docker-compose搭建ELK · SpringCloud微服务实战 · 看云

Docker Compose搭建ELK

导航

正如官方所说的那样https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html,Elasticsearch默认使用mmapfs目录来存储索引。操作系统默认的mmap计数太低可能导致内存不足,我们可以使用下面这条命令来增加内存:

sysctl -w vm.max_map_count=262144

创建Elasticsearch数据挂载路径:

mkdir -p /fwcloud/elasticsearch/data

对该路径授予777权限:

chmod 777 /fwcloud/elasticsearch/data

创建Elasticsearch插件挂载路径:

mkdir -p /fwcloud/elasticsearch/plugins

创建Logstash配置文件存储路径:

mkdir -p /fwcloud/logstash

在该路径下创建logstash-fwcloud.conf配置文件(没有安装vim的话可以使用yum install vim命令安装):

vim /fwcloud/logstash/logstash-fwcloud.conf

内容如下所示:

input {
  tcp {
    mode => "server"
    host => "0.0.0.0"
    port => 4560
    codec => json_lines
  }
}
output {
  elasticsearch {
    hosts => "es:9200"
    index => "fwcloud-logstash-%{+YYYY.MM.dd}"
  }
}

创建ELK Docker Compose文件存储路径:

mkdir -p /fwcloud/elk

在该目录下创建docker-compose.yml文件:

vim /fwcloud/elk/docker-compose.yml

内容如下所示:

version: '3'
services:
  elasticsearch:
    image: elasticsearch:6.5.4
    container_name: elasticsearch
    environment:
      - "cluster.name=elasticsearch" #集群名称为 elasticsearch
      - "discovery.type=single-node" #单节点启动
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m" #jvm内存分配为 512MB
    volumes:
      - /fwcloud/elasticsearch/plugins:/usr/share/elasticsearch/plugins
      - /fwcloud/elasticsearch/data:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
  kibana:
    image: kibana:6.5.4
    container_name: kibana
    links:
      - elasticsearch:es #配置elasticsearch域名为 es
    depends_on:
      - elasticsearch
    environment:
      - "elasticsearch.hosts=http://es:9200" #因为上面配置了域名,所以这里可以简写为 http://es:9200
    ports:
      - 5601:5601
  logstash:
    image: logstash:6.5.4
    container_name: logstash
    volumes:
      - /fwcloud/logstash/logstash-fwcloud.conf:/usr/share/logstash/pipeline/logstash.conf
    depends_on:
      - elasticsearch
    links:
      - elasticsearch:es
    ports:
      - 4560:4560

切换到/fwcloud/elk目录下,使用如下命令启动:

docker-compose up -d

Creating network "elk_default" with the default driver
Pulling elasticsearch (elasticsearch:6.5.4)...
6.5.4: Pulling from library/elasticsearch
256b176beaff: Pull complete
23717033cad3: Pull complete
65a5d1e804d6: Pull complete
8d4cea401c47: Pull complete
7a6dfc1dcb18: Pull complete
addce80b2d10: Downloading [==========================>                        ]  72.46MB/135.2MB
fe838fcbdd84: Download complete
6a4a081ee70d: Download complete

第一次启动的时候,Docker需要拉取ELK镜像,过程可能稍慢,耐心等待即可。成功启动后,观察容器运行情况:

docker ps -a
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS                      PORTS                                                                                                       NAMES
db3b5608efcb        logstash:6.5.4        "/usr/local/bin/dock…"   22 minutes ago     Up 22 minutes                                                                                                                 logstash
e46c641be747        kibana:6.5.4          "/usr/local/bin/kiba…"   22 minutes ago      Up 22 minutes               0.0.0.0:5601->5601/tcp                                                                                      kibana
d52c34290ac0        elasticsearch:6.5.4   "/usr/local/bin/dock…"   22 minutes ago      Up 22 minutes               0.0.0.0:9200->9200/tcp, 9300/tcp

三个容器都已经启动成功。

Logstash中安装json_lines插件

使用如下命令进入到Logstash容器中:

docker exec -it logstash /bin/bash
cd /bin/
logstash-plugin install logstash-codec-json_lines
Validating logstash-codec-json_lines
Installing logstash-codec-json_lines
Installation successful

浏览器输入ip:5601

e1f33733e8cf61b81bb33439a62a0697_MD5.png

项目中使用

178d09696d400d4772fa4e925311d89d_MD5.png