1、更新daocker版本
2、pull官方的镜像
https://www.elastic.co/guide/en/elasticsearch/reference/6.1/docker.html
https://www.elastic.co/guide/en/kibana/6.1/_pulling_the_image.html
https://www.elastic.co/guide/en/logstash/6.1/docker.html
选择正常版本:
# docker pull docker.elastic.co/elasticsearch/elasticsearch:6.1.3
# docker pull docker.elastic.co/kibana/kibana:6.1.3
# docker pull docker.elastic.co/logstash/logstash:6.1.3
3、创建容器,使用docker-compose
1)创建三个目录,分别存放配置文件
#mkdir /data/{elasticsearch,logstash,kibana}
#mkdir /data/tt #用来存放插件,有的时候在容器内无法安装
# cat elasticsearch.yml
action.auto_create_index: true
#script.groovy.sandbox.enabled: true
#script.engine.groovy.inline.aggs: true
#Set a custom allowed content length:
http.max_content_length: 500mb
cluster.routing.allocation.disk.watermark.low: %
cluster.routing.allocation.disk.watermark.high: %
indices.fielddata.cache.size: %
indices.breaker.fielddata.limit: %
network.host: 0.0.0.0
xpack.security.enabled: false
# cat kibana.yml
---
# Default Kibana configuration from kibana-docker. server.name: kibana
server.host: "0.0.0.0"
elasticsearch.url: http://elasticsearch:9200
xpack.monitoring.ui.container.elasticsearch.enabled: false
server.port:
xpack.security.enabled: false
#cat jvm.options
## JVM configuration ################################################################
## IMPORTANT: JVM heap size
################################################################
##
## You should always set the min and max JVM heap
## size to the same value. For example, to set
## the heap to GB, set:
##
## -Xms4g
## -Xmx4g
##
## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
## for more information
##
################################################################ # Xms represents the initial size of total heap space
# Xmx represents the maximum size of total heap space -Xms2g
-Xmx2g ################################################################
## Expert settings
################################################################
##
## All settings below this section are considered
## expert settings. Don't tamper with them unless
## you understand what you are doing
##
################################################################ ## GC configuration
-XX:+UseConcMarkSweepGC
-XX:CMSInitiatingOccupancyFraction=
-XX:+UseCMSInitiatingOccupancyOnly ## G1GC Configuration
# NOTE: G1GC is only supported on JDK version or later.
# To use G1GC uncomment the lines below.
# -:-XX:-UseConcMarkSweepGC
# -:-XX:-UseCMSInitiatingOccupancyOnly
# -:-XX:+UseG1GC
# -:-XX:InitiatingHeapOccupancyPercent= ## optimizations # pre-touch memory pages used by the JVM during initialization
-XX:+AlwaysPreTouch ## basic # explicitly set the stack size
-Xss1m # set to headless, just in case
-Djava.awt.headless=true # ensure UTF- encoding by default (e.g. filenames)
-Dfile.encoding=UTF- # use our provided JNA always versus the system one
-Djna.nosys=true # turn off a JDK optimization that throws away stack traces for common
# exceptions because stack traces are important for debugging
-XX:-OmitStackTraceInFastThrow # flags to configure Netty
-Dio.netty.noUnsafe=true
-Dio.netty.noKeySetOptimization=true
-Dio.netty.recycler.maxCapacityPerThread= # log4j
-Dlog4j.shutdownHookEnabled=false
-Dlog4j2.disable.jmx=true -Djava.io.tmpdir=${ES_TMPDIR} ## heap dumps # generate a heap dump when an allocation from the Java heap fails
# heap dumps are created in the working directory of the JVM
-XX:+HeapDumpOnOutOfMemoryError # specify an alternative path for heap dumps; ensure the directory exists and
# has sufficient space
-XX:HeapDumpPath=data # specify an alternative path for JVM fatal error logs
-XX:ErrorFile=logs/hs_err_pid%p.log ## JDK GC logging :-XX:+PrintGCDetails
:-XX:+PrintGCDateStamps
:-XX:+PrintTenuringDistribution
:-XX:+PrintGCApplicationStoppedTime
:-Xloggc:logs/gc.log
:-XX:+UseGCLogFileRotation
:-XX:NumberOfGCLogFiles=
:-XX:GCLogFileSize=64m # JDK + GC logging
-:-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=,filesize=64m
# due to internationalization enhancements in JDK Elasticsearch need to set the provider to COMPAT otherwise
# time/date parsing will break in an incompatible way for some date patterns and locals
-:-Djava.locale.providers=COMPAT # temporary workaround for C2 bug with JDK on hardware with AVX-
-:-XX:UseAVX=
#cat docker-compose.yml
version: '' services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:6.1.
ports:
- "9200:9200"
- "9300:9300"
environment:
- ES_JAVA_OPTS: "-Xms30g -Xmx30g" - cluster.name=docker-cluster
- bootstrap.memory_lock=true
ulimits:
memlock:
soft: -1
hard: -1
networks:
- docker_elk
volumes:
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
- /data/elasticsearch1:/usr/share/elasticsearch/data
- /data/tt:/usr/share/elasticsearch/plugins/ - /data/backups:/usr/share/elasticsearch/backups - /data/longterm_backups:/usr/share/elasticsearch/longterm_backups - ./elasticsearch/config/jvm.options:/usr/share/elasticsearch/config/jvm.options logstash:
image: docker.elastic.co/logstash/logstash:6.1.
command: -f /etc/logstash/conf.d/ --config.reload.automatic
volumes:
- ./logstash/config:/etc/logstash/conf.d
ports:
- "5001:5001"
- "5044:5044"
networks:
- docker_elk
depends_on:
- elasticsearch
kibana:
image: docker.elastic.co/kibana/kibana:6.1.
volumes:
- /tmp/:/etc/archives/
- ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml
# - /data/tt:/usr/share/kibana/plugins/
ports:
- "5601:5601"
networks:
- docker_elk
depends_on:
- elasticsearch
networks:
docker_elk:
driver: bridge
提前将插件下载到/data/tt目录下面。x-pack一定要安装到elasticsearch,下载x-pack:
# wget https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-6.1.3.zip
仅保留elasticsearch目录,其他的都删掉,并将elasticsearch重命名为x-pack
#mv elasticsearch x-pack
重启elasticsearch。
修改系统参数:
vim /etc/sysctl.conf
vm.max_map_count= 使参数生效
sysctl -p
chown -R 1000:1000 /data/elasticsearch1
4、启动容器
在docker-compose文件的目录下:
#docker-compose up -d
5、配置nginx反向代理
server {
listen *:;
client_max_body_size 2048m;
client_body_timeout 300000000s;
send_timeout 3000000000s;
auth_basic "Protected Elasticsearch";
auth_basic_user_file /etc/nginx/.htpasswd;
access_log /var/log/nginx/elk_access.log;
error_log /var/log/nginx/elk_error.log; server_name elk.xget.com; location / {
proxy_pass http://10.10.1.2:5601;
proxy_read_timeout 200000s;
proxy_send_timeout 200000s;
} } server {
listen *:;
location / {
proxy_pass http://10.10.1.2:9200;
}
} server {
client_max_body_size 2048m;
client_body_timeout 300000000s;
send_timeout 300000000s;
listen *:;
location / {
proxy_pass http://10.10.1.2:9300;
proxy_read_timeout 20000s;
proxy_send_timeout 20000s;
}
}
FAQ:
1、启动过程elasticsearch报错,配置文件里面的x-pack相关配置,加载不了。此时可以先把配置文件里面x-pack相关想注释掉,启动后再添加上。然后重启elasticsearch。
2、kibana启动后访问界面,需要认证,可以在elasticsearch和kibana的配置文件里面添加如下内容,禁用认证:
xpack.security.enabled: false