Docker-compose-consul部署Ningx+Tomcat+ELK分析Nginx访问日志
一、Docker-compose部署Tomcat
192.168.117.30
1. 安装compose
yum install docker-ce -y
cp -p docker-compose /usr/local/bin/
chmod +x /usr/local/bin/docker-compose
mkdir -p /root/compose_tomcat/tomcat
2. 编写Dockerfile文件
cd /root/compose_tomcat/tomcat
vim Dockerfile
FROM centos:7
ADD apache-tomcat-8.5.16.tar.gz /usr/local
ADD jdk-8u91-linux-x64.tar.gz /usr/local
WORKDIR /usr/local
RUN mv jdk1.8.0_91 /usr/local/java
ENV JAVA_HOME /usr/local/java/
ENV JAVA_BIN /usr/local/java/bin
ENV JRE_HOME /usr/local/java/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
RUN mv apache-tomcat-8.5.16 /usr/local/tomcat
EXPOSE 8080
ENTRYPOINT ["/usr/local/tomcat/bin/catalina.sh","run"]
3. 编写dockers-compose.yml文件
cd /root/compose_tomcat
vim docker-compose.yml
version: '3'
services:
tomcat1:
hostname: tomcat1
build:
context: ./tomcat
dockerfile: Dockerfile
ports:
- 81:8080
networks:
- cluster
volumes:
- ./wwwroot1:/usr/local/tomcat/webapps/ROOT/
tomcat2:
hostname: tomcat2
build:
context: ./tomcat
dockerfile: Dockerfile
ports:
- 82:8080
networks:
- cluster
volumes:
- ./wwwroot2:/usr/local/tomcat/webapps/ROOT/
networks:
cluster:
4. 执行yml文件创建容器
docker-compose -f docker-compose.yml up -d
二、配置consul自动同步
consul:192.168.117.40
1. 部署consul服务器
mkdir /root/consul
cd /root/consul
#放入安装包
unzip consul_0.9.2_linux_amd64.zip
mv consul /usr/bin
consul agent \
-server \ #服务端
-bootstrap \ #前端框架
-ui \ #可被访问的web界面
-data-dir=/var/lib/consul-data \ #consul数据目录
-bind=192.168.117.40 \ #本地地址
-client=0.0.0.0 \ #表示所有
-node=consul-server01 &> /var/log/consul.log & # &后台运行
consul agent \
-server \
-bootstrap \
-ui \
-data-dir=/var/log/consul-data \
-bind=192.168.117.40 \
-client=0.0.0.0 \
-node=consul-server01 &> /var/log/consul.log &
2. 配置容器服务自动加入consul集群
192.168.117.30
- 安装Gliderlabs/registrator
docker run -d \
--name=registrator \
--net=host \
-v /var/run/docker.sock:/tmp/docker.sock \
--restart=always \
gliderlabs/registrator:latest \
-ip=192.168.117.30 \
consul://192.168.117.40:8500
consul:192.168.117.40
- 验证
curl 127.0.0.1:8500/v1/catalog/services
- 浏览器访问:192.168.117.40:8500
3. 配置consul-template实现自动更新配置文件
consul:192.168.117.40
unzip consul-template_0.19.3_linux_amd64.zip
mv consul-template /usr/bin/
vim /root/consul/nginx.ctmpl
upstream http_backend { #配置地址池名称
{{range service "tomcat"}} #指定服务范围
server {{.Address}}:{{.Port}}; #读取服务节点地址端口 server ip port
{{end}} #以end结尾
}
server {
listen 81; #指定监听的consul地址81或者88
server_name localhost 192.168.117.40; #反向代理服务器的地址
access_log /var/log/nginx/nginx01-access.log; #访问日志类型
index index.html index.php;
location / {
proxy_set_header HOST $host; #记录访问的头部信息
proxy_set_header X-Real-IP $remote_addr; #记录客户端访问真实地址
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #转发客户端地址
proxy_pass http://http_backend;
}
}
upstream http_backend {
{{range service "tomcat"}}
server {{.Address}}:{{.Port}};
{{end}}
}
server {
listen 81;
server_name localhost 192.168.117.40;
access_log /var/log/nginx/nginx01-access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://http_backend;
}
}
4. 编译安装nginx
consul:192.168.117.40
yum install -y gcc pcre-devel zlib-devel
cd /opt
tar zxvf nginx-1.12.0.tar.gz
cd nginx-1.12.0/
./configure --prefix=/usr/local/nginx
make && make install
vim /usr/local/nginx/conf/nginx.conf
http {
include mime.types;
include vhost/*.conf; #添加虚拟主机目录(子配置文件)
default_type application/octet-stream;
#创建虚拟主机目录
mkdir /usr/local/nginx/conf/vhost
#创建日志文件目录
mkdir /var/log/nginx
#启动nginx
/usr/local/nginx/sbin/nginx
5. 启动template
consul-template -consul-addr 192.168.117.40:8500 \
#指定consul集群的serverip端口
-template "/root/consul/nginx.ctmpl:/usr/local/nginx/conf/vhost/ng.conf:/usr/local/nginx/sbin/nginx -s reload" \
#将反向代理服务器的nginx配置文件关联模板文件并重载
--log-level=info
- 浏览器访问:192.168.117.40:81
三、部署ELK收集Ningx访问日志
1. 安装并启用elasticsearch服务
192.168.117.30
echo '192.168.117.30 node1' >> /etc/hosts
#拖入软件包
cd /opt
rpm -ivh elasticsearch-5.5.0.rpm
systemctl daemon-reload
systemctl enable elasticsearch.service
- 环境配置
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak
vim /etc/elasticsearch/elasticsearch.yml
#17行
cluster.name: my-elk-cluster
#23行
node.name: node1
#33行
path.data: /data/elk_data
#37行
path.logs: /var/log/elasticsearch/
#43行
bootstrap.memory_lock: false
#55行
network.host: 0.0.0.0
#59行
http.port: 9200
#68行
discovery.zen.ping.unicast.hosts: ["node1"]
grep -v "^#" /etc/elasticsearch/elasticsearch.yml
mkdir -p /data/elk_data
chown elasticsearch:elasticsearch /data/elk_data/
systemctl start elasticsearch
netstat -antp |grep 9200
- Elasticsearch-head插件安装
yum -y install gcc gcc-c++ make
#上传软件包 node-v8.2.1.tar.gz 到/opt
cd /opt
tar xzvf node-v8.2.1.tar.gz
cd node-v8.2.1/
./configure && make && make install
cd /opt
tar jxvf phantomjs-2.1.1-linux-x86_64.tar.bz2 -C /usr/local/src/
cd /usr/local/src/phantomjs-2.1.1-linux-x86_64/bin
cp phantomjs /usr/local/bin
cd /opt
tar zxvf elasticsearch-head.tar.gz -C /usr/local/src/
cd /usr/local/src/elasticsearch-head/
npm install
vim /etc/elasticsearch/elasticsearch.yml
#-------末尾,添加以下内容--------
http.cors.enabled: true
http.cors.allow-origin: "*"
systemctl restart elasticsearch.service
#必须在解压后的 elasticsearch-head 目录下启动服务,进程会读取该目录下的 gruntfile.js 文件,否则可能启动失败。
cd /usr/local/src/elasticsearch-head/
npm run start &
- 浏览器访问:192.168.117.30:9100
2. logstash安装
consul:192.168.117.40
yum install -y java
#上传logstash-5.5.1.rpm到/opt目录下
cd /opt
rpm -ivh logstash-5.5.1.rpm
systemctl start logstash.service
systemctl enable logstash.service
#建立logstash软连接
ln -s /usr/share/logstash/bin/logstash /usr/local/bin/
- Apache作对接配置
vim /etc/logstash/conf.d/nginx.conf
input {
file{
path => "/var/log/nginx/nginx01-access.log"
type => "nginx"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["192.168.117.30:9200"]
index => "nginx-%{+YYYY.MM.dd}"
}
}
systemctl restart logstash.service
3. kibana安装
#上传kibana-5.5.1-x86_64.rpm 到/opt目录
cd /opt
rpm -ivh kibana-5.5.1-x86_64.rpm
cd /etc/kibana/
cp kibana.yml kibana.yml.bak
vim kibana.yml
#2行;取消注释;kibana打开的端口(默认5601)
server.port: 5601
#7行;取消注释,修改;kibana侦听的地址
server.host: "0.0.0.0"
#21行;取消注释,修改;和elasticsearch建立联系
elasticsearch.url: "http://192.168.117.30:9200"
#30行;取消注释;在elasticsearch中添加.kibana索引
kibana.index: ".kibana"
systemctl start kibana.service
systemctl enable kibana.service
- 浏览器访问:192.168.117.40:5601