docker 部署 elk

创建docker-compose

mkdir -p /databases/elk
cd /databases/elk
mkdir -p elasticsearch/plugins
mkdir -p elasticsearch/data
mkdir -p logstash
cat > /databases/elk/docker-compose.yaml <<EOF
version: '3'
services:
  elasticsearch:
    image: elasticsearch:7.17.1  #镜像
    container_name: elk_elasticsearch  #定义容器名称
    restart: always  #开机启动，失败也会一直重启
    environment:
      - "cluster.name=elasticsearch" #设置集群名称为elasticsearch
      - "discovery.type=single-node" #以单一节点模式启动
      - "ES_JAVA_OPTS=-Xms512m -Xmx8g" #设置使用jvm内存大小
    volumes:
      - /databases/elk/elasticsearch/plugins:/usr/share/elasticsearch/plugins #插件文件挂载
      - /databases/elk/elasticsearch/data:/usr/share/elasticsearch/data #数据文件挂载
    ports:
      - 9200:9200
      - 9300:9300
  kibana:
    image: kibana:7.17.1
    container_name: elk_kibana
    restart: always
    depends_on:
      - elasticsearch #kibana在elasticsearch启动之后再启动
    environment:
      - ELASTICSEARCH_URL=http://elasticsearch:9200 #设置访问elasticsearch的地址
      - I18N_LOCALE=zh-CN  #设置系统语言文中文
      # - SERVER_PUBLICBASEURL=https://kibana.cloud.com #如果事先已经准备好访问域名则这项可以先配置，或者启动完成后再修改也可以，修改完配置文件再执行以下docker-compose up 会自动更新
    ports:
      - 5601:5601
  logstash:
    image: logstash:7.17.1
    container_name: elk_logstash
    restart: always
    volumes:
      - /databases/elk/logstash/logstash-springboot.conf:/usr/share/logstash/pipeline/logstash.conf #挂载logstash的配置文件
    depends_on:
      - elasticsearch #kibana在elasticsearch启动之后再启动
    links:
      - elasticsearch:es #可以用es这个域名访问elasticsearch服务
    ports:
      - 4560:4560
EOF

部署

cd /databases/elk/
chmod -R 777 elasticsearch
chmod -R 777 logstash
cat > logstash/logstash-springboot.conf <<EOF
input {
  tcp {
    mode => "server"
    host => "0.0.0.0"
    port => 4560
    codec => json_lines
  }
}
output {
  elasticsearch {
    hosts => "es:9200"
    index => "springboot-logstash-%{+YYYY.MM.dd}"
  }
}
EOF
docker-compose up -d
docker-compose ps