docker pull elasticsearch:7.6.2 docker pull kibana:7.6.22. 配置es挂载
mkdir -p /mydata/elasticsearch/config mkdir -p /mydata/elasticsearch/data mkdir -p /mydata/elasticsearch/plugins echo "http.host: 0.0.0.0" >> /mydata/elasticsearch/config/elasticsearch.yml chmod -R 777 /mydata/elasticsearch/3. 启动elasticsearch单机版
docker run --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms512m -Xmx512m" -v /mydata/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml -v /mydata/elasticsearch/data:/usr/share/elasticsearch/data -v /mydata/elasticsearch/plugins:/usr/share/elasticsearch/plugins -d elasticsearch:7.6.24. 设置开机启动elasticsearch
docker update elasticsearch --restart=always5. 启动kibana
docker run --name kibana -e ELASTICSEARCH_HOSTS=http://192.168.32.128:9200 -p 5601:5601 -d kibana:7.6.26. 设置开机启动kibana
docker update kibana --restart=always7. 测试elasticsearch是否启动成功
// 浏览器输入 http://101.200.129.34:9200/
返回结果如下
{
"name": "f68eb23d364e",
"cluster_name": "elasticsearch",
"cluster_uuid": "9gglpP0HTfyOTRAaSe2rIg",
"version": {
"number": "7.6.2",
"build_flavor": "default",
"build_type": "docker",
"build_hash": "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
"build_date": "2020-03-26T06:34:37.794943Z",
"build_snapshot": false,
"lucene_version": "8.4.0",
"minimum_wire_compatibility_version": "6.8.0",
"minimum_index_compatibility_version": "6.0.0-beta1"
},
"tagline": "You Know, for Search"
}
8. 测试kibana是否启动成功
// 浏览器输入 http://101.200.129.34:56019. 配置X-pack做安全验证(可不配置) 配置elasticsearch.yml
http.host: 0.0.0.0 # Uncomment the following lines for a production cluster deployment #transport.host: 0.0.0.0 #discovery.zen.minimum_master_nodes: 1 #Password config xpack.security.enabled: true #这一步是开启x-pack插件进入es docker容器设置账号密码
注意下面的操作是默认的账号:
elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user。
设置的内容为指定账号的密码。
docker exec -it 容器ID /bin/bash # 进入容器 [root@f18d8bc7b8f5 elasticsearch]# cd bin [root@f18d8bc7b8f5 bin]# ls elasticsearch elasticsearch-croneval elasticsearch-migrate elasticsearch-setup-passwords elasticsearch-syskeygen x-pack-watcher-env elasticsearch-certgen elasticsearch-env elasticsearch-node elasticsearch-shard elasticsearch-users elasticsearch-certutil elasticsearch-env-from-file elasticsearch-plugin elasticsearch-sql-cli x-pack-env elasticsearch-cli elasticsearch-keystore elasticsearch-saml-metadata elasticsearch-sql-cli-7.6.2.jar x-pack-security-env [root@f18d8bc7b8f5 bin]# elasticsearch-setup-passwords interactive #此步为手动设置密码 Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: #在这里设置密码,注意最少六位,下面也一样 Reenter password for [elastic]: Passwords do not match. Try again. Enter password for [elastic]: Reenter password for [elastic]: Enter password for [apm_system]: Reenter password for [apm_system]: Enter password for [kibana]: Reenter password for [kibana]: Enter password for [logstash_system]: Reenter password for [logstash_system]: Enter password for [beats_system]: Reenter password for [beats_system]: Enter password for [remote_monitoring_user]: Reenter password for [remote_monitoring_user]: Changed password for user [apm_system] Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [remote_monitoring_user] Changed password for user [elastic] [root@f18d8bc7b8f5 bin]# exit #退出容器
以上的密码设置完成之后,无论是访问elasticsearch还是通过kibana都需要进行输入账号和密码。
设置kibana账号密码docker exec -it kibana容器ID /bin/bash bash-4.2$ vi /opt/kibana/config/kibana.yml # 添加配置内容,上面设置的账号密码 elasticsearch.username: "kibana" elasticsearch.password: "lzoilchem" i18n.locale: "zh-CN"
重启kibana服务
docker restart kibana容器ID
重启kibana之后就会出现以下的情况
搭建logstash注意:虽然配置的kibana的账号,但是需要登陆elastic的账号才能登陆成功
前面的步骤参考docker安装单机版es+kibana
docker pull logstash:7.6.2
创建/mydata/logstash目录,并创建配置文件 logstash.conf
mkdir -p /mydata/logstash cd /mydata/logstash touch logstash.conf
拷贝如下配置到 logstash.conf
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => 4560
codec => json_lines
}
}
filter{
if [type] == "record" {
mutate {
remove_field => "port"
remove_field => "host"
remove_field => "@version"
}
json {
source => "message"
remove_field => ["message"]
}
}
}
output {
elasticsearch {
hosts => "192.168.32.128:9200"
user => "elastic"
password => "lzoilchem"
index => "springboot-logstash-%{+YYYY.MM.dd}"
}
}
运行docker
docker run --restart=always --name logstash -p 4560:4560 -v /mydata/logstash/logstash.conf:/usr/share/logstash/pipeline/logstash.conf -d logstash:7.6.2 # 安装json_lines插件 docker exec -it logstash /bin/bash #此命令需要在容器中运行 logstash-plugin install logstash-codec-json_lines exit docker restart logstash
设置配置文件
docker exec -it logstash /bin/bash
vi /opt/logstash/config/logstash.yml
// 0.0.0.0:允许任何IP访问 http.host: "0.0.0.0" xpack.management.elasticsearch.username: elastic xpack.management.elasticsearch.password: lzoilchem // 配置elasticsearch集群地址 xpack.monitoring.elasticsearch.hosts: [ "http://192.168.32.128:9200" ] // 允许监控 xpack.monitoring.enabled: true // 启动时读取配置文件指定 path.config: /mydata/logstash/logstash.conf
查看日志信息
docker logs -f -t --tail=10 logstash
