docker pull elasticsearch:7.6.2 docker pull kibana:7.6.2 docker pull logstash:7.6.2Elasticsearch配置
- 需要设置系统内核参数,否则会因为内存不足无法启动
# 改变设置 sysctl -w vm.max_map_count=262144 # 使之立即生效 sysctl -p
- 需要创建/mydata/elasticsearch/data目录并设置权限,否则会因为无权限访问而启动失败
# 创建目录 mkdir /mydata/elasticsearch/data/ # 创建并改变该目录权限 chmod 777 /mydata/elasticsearch/dataLogstash配置
创建Logstash的配置文件logstash.conf中output节点下的Elasticsearch连接地址为es:9200。
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => 4560
codec => json_lines
type => "debug"
}
tcp {
mode => "server"
host => "0.0.0.0"
port => 4561
codec => json_lines
type => "error"
}
tcp {
mode => "server"
host => "0.0.0.0"
port => 4562
codec => json_lines
type => "business"
}
tcp {
mode => "server"
host => "0.0.0.0"
port => 4563
codec => json_lines
type => "record"
}
}
filter{
if [type] == "record" {
mutate {
remove_field => "port"
remove_field => "host"
remove_field => "@version"
}
json {
source => "message"
remove_field => ["message"]
}
}
}
output {
elasticsearch {
hosts => "es:9200"
index => "mall-%{type}-%{+YYYY.MM.dd}"
}
}
创建/mydata/logstash目录,并将Logstash的配置文件logstash.conf拷贝到该目录。
mkdir /mydata/logstash执行docker-compose
文件上传的linux服务器上,执行docker-compose up
version: '3'
services:
elasticsearch:
image: elasticsearch:7.6.2
container_name: elasticsearch
environment:
- "cluster.name=elasticsearch" #设置集群名称为elasticsearch
- "discovery.type=single-node" #以单一节点模式启动
- "ES_JAVA_OPTS=-Xms512m -Xmx512m" #设置使用jvm内存大小
volumes:
- /mydata/elasticsearch/plugins:/usr/share/elasticsearch/plugins #插件文件挂载
- /mydata/elasticsearch/data:/usr/share/elasticsearch/data #数据文件挂载
ports:
- 9200:9200
- 9300:9300
logstash:
image: logstash:7.6.2
container_name: logstash
environment:
- TZ=Asia/Shanghai
volumes:
- /mydata/logstash/logstash.conf:/usr/share/logstash/pipeline/logstash.conf #挂载logstash的配置文件
depends_on:
- elasticsearch #kibana在elasticsearch启动之后再启动
links:
- elasticsearch:es #可以用es这个域名访问elasticsearch服务
ports:
- 4560:4560
- 4561:4561
- 4562:4562
- 4563:4563
kibana:
image: kibana:7.6.2
container_name: kibana
links:
- elasticsearch:es #可以用es这个域名访问elasticsearch服务
depends_on:
- elasticsearch #kibana在elasticsearch启动之后再启动
environment:
- "elasticsearch.hosts=http://es:9200" #设置访问elasticsearch的地址
ports:
- 5601:5601
指定yml文件名执行命令:
docker-compose -f docker-compose-env.yml up -d
