ELK8 需要docker18以上,目前使用ELK7
配置目录:/data/elk/
安装elasticsearch、kibana、logstash
操作系统:centOS7.7
docker部署需要防火墙开启对应的外部端口策略,否则无法访问
获取镜像
docker pull elasticsearch:7.7.1
docker pull kibana:7.7.1
docker pull logstash:7.7.1
elasticsearch配置
/data/elk/es/config/elasticsearch.ymlcluster.name: "my-es"
network.host: 0.0.0.0
http.port: 9200docker run -it -d -p 9200:9200 -p 9300:9300 --name es -e ES_JAVA_OPTS="-Xms1g -Xmx1g" -e "discovery.type=single-node" --restart=always -v /data/elk/es/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml -v /data/elk/es/data:/usr/share/elasticsearch/data -v /data/elk/es/logs:/usr/share/elasticsearch/logs elasticsearch:7.7.1
kibana配置
/data/elk/kibana/kibana.yml#Default Kibana configuration for docker target
server.name: kibana
server.host: "0"
elasticsearch.hosts: ["http://192.168.21.130:9200"]
xpack.monitoring.ui.container.elasticsearch.enabled: truedocker run -d --restart=always --log-driver json-file --log-opt max-size=100m --log-opt max-file=2 --name kibana -p 5601:5601 -v /data/elk/kibana/kibana.yml:/usr/share/kibana/config/kibana.yml kibana:7.7.1
logstash配置
/data/elk/logstash/logstash.ymlhttp.host: "0.0.0.0"
xpack.monitoring.elasticsearch.hosts: [ "http://192.168.21.130:9200" ]
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: changeme
path.config: /data/elk/logstash/conf.d/*.conf
#path.config: /data/docker/logstash/conf.d/*.conf
path.logs: /var/log/logstashdocker run -d --restart=always --log-driver json-file --log-opt max-size=100m --log-opt max-file=2 -p 5044:5044 --name logstash -v /data/elk/logstash/logstash.yml:/usr/share/logstash/config/logstash.yml -v /data/elk/logstash/conf.d/:/data/docker/logstash/conf.d/ logstash:7.7.1
#查看es数据
http://192.168.21.130:9200/_cat/indices?v
#kibana地址
http://192.168.21.130:5601/
数据同步
mongodb replica set Monstache
redis logstash plugin
kafka logstash plugin
日志文件 filebeat
参考:
Elasticsearch:同步 MongoDB 数据到 Elasticsearch_Elastic 中国社区官方博客的博客-CSDN博客_mongo同步elasticsearch
