Docker部署 elasticsearch 2.X 简要步骤概述

概述：

简单介绍使用docker部署elk 2.X 环境(仅仅给出步骤)

关于ELK 基础原理学习请参考

• ELK安装 https://github.com/nbigot/openresty_nginx_logstash_kibana_elasticsearch_centos6
• 官方文档 https://www.elastic.co/guide/index.html
• elasticsearch 权威指南 http://www.learnes.net/
• ELK stack 权威指南 http://kibana.logstash.es/content/logstash/

准备镜像

• elasticsearch
• kibana
• kibana-manager
• logstash
• nginx

---

开启 elasticsearch：

[root@es1 elk]# cat ela.sh #!/bin/bashdocker run -d \--name es \-p 9200:9200 \-p 9300:9300 \-v /es-data/:/usr/share/elasticsearch/data \hub.yfcloud.io/itom/elasticsearch:2.4

开启 kibana:

[root@localhost elk]# cat kibana.sh #!/bin/bashdocker run --name kibana \-e ELASTICSEARCH_URL=http://192.168.11.100:9200 \-p 5601:5601 \-d kibana:4.6[root@localhost opt]# cat mkafka.sh #!/bin/bashdocker run -d \--name kmanager \-e ZK_HOSTS="192.168.11.100:2181" \ # zookeeper此处不在介绍-p 9000:9000 \kafka-manager

---

logstash + nginx

[root@localhost elk]# cat nginx.conf user  nginx;worker_processes  1;error_log  /var/log/nginx/errorlog.log warn;pid        /var/run/nginx.pid;events {    worker_connections  1024;}http {    include       /etc/nginx/mime.types;    default_type  application/octet-stream;    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '                      '$status $body_bytes_sent "$http_referer" '                      '"$http_user_agent" "$http_x_forwarded_for"';    access_log  /var/log/nginx/accesslog.log  main;    sendfile        on;    keepalive_timeout  65;include /etc/nginx/conf.d/*.conf;}[root@localhost elk]# cat logstash.conf input {    file {        path => "/tmp/nginx/*access*.log"        start_position => beginning    }}filter {    grok {        match => { "message" => "%{COMBINEDAPACHELOG} %{QS:x_forwarded_for}"}    }    date {        match => [ "timestamp", "UNIX" ]    }    geoip {        source => "clientip"    }}output {    elasticsearch {     hosts => "192.168.11.100:9200"     index => "nginx-%{+YYYY.MM.dd}"    }    stdout { codec => rubydebug }}

使用compose编排logstash-nginx:

[root@localhost elk]# cat docker-compose.yml version: '2'services:     nginx:        image: nginx:alpine        ports:          - 80:80        volumes:          - /tmp/nginx:/var/log/nginx          - ./nginx.conf:/etc/nginx/nginx.conf     logstash:        image: hub.yfcloud.io/itom/logstash:2.4        ports:          - 9600:9600        volumes:          - /tmp/nginx:/tmp/nginx          - ./logstash.conf:/etc/logstash/conf.d/logstash.conf        command: [-f,/etc/logstash/conf.d/logstash.conf]

---

特别提示：

elasticsearch / kibana 5.X 版本已经将插件集成到官方插件 x-pack

详细介绍请查看官方x-pack介绍

---

elasticsearch 2.X 版本相关插件

• NLPchina/elasticsearch-sql
• mobz/elasticsearch-head
• lmenezes/elasticsearch-kopf
• elasticsearch插件大全