax Academy

PDF
Forrester CXNYC 2017 - Delivering great real-time cx is a true craft
byDataStax Academy
 
PPTX
Introduction to DataStax Enterprise Graph Database
byDataStax Academy
 
PPTX
Introduction to DataStax Enterprise Advanced Replication with Apache Cassandra
byDataStax Academy
 
PPTX
Cassandra on Docker @ Walmart Labs
byDataStax Academy
 
PDF
Cassandra 3.0 Data Modeling
byDataStax Academy
 
PPTX
Cassandra Adoption on Cisco UCS & Open stack
byDataStax Academy
 
PDF
Data Modeling for Apache Cassandra
byDataStax Academy
 
PDF
Coursera Cassandra Driver
byDataStax Academy
 
PDF
Production Ready Cassandra
byDataStax Academy
 
PDF
Cassandra @ Netflix: Monitoring C* at Scale, Gossip and Tickler & Python
byDataStax Academy
 
PPTX
Cassandra @ Sony: The good, the bad, and the ugly part 1
byDataStax Academy
 
PPTX
Cassandra @ Sony: The good, the bad, and the ugly part 2
byDataStax Academy
 
PDF
Standing Up Your First Cluster
byDataStax Academy
 
PDF
Real Time Analytics with Dse
byDataStax Academy
 
PDF
Introduction to Data Modeling with Apache Cassandra
byDataStax Academy
 
PDF
Cassandra Core Concepts
byDataStax Academy
 
PPTX
Enabling Search in your Cassandra Application with DataStax Enterprise
byDataStax Academy
 
PPTX
Bad Habits Die Hard
byDataStax Academy
 
PDF
Advanced Data Modeling with Apache Cassandra
byDataStax Academy
 
PDF
Advanced Cassandra
byDataStax Academy
 
Forrester CXNYC 2017 - Delivering great real-time cx is a true craft
byDataStax Academy
 
Introduction to DataStax Enterprise Graph Database
byDataStax Academy
 
Introduction to DataStax Enterprise Advanced Replication with Apache Cassandra
byDataStax Academy
 
Cassandra on Docker @ Walmart Labs
byDataStax Academy
 
Cassandra 3.0 Data Modeling
byDataStax Academy
 
Cassandra Adoption on Cisco UCS & Open stack
byDataStax Academy
 
Data Modeling for Apache Cassandra
byDataStax Academy
 
Coursera Cassandra Driver
byDataStax Academy
 
Production Ready Cassandra
byDataStax Academy
 
Cassandra @ Netflix: Monitoring C* at Scale, Gossip and Tickler & Python
byDataStax Academy
 
Cassandra @ Sony: The good, the bad, and the ugly part 1
byDataStax Academy
 
Cassandra @ Sony: The good, the bad, and the ugly part 2
byDataStax Academy
 
Standing Up Your First Cluster
byDataStax Academy
 
Real Time Analytics with Dse
byDataStax Academy
 
Introduction to Data Modeling with Apache Cassandra
byDataStax Academy
 
Cassandra Core Concepts
byDataStax Academy
 
Enabling Search in your Cassandra Application with DataStax Enterprise
byDataStax Academy
 
Bad Habits Die Hard
byDataStax Academy
 
Advanced Data Modeling with Apache Cassandra
byDataStax Academy
 
Advanced Cassandra
byDataStax Academy
 

Recently uploaded

PDF
Transcript: Ready, set, go: Pre-fall sales trends and data-driven insights - ...
byBookNet Canada
 
PDF
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 
PDF
Staying Ahead of the Curve - Roaming Just Got Easier
bypanagenda
 
PDF
The Invisible Threads: How 'Connection' Builds the Smartest Organizations. By...
byTheta Prime Institute, Cheyenne, Wyoming, USA.
 
PDF
Fighting CVEs in Embedded Linux with the Yocto Project and OTA Updates
byLeon Anavi
 
PDF
SQL Server BI Modeling Designing Data for Success with SqlDBM.pdf
bySQL DBM
 
PPTX
Autonomous Convoy Routing via Drone Swarms and Multi-Modal Threat Detection
byIvan Ruchkin
 
PPTX
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
PDF
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
PDF
Linux Day Prato 2025: NixOS spiegato ammiocuggino - NixOS for Human Beings
byPeter Bittner
 
PDF
G.O.RT.No. 1173_LRS Extension of time limit
byRAGHU RAM
 
PDF
How does a computer vision development company help retailers decode consumer...
byNextbrain Technologies
 
PDF
n8n - Next Generation Workflow Automation with Open Source
byDaisuke Masuda
 
PDF
Memo No.3006141 dt.25.10.2025- SOP for Grant of Online Change Of Land Use
byRaghu Ram
 
PDF
Streamline complex activities with AI PCs featuring AMD Ryzen processors
byPrincipled Technologies
 
PDF
FME Realize in the Real World - The Power of Spatial Computing in Action
bySafe Software
 
PDF
UiPath Community Day UNI - Nuevos productos de UiPath.pdf
byfelixluen
 
PPTX
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
 
PDF
Ready, set, go: Pre-fall sales trends and data-driven insights - Tech Forum 2025
byBookNet Canada
 
PDF
Top-10-Cloud-Service-Companies-in-2025-Market-Leaders-and-Innovators.pdf
byArtjoker Software Development Company
 
Transcript: Ready, set, go: Pre-fall sales trends and data-driven insights - ...
byBookNet Canada
 
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 
Staying Ahead of the Curve - Roaming Just Got Easier
bypanagenda
 
The Invisible Threads: How 'Connection' Builds the Smartest Organizations. By...
byTheta Prime Institute, Cheyenne, Wyoming, USA.
 
Fighting CVEs in Embedded Linux with the Yocto Project and OTA Updates
byLeon Anavi
 
SQL Server BI Modeling Designing Data for Success with SqlDBM.pdf
bySQL DBM
 
Autonomous Convoy Routing via Drone Swarms and Multi-Modal Threat Detection
byIvan Ruchkin
 
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
Linux Day Prato 2025: NixOS spiegato ammiocuggino - NixOS for Human Beings
byPeter Bittner
 
G.O.RT.No. 1173_LRS Extension of time limit
byRAGHU RAM
 
How does a computer vision development company help retailers decode consumer...
byNextbrain Technologies
 
n8n - Next Generation Workflow Automation with Open Source
byDaisuke Masuda
 
Memo No.3006141 dt.25.10.2025- SOP for Grant of Online Change Of Land Use
byRaghu Ram
 
Streamline complex activities with AI PCs featuring AMD Ryzen processors
byPrincipled Technologies
 
FME Realize in the Real World - The Power of Spatial Computing in Action
bySafe Software
 
UiPath Community Day UNI - Nuevos productos de UiPath.pdf
byfelixluen
 
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
 
Ready, set, go: Pre-fall sales trends and data-driven insights - Tech Forum 2025
byBookNet Canada
 
Top-10-Cloud-Service-Companies-in-2025-Market-Leaders-and-Innovators.pdf
byArtjoker Software Development Company
 

Big Data Open Source Security LLC: Realtime log analysis with Mesos, Docker, Kafka, Spark, Cassandra and Solr at scale

  • 1.
    Real-Time log analysiswith Mesos, Docker, Kafka, Spark, Cassandra and Solr at scale
  • 2.
    whoami CEO of Elodinahttp://www.elodina.net/ a big data as a service platform built on top open source software. The Elodina platform enables customers to analyze data streams and programmatically react to the results in real-time. We solve today’s data analytics needs by providing the tools and support necessary to utilize open source technologies. As users, contributors and committers, Elodina also provides support for frameworks that run on Mesos including Apache Kafka, Exhibitor (Zookeeper), Apache Storm, Apache Cassandra and a whole lot more! Apache Kafka Committer & PMC Member LinkedIn: http://linkedin.com/in/charmalloc Twitter : @allthingshadoop 2© 2015. All Rights Reserved.
  • 3.
    1 Intro ToMesos, Kafka, Etc 2 Architecture Overview 3 Breaking it down into pieces 4 Questions? 3© 2015. All Rights Reserved.
  • 4.
    Apache Mesos 4© 2015.All Rights Reserved.
  • 5.
    Mesos Papers Mesos: APlatform for Fine-Grained Resource Sharing in the Data Center http://static.usenix.org/event/nsdi11/tech/full_papers/Hindman_new.pdf Google Borg - https://research.google.com/pubs/pub43438.html Google Omega: flexible, scalable schedulers for large compute clusters http: //eurosys2013.tudos.org/wp-content/uploads/2013/paper/Schwarzkopf.pdf 5
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
    Fine Grained ResourceElasticity "If people knew how low it really is, we’d all get fired." https://gigaom.com/2013/11/30/the-sorry-state-of-server-utilization-and-the-impending-post-hypervisor-era/ 10
  • 11.
    An operating systemfor your data center 11
  • 12.
  • 13.
  • 14.
    Marathon 14 https://github.com/mesosphere/marathon Cluster-wide init andcontrol system for services in cgroups or docker based on Apache Mesos
  • 15.
    Docker on Marathon { "id":"basic-3", "cmd": "python3 -m http.server 8080", "cpus": 0.5, "mem": 32.0, "container": { "type": "DOCKER", "docker": { "image": "python:3", "network": "BRIDGE", "portMappings": [ { "containerPort": 8080, "hostPort": 0 } ] } } } 15
  • 16.
  • 17.
    Kafka papers Apache Kafkawas first open sourced by LinkedIn in 2011 Papers ● Building a Replicated Logging System with Apache Kafka http://www.vldb.org/pvldb/vol8/p1654-wang.pdf ● Kafka: A Distributed Messaging System for Log Processing http://research.microsoft.com/en- us/um/people/srikanth/netdb11/netdb11papers/netdb11-final12.pdf ● Building LinkedIn’s Real-time Activity Data Pipeline http://sites.computer.org/debull/A12june/pipeline.pdf ● The Log: What Every Software Engineer Should Know About Real-time Data's Unifying Abstraction http://engineering. linkedin.com/distributed-systems/log-what-every-software-engineer-should-know-about-real-time-datas-unifying http://kafka.apache.org/ 17
  • 18.
    How Big DataStarts 18
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
    Distributed Replicated Log Read& Write In real time As much as you want As fast as your network 23
  • 24.
  • 25.
    Producers syslog → Kafkavia docker https://hub.docker.com/r/stealthly/syslog/ syslog → Kafka scheduler https://github.com/stealthly/syslog-service statsd → Kafka scheduler https://github.com/stealthly/statsd-mesos-kafka system stats collection → Kafka scheduler https://github.com/stealthly/syscol tailf → Kafka https://github.com/stealthly/go_kafka_client/tree/master/producers/tailf Any language https://cwiki.apache.org/confluence/display/KAFKA/Clients 25
  • 26.
  • 27.
  • 28.
    Kafka on Mesos ●smart broker.id assignment. ● preservation of broker placement (through constraints and/or new features). ● ability to-do configuration changes. ● rolling restarts (for things like configuration changes). ● scaling the cluster up and down with automatic, programmatic and manual options. ● smart partition assignment via constraints visa vi roles, resources and attributes. 28
  • 29.
    CLI & RESTAPI ● scheduler - starts the scheduler. ● broker ○ add - adds one more more brokers to the cluster. ○ update - changes resources, constraints or broker properties one or more brokers. ○ remove - take a broker out of the cluster. ○ start - starts a broker up. ○ stop - this can either a graceful shutdown or will force kill it (./kafka-mesos.sh help stop) ● topic ○ list - list topics in cluster ○ add - add new topics in cluster ○ update - change topics in cluster ○ rebalance - allows you to rebalance a cluster either by selecting the brokers or topics to rebalance. Manual assignment is still possible using the Apache Kafka project tools. Rebalance can also change the replication factor on a topic. ● help - ./kafka-mesos.sh help || ./kafka-mesos.sh help {command} 29
  • 30.
  • 31.
    Schema Avro orProtoBuff - https://github.com/stealthly/go_kafka_client/blob/master/syslog/syslog_proto/logline.proto - https://github.com/stealthly/go_kafka_client/blob/master/logline.avsc logline • line • logtypeid • source • tags (k/v pairs) • timings (k/v pairs) 31
  • 32.
    Consume from Kafka→ Write to Cassandra Implement CQL write here https://github. com/stealthly/go_kafka_client/blob/master/consumers/consum ers.go#L186-L194 with https://github.com/gocql/gocql Go Kafka Client does fan out work processing, rebalance doesn’ t upset consumers that are reading already. 32
  • 33.
  • 34.
    Sample Spark Job→ Cassandra https://github.com/stealthly/gauntlet Uses the Cassandra Spark Connector https://github. com/datastax/spark-cassandra-connector 34
  • 35.
    Use DataStax Enterpriseto enable Search http://docs.datastax.com/en/datastax_enterprise/4. 8/datastax_enterprise/srch/srchOverview.html 35
  • 36.
  • 37.