Detailed explanation of using Docker to quickly deploy the ELK environment (latest version 5.5.1)

After installing Docker on the Linux server, Pull the relevant official Docker image:

docker pull docker.elastic.co/elasticsearch/elasticsearch:5.5.1
docker pull docker.elastic.co/kibana/kibana:5.5.1
docker pull docker.elastic.co/logstash/logstash:5.5.1

Start the Elastic Search container:

docker run -p 9200:9200 -e "http.host=0.0.0.0" -e "transport.host=127.0.0.1" \
--name my-elastic -d docker.elastic.co/elasticsearch/elasticsearch:5.5.1

Start the Kibana container:

docker run -p 5601:5601 -e "ELASTICSEARCH_URL=http://localhost:9200" --name my-kibana \
--network host -d docker.elastic.co/kibana/kibana:5.5.1

Create logstash/logstash.yml and configure xpack to monitor logstash:

http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline
xpack.monitoring.elasticsearch.url: http://localhost:9200
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: changeme

Create logstash/conf.d/logstash.conf and configure the input and output of logstash:

input {
 file {
  path => "/tmp/access_log"
  start_position => "beginning"
 }
}
output {
 elasticsearch
  hosts => ["localhost:9200"]
  user => "elastic"
  password => "changeme"
 }
}

Start the Logstash container:

docker run -v /home/ubuntu/logstash/conf.d:/usr/share/logstash/pipeline/:ro -v /tmp:/tmp:ro \
-v /home/ubuntu/logstash/logstash.yml:/usr/share/logstash/config/logstash.yml:ro --name my-logstash \
--network host -d docker.elastic.co/logstash/logstash:5.5.1

Test it and add two lines of information to /tmp/access.log:

echo "Hello World!" >> /tmp/access_log
echo "Hello ELK!" >> /tmp/access_log

Open the kibana link http://yourhost:5601 and log in using the username/password: elastic/changeme. On the "Configure an index pattern" page, click the Create button. Click the Monitor menu to view the status of the ELK node

Kibana Monitor

Click the Discover menu in Kibana to see the relevant log information:

Kibana Discover

Deploy using Elastic Search cluster

Elastic officially provides a method to start the Elastic Search cluster with docker-compose. First, install docker-compose

curl -L https://github.com/docker/compose/releases/download/1.15.0/docker-compose-Linux-x86_64 \
> /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

Create an elasticsearch/docker-compose.yml file:

version: '2'
services:
 elasticsearch1:
  image: docker.elastic.co/elasticsearch/elasticsearch:5.5.1
  container_name: elasticsearch1
  environment:
   - cluster.name=docker-cluster
   - bootstrap.memory_lock=true
   - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
  ulimits:
   memlock:
    soft: -1
    hard: -1
  mem_limit: 1g
  volumes:
   - esdata1:/usr/share/elasticsearch/data
  ports:
   - 9200:9200
  networks:
   -esnet
 elasticsearch2:
  image: docker.elastic.co/elasticsearch/elasticsearch:5.5.1
  environment:
   - cluster.name=docker-cluster
   - bootstrap.memory_lock=true
   - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
   - "discovery.zen.ping.unicast.hosts=elasticsearch1"
  ulimits:
   memlock:
    soft: -1
    hard: -1
  mem_limit: 1g
  volumes:
   - esdata2:/usr/share/elasticsearch/data
  networks:
   -esnet

volumes:
 esdata1:
  driver: local
 esdata2:
  driver: local

networks:
 esnet:

Append a line to the /etc/sysctl.conf file

vm.max_map_count = 262144

Execute the command to apply the changes:

sudo sysctl -p

Execute the following command in the directory where docker-compose.yml is located to start the elastic search cluster:

docker stop my-elastic && docker rm my-elastic
docker-compose up &

In the Monitor menu in Kibana, you can see that the Elastic Search cluster is working properly:

Elastic Cluster

Change the default password

The default account password for Elastic Docker Images is elastic/changeme. Using the default password is unsafe. Suppose you want to change the password to elastic0. Execute the command on the server where Docker is located to change the password of user elastic:

curl -XPUT -u elastic 'localhost:9200/_xpack/security/user/elastic/_password' -H "Content-Type: application/json" \
-d '{
 "password" : "elastic0"
}'

Set the password and restart Kibana:

docker stop my-kibana && docker rm my-kibana
docker run -p 5601:5601 -e "ELASTICSEARCH_URL=http://localhost:9200" -e "ELASTICSEARCH_PASSWORD=elastic0" \
--name my-kibana --network host -d docker.elastic.co/kibana/kibana:5.5.1

Modify the passwords in logstash/logstash.yml and logstash/conf.d/logstash.conf, and then restart the logstash service

docker restart my-logstash

Test it and add two lines of information to /tmp/access.log:

echo "Hello World!" >> /tmp/access_log
echo "Hello ELK!" >> /tmp/access_log

Open the kibana link http://yourhost:5601 and log in using username/password: elastic/elastic0. On the "Configure an index pattern" page, click the Create button. Click the Monitor menu to view the status of the ELK node. The default password has been changed successfully.

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.

You may also be interested in:

Sample code for deploying ELK using Docker-compose
Detailed explanation of how to use Docker to quickly deploy the ELK environment (latest version 5.5.1)

<<: js realizes packaging multiple pictures into zip

>>: How to install mysql via yum on centos7

Automatically install the Linux system based on cobbler

Detailed explanation of using Docker to quickly deploy the ELK environment (latest version 5.5.1)

Automatically install the Linux system based on cobbler

How to embed other web pages in a web page using iframe

How to create a flame effect using CSS

Example of utf8mb4 collation in MySQL

Several situations where div is covered by iframe and their solutions

Explanation of the precautions for Mysql master-slave replication

MySQL database introduction: detailed explanation of multi-instance configuration method

Using NTP for Time Synchronization in Ubuntu

How to monitor the running status of docker container shell script

An elegant way to handle WeChat applet authorization login

Recommend

The easiest way to create a new user and grant permissions to MySQL

Docker image access to local elasticsearch port operation

Using Zabbix to monitor the operation process of Oracle table space

Detailed explanation of how to connect to MySQL database using Java in IntelliJ IDEA

Pure CSS to achieve input box placeholder animation and input verification

Prevent HTML and JSP pages from being cached and re-fetched from the web server

mysql 8.0.18.zip installation and configuration method graphic tutorial (windows 64 bit)

What qualities should a good advertisement have?

Start nginxssl configuration based on docker

This article helps you understand PReact10.5.13 source code

The principles and defects of MySQL full-text indexing

Problems and solutions of using TweenMax animation library in angular

MySQL deadlock routine: inconsistent batch insertion order under unique index

Basic installation tutorial of mysql decompression package

Use of Linux ls command