1、创建虚拟机
2、安装docker和docker-compose
#docker安装
add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt-get update
apt-get install docker-ce=5:19.03.11~3-0~ubuntu-xenial
编辑/etc/docker/daemon.json
{
"registry-mirrors": ["https://dockerhub.azk8s.cn"],
"data-root": "/data/docker",
"metrics-addr" : "0.0.0.0:9323",
"experimental" : true ,
"bip": "172.31.0.1/24",
"default-address-pools":[
{"base":"172.31.0.0/16","size":24}
]
}
systemctl enable docker
systemctl start docker
#docker-compose下载
curl -L https://github.com/docker/compose/releases/download/1.24.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x *
3、编写logstash+elasticsearch+kibana的docker-compose文件
(注意 要先创建了es,然后进去创建用户角色开启访问验证
es配置xpack.security.enabled: true
discovery.type: single-node
创建启动然后进入容器执行
./bin/elasticsearch-setup-passwords auto
密码不生效别写在环境配置里,写在配置文件然后映射
)
这只是个例子
version: '2.3'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.10
volumes:
- esdata:/usr/share/elasticsearch/data:rw
- /etc/localtime:/etc/localtime
- /var/log/elasticsearch:/usr/share/elasticsearch/logs
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
environment:
- TZ="Asia/Shanghai"
- _JAVA_OPTIONS=-Xmx1024m -Xms1024m
- bootstrap.memory_lock=false
- cluster.name=elk-logs
- network.host=0.0.0.0
- xpack.security.enabled=true
- discovery.type=single-node
- node.master=true
- node.data=true
- discovery.zen.minimum_master_nodes=1
- discovery.zen.ping.unicast.hosts=10.0.0.11:9300
ulimits:
memlock:
soft: -1
hard: -1
network_mode: host
restart: unless-stopped
logstash:
image: docker.elastic.co/logstash/logstash:6.8.10
volumes:
- ./logstash/pipeline:/usr/share/logstash/pipeline
network_mode: host
environment:
- TZ="Asia/Shanghai"
- LS_JAVA_O