1024

Docker-compose部署ELK的示例代码

Judith ·
更新时间:2024-09-21
· 879 次阅读

环境

主机IP 192.168.0.9 Docker version 19.03.2 docker-compose version 1.24.0-rc1 elasticsearch version 6.6.1 kibana version 6.6.1 logstash version 6.6.1

一、ELK-dockerfile文件编写及配置文件

● elasticsearch

1、elasticsearch-dockerfile

FROM centos:latest ADD elasticsearch-6.6.1.tar.gz /usr/local/ COPY elasticsearch.yml /usr/local/elasticsearch-6.6.1/config/ COPY jdk1.8 /usr/local/ ENV JAVA_HOME=/usr/local/jdk1.8 ENV CLASSPATH=$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib ENV PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH:$HOME/bin RUN groupadd elsearch && \ useradd elsearch -g elsearch -p elasticsearch && \ chown -R elsearch:elsearch /usr/local/elasticsearch-6.6.1 && \ cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ echo "Asia/shanghai" > /etc/timezone && \ yum install which -y && \ mkdir /opt/data && \ mkdir /opt/logs EXPOSE 9200 9300 #主要是切换到elsearch用户启动es USER elsearch WORKDIR /usr/local/elasticsearch-6.6.1/bin/ ENTRYPOINT ["./elasticsearch"]

2、elasticsearch.yml

[root@localhost elasticsearch]# egrep "^[^#]" elasticsearch.yml cluster.name: es-cluster node.name: node-1 path.data: /opt/data path.logs: /opt/logs network.host: 0.0.0.0 http.port: 9200 cluster.routing.allocation.disk.threshold_enabled: true cluster.routing.allocation.disk.watermark.low: 94% cluster.routing.allocation.disk.watermark.high: 96% cluster.routing.allocation.disk.watermark.flood_stage: 98% discovery.zen.minimum_master_nodes: 1

● logstash

1、logstash-dockerfile

FROM centos:latest ADD logstash-6.6.1.tar.gz /usr/local/ COPY logstash.yml /usr/local/logstash-6.6.1/config/ COPY logstash.conf /usr/local/logstash-6.6.1/config/ COPY jdk1.8 /usr/local/ COPY start.sh /start.sh ENV JAVA_HOME=/usr/local/jdk1.8 ENV CLASSPATH=$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib ENV PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH:$HOME/bin RUN mkdir /opt/data && \ mkdir /opt/logs && \ chmod +x /start.sh ENTRYPOINT ["/start.sh"]

2、logstash-start.sh

#!/bin/bash /usr/local/logstash-6.6.1/bin/logstash -f /usr/local/logstash-6.6.1/config/logstash.conf

3、logstash.yml

[root@localhost logstash]# egrep "^[^#]" logstash.yml path.data: /opt/data path.logs: /opt/logs pipeline.batch.size: 200

4、logstash.conf

input { file { path => "/usr/local/nginx/logs/access.log" type => "nginx" start_position => "beginning" sincedb_path => "/dev/null" } file { path => "/var/log/secure" type => "secure" start_position => "beginning" sincedb_path => "/dev/null" } } #详细说明可以查看我之前的博客 filter { grok { match => { "message" => '(?<clientip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}) - - (?<requesttime>\[[0-9]{1,2}\/[A-z]+\/[0-9]{4}\:[0-9]{2}\:[0-9]{2}\:[0-9]{2} \+[0-9]*\]) "(?<requesttype>[A-Z]+) (?<requesturl>[^ ]+) (?<requestv>HTTP/\d\.\d)" (?<requestnode>[0-9]+) (?<requestsize>[0-9]+) "(?<content>[^ ]|(http|https)://[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/)" "(?<ua>(a-Z|0-9| |.)+)"' } remove_field => ["message","log","beat","offset","prospector","host","@version"] } } #output指向es容器 output { if [type] == "nginx" { elasticsearch { hosts => ["es:9200"] index => "nginx-%{+YYYY.MM.dd}" } } else if [type] == "secure" { elasticsearch { hosts => ["es:9200"] index => "secure-%{+YYYY.MM.dd}" } } }

● kibana

1、kibana-dockerfile

FROM centos:latest ADD kibana-6.6.1-linux-x86_64.tar.gz /usr/local/ COPY kibana.yml /usr/local/kibana-6.6.1-linux-x86_64/config/ COPY start.sh /start.sh RUN chmod +x /start.sh EXPOSE 5601 ENTRYPOINT ["/start.sh"]

2、kibana.yml

[root@localhost kibana]# egrep "^[^#]" kibana.yml server.port: 5601 server.host: "0.0.0.0" #指向es容器的9200端口 elasticsearch.hosts: ["http://es:9200"]

3、kibana-start.sh

#!/bin/bash /usr/local/kibana-6.6.1-linux-x86_64/bin/kibana

二、docker-compose,yml文件编写

[root@localhost elk_dockerfile]# cat docker-compose.yml version: '3.7' services: elasticsearch: image: elasticsearch:elk container_name: es networks: - elk volumes: - /opt/data:/opt/data - /opt/logs:/opt/logs expose: - 9200 - 9300 restart: always depends_on: - logstash - kibana logstash: image: logstash:elk container_name: logstash networks: - elk volumes: - /opt/logstash/data/:/op/data - /opt/logstash/logs/:/opt/logs - /opt/elk/elk_dockerfile/logstash/logstash.conf:/usr/local/logstash-6.6.1/config/logstash.conf - /usr/local/nginx/logs:/usr/local/nginx/logs - /var/log/secure:/var/log/secure restart: always kibana: image: kibana:elk container_name: kibana ports: - 5601:5601 networks: - elk volumes: - /opt/elk/elk_dockerfile/kibana/kibana.yml:/usr/local/kibana-6.6.1-linux-x86_64/config/kibana.yml networks: elk:

compose文件version版本指向

三、访问界面

您可能感兴趣的文章:详解如何使用Docker快速部署ELK环境(最新5.5.1版本)详解使用Docker快速部署ELK环境(最新5.5.1版本)



elk 示例 docker-compose Docker

1024 个赞
编辑 举报
需要 登录 后方可回复, 如果你还没有账号请 注册新账号
相关文章
CSS 字体
Cynthia 2020-10-12
983
PHP7 MongDB 安装与使用
Agatha 2020-11-25
710
ubuntu修改terminal终端的主机名的实现方法
Kita 2021-05-26
748
CSS实现大小相同、颜色深浅不一的粒子旋转加载动画
Trixie 2021-01-03
519
Docker部署Tomcat的示例代码
Kara 2023-08-08
678
docker-compose搭建prometheus+grafana+钉钉告警
Querida 2023-08-08
168
nginx开启ws访问和4层负载的编译参数示例
Oria 2023-08-08
1871
Docker部署Vue项目的项目实践
Victoria 2023-08-08
307
Docker使用数据容器的具体示例
Nissa 2023-08-08
1163
详解docker-compose安装minio
Anna 2023-08-08
0
Docker镜像拉取报错:Errorresponsefromdaemon:Gethttps://registry-1.docker.io/v2/的问题解决
Bunny 2023-08-08
439
在没有Docker缓存的情况下构建镜像的方法分享
Viridis 2023-08-08
1779
Docker私有仓库harbor的搭建步骤
Tertia 2023-08-08
1046
Docker配置文件docker-compose.yml使用指南
Mathilda 2023-08-08
1566
docker-compose中启动镜像失败的几种解决方法
Hana 2023-08-08
725
docker-composeup-d和docker-composeup--build的区别
Kitty 2023-08-08
1503
Python 对象拷贝及深浅拷贝区别的详细教程示例
Miette 2023-08-09
488
python进阶学习实时目标跟踪示例详解
Serafina 2023-08-28
1732
Python人工智能构建简单聊天机器人示例详解
Kathy 2023-08-28
1370