{"id":579,"date":"2022-11-24T17:18:58","date_gmt":"2022-11-24T09:18:58","guid":{"rendered":"https:\/\/www.anger.ltd\/?p=579"},"modified":"2023-07-20T16:38:58","modified_gmt":"2023-07-20T08:38:58","slug":"%e9%80%9a%e8%bf%87docker-compose%e9%83%a8%e7%bd%b2elk%e7%8e%af%e5%a2%83","status":"publish","type":"post","link":"https:\/\/www.anger.ltd\/index.php\/2022\/11\/24\/%e9%80%9a%e8%bf%87docker-compose%e9%83%a8%e7%bd%b2elk%e7%8e%af%e5%a2%83\/","title":{"rendered":"\u901a\u8fc7Docker-Compose\u90e8\u7f72ELK\u73af\u5883"},"content":{"rendered":"\n<h5 class=\"wp-block-heading\">\u76ee\u5f55\u7ed3\u6784<\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>elk\n<ul class=\"wp-block-list\">\n<li>docker-compose.yml<\/li>\n\n\n\n<li>elasticsearch.yml<\/li>\n\n\n\n<li>kibana.yml<\/li>\n\n\n\n<li>logstash.yml<\/li>\n\n\n\n<li>logstash.conf<\/li>\n\n\n\n<li>data\/\n<ul class=\"wp-block-list\">\n<li>elasticsearch<\/li>\n\n\n\n<li>logs<\/li>\n\n\n\n<li>password.txt<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><code>data\/elasticsearch\/<\/code>&nbsp;\u6587\u4ef6\u5939\u7528\u6765\u6301\u4e45\u5316\u4fdd\u5b58elasticsearch\u6570\u636e\u7528(\u6743\u9650\u8981\u7ed9\u5230\u6700\u9ad8\uff0c\u4e0d\u7136elasticsearch\u65e0\u6cd5\u5199\u5165)<br><code>data\/password.txt<\/code>&nbsp;\u6587\u4ef6\u662f\u7528\u6765\u4fdd\u5b58\u5bc6\u7801\u7684\uff0c\u4e5f\u53ef\u4ee5\u4e0d\u521b\u5efa<br><code>data\/logs<\/code>&nbsp;\u91c7\u96c6\u7684\u65e5\u5fd7\u7684\u76ee\u5f55<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">docker-compose.yml \u6587\u4ef6<\/h5>\n\n\n\n<pre class=\"wp-block-code\"><code>version: \"3\"\nservices:\n  elasticsearch:\n    image: elasticsearch:8.1.1\n    labels:\n      co.elastic.logs\/enabled: \"false\"\n    hostname: elasticsearch\n    ports:\n      - \"9200:9200\"\n      - \"9300:9300\"\n    environment:\n      - discovery.type=single-node\n      - \"ES_JAVA_OPTS=-Xms2g -Xmx2g\"\n    volumes:\n      - .\/elasticsearch.yml:\/usr\/share\/elasticsearch\/config\/elasticsearch.yml\n      - .\/data\/elasticsearch:\/usr\/share\/elasticsearch\/data\n\n  kibana:\n    image: kibana:8.1.1\n    labels:\n      co.elastic.logs\/enabled: \"false\"\n    hostname: docker-kibana\n    ports:\n      - \"5601:5601\"\n    volumes:\n      - .\/kibana.yml:\/usr\/share\/kibana\/config\/kibana.yml\n    depends_on:\n      - elasticsearch\n\n  logstash:\n    image: logstash:8.1.1\n    hostname: docker-logstash\n    ports:\n      - \"5044:5044\"\n      - \"9600:9600\"\n    volumes:\n      - .\/logstash.yml:\/usr\/share\/logstash\/config\/logstash.yml\n      - .\/logstash.conf:\/usr\/share\/logstash\/pipeline\/logstash.conf\n      - .\/data\/logs:\/logs\n    environment:\n      - \"ES_JAVA_OPTS=-Xms512m -Xmx512m\"\n      - \"LS_OPTS=--config.reload.automatic\"\n    depends_on:\n      - elasticsearch\n<\/code><\/pre>\n\n\n\n<p>elasticsearch.yml<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>network.host: 0.0.0.0\nhttp.port: 9200\ntransport.port: 9300\nhttp.cors.enabled: true\nhttp.cors.allow-origin: \"*\"\nxpack.security.enabled: true\nxpack.security.http.ssl.enabled: false\nxpack.security.transport.ssl.enabled: false<\/code><\/pre>\n\n\n\n<p>kibana.yml<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>server:\n  host: \"0.0.0.0\"\n  port: 5601\n\nelasticsearch:\n  hosts: &#91;\"http:\/\/elasticsearch:9200\"]\n  <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-accent-1-color\">username: \"kibana_system\"<\/mark>\n  <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-accent-1-color\">password: \"xxxxx\"<\/mark>\n\ni18n.locale: \"zh-CN\"<\/code><\/pre>\n\n\n\n<p>logstash.yml<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>http.host: \"0.0.0.0\"\npath.config: \/usr\/share\/logstash\/pipeline\/*.conf\nxpack.monitoring.enabled: false<\/code><\/pre>\n\n\n\n<p>logstash.conf<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>input {\n  beats {\n    port =&gt; 5044\n  }\n  tcp {\n    port =&gt; 4569\n    codec =&gt; \"json\"\n  }\n  file {\n        path =&gt; \"\/logs\/*\/*.log\"\n        start_position =&gt; \"beginning\"\n  }\n}\n\noutput {\n  if&#91;appname] != \"\" {\n    elasticsearch {\n      hosts =&gt; &#91;\"http:\/\/elasticsearch:9200\"]\n      index =&gt; \"%{&#91;appname]}-%{+YYYY.MM.dd}\"\n      <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-accent-1-color\">user =&gt; \"elastic\"<\/mark>\n      <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-accent-1-color\">password =&gt; \"xxxxxx\"<\/mark>\n    }\n  } else {\n    elasticsearch {\n      hosts =&gt; &#91;\"http:\/\/elasticsearch:9200\"]\n      index =&gt; \"%{&#91;@metadata]&#91;beat]}-%{&#91;@metadata]&#91;version]}-%{+YYYY.MM.dd}\"\n    }\n  }\n}<\/code><\/pre>\n\n\n\n<p>\u4fee\u6539\u5185\u6838\u53c2\u6570 <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim \/etc\/sysctl.conf\n#\u5728\u6700\u540e\u9762\u589e\u52a0\u4e0b\u9762\u53c2\u6570\nvm.max_map_count=262144\n#\u91cd\u65b0\u52a0\u8f7d\nsysctl -p\n<\/code><\/pre>\n\n\n\n<p>\u6587\u4ef6\u7f16\u5199\u5b8c\u6210\u540e\u5148\u542f\u52a8\u4e00\u6b21<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker compose up -d<\/code><\/pre>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"517\" height=\"141\" src=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-2.png\" alt=\"\" class=\"wp-image-580\" srcset=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-2.png 517w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-2-300x82.png 300w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-2-512x141.png 512w\" sizes=\"auto, (max-width: 517px) 100vw, 517px\" \/><\/figure><\/div>\n\n\n<p>\u4f7f\u7528\u547d\u4ee4\u67e5\u770b\u5bb9\u5668\u662f\u5426\u90fd\u5df2\u7ecf\u542f\u52a8<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker ps -a<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\" id=\"pass\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"141\" src=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-3-1024x141.png\" alt=\"\" class=\"wp-image-581\" srcset=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-3-1024x141.png 1024w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-3-300x41.png 300w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-3-768x106.png 768w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-3-1536x212.png 1536w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-3-914x126.png 914w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-3.png 1735w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>\u90fd\u6b63\u5e38\u5df2\u542f\u52a8\u4ee5\u540e\u8bbf\u95eekibana\u4f1a\u663e\u793a\u670d\u52a1\u5668\u672a\u5c31\u7eea\uff0c\u9700\u8981\u521d\u59cb\u5316\u4e00\u6b21\u5bc6\u7801<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker compose exec -T elasticsearch elasticsearch-setup-passwords auto --batch<\/code><\/pre>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"637\" height=\"552\" src=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-4.png\" alt=\"\" class=\"wp-image-582\" srcset=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-4.png 637w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-4-300x260.png 300w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-4-404x350.png 404w\" sizes=\"auto, (max-width: 637px) 100vw, 637px\" \/><\/figure><\/div>\n\n\n<p>\u53ef\u4ee5\u5c06\u8f93\u51fa\u7684\u4fe1\u606f\u4fdd\u5b58\u5230\u4e4b\u524d\u521b\u5efa\u7684txt\u6587\u4ef6\u4e2d\uff0c\u4e5f\u53ef\u4ee5\u5b58\u50a8\u5230\u5176\u4ed6\u5730\u65b9<\/p>\n\n\n\n<p>\u7136\u540e\u91cd\u65b0\u4fee\u6539\u914d\u7f6e\u6587\u4ef6\uff0c&nbsp;<code>kibana.yml<\/code>,&nbsp;<code>logstash.conf<\/code> \u6539\u5bf9\u5e94\u7684ES\u7684\u5bc6\u7801\u5c31\u53ef\u4ee5\u4e86\uff0c<strong>\u6ce8\u610f\u8d26\u53f7\u548c\u5bc6\u7801\u4e0d\u8981\u641e\u9519\u4e86<\/strong>\uff0c\u7136\u540e\u6211\u4eec\u505c\u6b62\uff0c\u518d\u542f\u52a8<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker compose down\ndocker compose up -d<\/code><\/pre>\n\n\n\n<p>\u7b49\u5f85\u4e00\u6bb5\u65f6\u95f4\uff0c\u670d\u52a1\u91cd\u542f\u540e\u518d\u8bbf\u95eekibana<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"458\" src=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-5-1024x458.png\" alt=\"\" class=\"wp-image-583\" srcset=\"https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-5-1024x458.png 1024w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-5-300x134.png 300w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-5-768x343.png 768w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-5-783x350.png 783w, https:\/\/www.anger.ltd\/wp-content\/uploads\/2022\/11\/image-5.png 1460w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<p>\u8f93\u5165\u5bc6\u7801\u540e\u767b\u9646\uff0cELK\u57fa\u672c\u73af\u5883\u5c31\u5df2\u7ecf\u90e8\u7f72\u5b8c\u6210\u4e86<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u76ee\u5f55\u7ed3\u6784 data\/elasticsearch\/&nbsp;\u6587\u4ef6\u5939\u7528\u6765\u6301\u4e45\u5316\u4fdd\u5b58elasticsearch\u6570\u636e\u7528(\u6743\u9650\u8981\u7ed9\u5230\u6700\u9ad8\uff0c\u4e0d\u7136elasticsearch\u65e0\u6cd5\u5199\u5165)data\/password.txt&#038;nb &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-579","post","type-post","status-publish","format-standard","hentry","category-3"],"_links":{"self":[{"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/posts\/579","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/comments?post=579"}],"version-history":[{"count":9,"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/posts\/579\/revisions"}],"predecessor-version":[{"id":804,"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/posts\/579\/revisions\/804"}],"wp:attachment":[{"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/media?parent=579"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/categories?post=579"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.anger.ltd\/index.php\/wp-json\/wp\/v2\/tags?post=579"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}