ELK
ElasticSearch
1.下载及运行官方镜像
docker network create ELK
#创建网桥
docker run -d --name es -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elastic/elasticsearch:7.15.2
docker pull sebp/elk:7.15.2
#大神ELK镜像包
mkdir ES-Data && chmod -Rf 777 ES-Data
vim docker_start_ES.sh
#创建启动脚本
docker container run -d \
--name ES-IK \
--hostname ES \
-p 9200:9200 \
-p 9300:9300 \
-e "discovery.type=single-node" \
-e ES_JAVA_OPTS="-Xms4g -Xmx4g" \
-v `pwd`/ES-Data:/usr/share/elasticsearch/data \
--volume /etc/localtime:/etc/localtime:ro \
elastic/elasticsearch:7.15.2
chmod 755 docker_start_ES.sh && ./docker_start_ES.sh
2.进入容器,安装IK分词器。
docker exec -it ES-IK bash
./bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.15.2/elasticsearch-analysis-ik-7.15.2.zip
#操作此步骤时可能由于网络原因,容器内部一直下载不成功
#可以采用plugins挂载方式进行安装。
# -v `pwd`/plugins:/usr/share/elasticsearch/plugins
#将下载下来的插件包解压到`pwd`/plugins/{PluginsName}目录再启动容器即可。
#
#
# 分词器版本必须要与Elasticsearch版本一致;在线安装方式
#$ES_WORKDIR/bin/./elasticsearch-plugin install
# https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.15.2/elasticsearch-analysis-ik-7.15.2.zip -y#
##############################
# Elasticsearch Reference \ ES安装部署官方参考网址
# https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html
# 注意事项
# 1. `pwd`/ES-Data 目录权限要可读写,要不然会报错
# 2. 分词器安装注意
# 3. 单节点部署时必须要加 -e "discovery.type=single-node" 参数
# 4. 限制内存及CPU --cpus="1.5" --memory=2g \
# 5. 持久化数据目录位置 /usr/share/elasticsearch/data
#=======================================================
#docker container run -d \
#--name ES-IK \
#-p 9200:9200 \
#-p 9300:9300 \
#-e "discovery.type=single-node" \
#--cpus="1.5" \
#--memory=2g \
#--mount source=ES_Vol,target=/usr/share/elasticsearch/data \
#winjay/elasticsearch-ik:7.8.0
#=========================================================
docker stop ES-IK
docker rm ES-IK
docker container run -d \
--net ELK \
--name ES-IK \
--hostname ES \
-p 9200:9200 \
-p 9300:9300 \
-e "discovery.type=single-node" \
-e ES_JAVA_OPTS="-Xms4g -Xmx4g" \
-v `pwd`/ES-Data:/usr/share/elasticsearch/data \
-v `pwd`/plugins:/usr/share/elasticsearch/plugins \
--volume /etc/localtime:/etc/localtime:ro \
elastic/elasticsearch:7.15.2
3.将安装完分词器的容器生成镜像
docker commit -a 'WinJay' -m 'Add Analysis-IK-Plugin' {container ID} winjay/elasticsearch-ik:7.8.0
# 4.推送到公共镜像仓库
docker push winjay/elasticsearch-ik:7.8.0
5.单节点启动;非挂载文件可正常启动,以-v参数挂载退出报错。
docker run -d --name es-ik -p 9400:9200 -p 9500:9300 -e "discovery.type=single-node" winjay/elasticsearch-ik:7.8.0
6.单节点启动,以Volume卷挂载的方式启动,需要先创建数据卷。
docker volume create ES_Vol
docker volume inspect ES_Vol
###############
docker container run -d --name ES-IK -p 9200:9200 -p 9300:9300 \
-e "discovery.type=single-node" \
--cpus="1.5" \
--memory=2g \
--mount source=ES_Vol,target=/usr/share/elasticsearch/data \
winjay/elasticsearch-ik:7.8.0
Cluster方式部署,未验证测试
cluster.name: es-cluster
node.name: es-node1
network.host: 0.0.0.0
network.publish_host: 202.205.161.80
http.port: 9100
transport.tcp.port: 9101
http.cors.enabled: true
http.cors.allow-origin: “*”
node.master: true
node.data: true
discovery.zen.ping.unicast.hosts: [“202.205.161.80:9101”,“202.205.161.80:9102”,“202.205.161.80:9103”]
discovery.zen.minimum_master_nodes: 2
cluster.name: es-cluster
node.name: es-node2
network.host: 0.0.0.0
network.publish_host: 202.205.161.80
http.port: 9200
transport.tcp.port: 9201
http.cors.enabled: true
http.cors.allow-origin: “*”
node.master: true
node.data: true
discovery.zen.ping.unicast.hosts: [“202.205.161.80:9101”,“202.205.161.80:9102”,“202.205.161.80:9103”]
discovery.zen.minimum_master_nodes: 2
cluster.name: es-cluster
node.name: es-node3
network.host: 0.0.0.0
network.publish_host: 202.205.161.80
http.port: 9300
transport.tcp.port: 9301
http.cors.enabled: true
http.cors.allow-origin: “*”
node.master: true
node.data: true
discovery.zen.ping.unicast.hosts: [“202.205.161.80:9101”,“202.205.161.80:9102”,“202.205.161.80:9103”]
discovery.zen.minimum_master_nodes: 2
Start
ES01
docker run -itd \
-e ES_JAVA_OPTS="-Xms256m -Xmx256m" \
-p 9101:9101 \
-p 9100:9100 \
-v `pwd`/Conf/es1.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v `pwd`/Data/node1:/usr/share/elasticsearch/data \
--name ES01 \
winjay/elasticsearch-ik:7.8.0
ES02
docker run -itd \
-e ES_JAVA_OPTS="-Xms256m -Xmx256m" \
-p 9201:9201 \
-p 9200:9200 \
-v `pwd`/Conf/es2.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v `pwd`/Data/node2:/usr/share/elasticsearch/data \
--name ES02 \
winjay/elasticsearch-ik:7.8.0
ES03
docker run -itd \
-e ES_JAVA_OPTS="-Xms256m -Xmx256m" \
-p 9301:9301 \
-p 9300:9300 \
-v `pwd`/Conf/es3.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v `pwd`/Data/node3:/usr/share/elasticsearch/data \
--name ES03 \
winjay/elasticsearch-ik:7.8.0
Logstash
启动测试容器以获取配置文件
1.启动临时容器
docker run -d \
-p 15001:15001/udp \
--name Logstash \
elastic/logstash:7.15.2
2.拷贝文件
docker cp Logstash:/usr/share/logstash/config ./
docker cp Logstash:/usr/share/logstash/pipeline ./
3.调整目录名称
mv pipeline Logstash-Pipeline && mv config Logstash-Config
docker run --rm -it -v ~/settings/:/usr/share/logstash/config/ -v ~/pipeline/:/usr/share/logstash/pipeline/ docker.elastic.co/logstash/logstash:7.15.2
正式启动
vim docker_start_Logstash.sh && chmod 755 docker_start_Logstash.sh
docker run -d \
--net ELK \
--name Logstash \
--hostname Logstash \
-p 15001:15001/udp \
-v `pwd`/Logstash-Config:/usr/share/logstash/config \
-v `pwd`/Logstash-Pipeline:/usr/share/logstash/pipeline \
--name Logstash \
elastic/logstash:7.15.2
使用自定配置
FROM docker.elastic.co/logstash/logstash:7.15.2
RUN rm -f /usr/share/logstash/pipeline/logstash.conf
ADD pipeline/ /usr/share/logstash/pipeline/
ADD config/ /usr/share/logstash/config/
Kibana
参考
1.
docker network create elastic
docker pull docker.elastic.co/elasticsearch/elasticsearch:7.15.2
docker run --name es01-test --net elastic -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:7.15.2
2.
docker run -it --rm -v full_path_to/config:/usr/share/kibana/config -v full_path_to/data:/usr/share/kibana/data docker.elastic.co/kibana/kibana:7.15.2 bin/kibana-keystore create
docker run -it --rm -v full_path_to/config:/usr/share/kibana/config -v full_path_to/data:/usr/share/kibana/data docker.elastic.co/kibana/kibana:7.15.2 bin/kibana-keystore add test_keystore_setting
启动测试容器以获取配置文件
1.启动临时容器
docker container run -d \
--net ELK \
--name Kibana \
--hostname Kibana \
-p 5601:5601 \
-e "ELASTICSEARCH_HOSTS=http://ES:9200" \
elastic/kibana:7.15.2
2.生成密钥文件
docker exec -it Kibana bash
bin/kibana-keystore create #创建绑定密钥
3.拷贝文件
docker cp Kibana:/usr/share/kibana/data ./
docker cp Kibana:/usr/share/kibana/config ./
4.调整目录名称
mv data Kibana-Data && mv config Kibana-Config
正式启动
docker container run -d \
--net ELK \
--name Kibana \
--hostname Kibana \
-p 5601:5601 \
-e "ELASTICSEARCH_HOSTS=http://ES:9200" \
-v `pwd`/Kibana-Data:/usr/share/kibana/data \
-v `pwd`/Kibana-Config:/usr/share/kibana/config \
elastic/kibana:7.15.2
评论区