Fork me on GitHub

使用docker搭建elk

mkdir -p /mydata/elasticsearch/config
mkdir -p /mydata/elasticsearch/data

echo "http.host: 0.0.0.0">>/mydata/elasticsearch/config/elasticsearch.yml

docker pull elasticsearch:5.6.11

docker run --name elasticsearch -p 9200:9200 -p 9300:9300 \
-e "discovery.type=single-node" \
-e "ES_JAVA_OPTS=-Xms256m -Xmx256m" \
-v /mydata/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /mydata/elasticsearch/data:/usr/share/elasticsearch/data \
-d elasticsearch:5.6.11

docker ps


9200:http restful接口
9300:elasticsearch集群内部通讯接口


# 设置初始内存和最大内存
-e "ES_JAVA_OPTS=-Xms256m -Xmx256m"

free -m

=====================logstash========================
mkdir -p /mydata/logstash/

cd /mydata/logstash/

vim logstash.conf

input {
    tcp {
        #host =>"192.168.95.128"
        port => 4560
        codec => json_lines
    }
} 
output {
     stdout {
        codec => rubydebug
     }
     elasticsearch {
        #action => "index"
        hosts => ["192.168.20.130:9200"]
        index => "applog"
     }
}

docker pull logstash:5.6.15
 
docker run -d -p 4560:4560 \
-v /mydata/logstash/logstash.conf:/etc/logstash.conf \
--link elasticsearch:elasticsearch \
--name logstash logstash:5.6.15 \
logstash -f /etc/logstash.conf

# 安装插件
docker exec -it logstash /bin/bash
cd /usr/share/logstash/bin(不知道目录的使用whereis logstash查找)
logstash-plugin list|grep json_lines(查找如果没有json_lines,执行如下安装)
logstash-plugin install logstash-codec-json_lines


=====================kibana=======================
# 一定与elasticsearch版本对应
docker pull kibana:5.6.11

docker run -p 5601:5601 --name kibana \
--link elasticsearch:elasticsearch \
-e ELASTICSEARCH_URL=http://192.168.20.130:9200 \
-d kibana:5.6.11



#容器开机自动启动
docker update id --restart=always



docker中 启动所有的容器命令
docker start $(docker ps -a | awk '{ print $1}' | tail -n +2)

docker中 关闭所有的容器命令
docker stop $(docker ps -a | awk '{ print $1}' | tail -n +2)

docker中 删除所有的容器命令
docker rm $(docker ps -a | awk '{ print $1}' | tail -n +2)

docker中 删除所有的镜像
docker rmi $(docker images | awk '{print $3}' |tail -n +2)

tail -n +2 表示从第二行开始读取

 

posted @ 2020-03-12 18:39  迁梦余光  阅读(247)  评论(0编辑  收藏  举报