elk系列教程:docker中安装配置elk

发布于 2019-07-24  3303 次阅读

elasticSearch

Docker安装elasticsearch:

docker pull docker.io/elasticsearch:7.2.0

启动:

docker run -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" --name es -d docker.io/elasticsearch:7.2.0

logstash

Docker安装logstash

docker pull docker.io/logstash:7.2.0

配置:

运行容器:

docker run --name logstash -d -p 5044:5044 -p 9600:9600 logstash:7.2.0

创建配置文件目录,设置权限:

mkdir -p /home/elk/logstash/config && \
chown -R 1000 /home/elk/logstash

拷贝配置文件: 

docker cp logstash:/usr/share/logstash/config /home/elk/logstash/config

删除容器:

docker rm -f logstash

重新运行容器:

docker run --name logstash -d \
-p 5044:5044 \
-p 9600:9600 \
-v /home/elk/logstash/config:/usr/share/logstash/config \
-v /home/elk/logstash/jars/ojdbc7.jar:/usr/share/logstash/logstash-core/lib/jars/ojdbc7.jar \
-e xpack.monitoring.elasticsearch.hosts=http://192.168.52.131:9200 \
logstash:7.2.0 \
-f /usr/share/logstash/config/logstash-sample.conf

logstash-sample.conf配置:

input {
  jdbc {
    jdbc_driver_library => "mysql-connector-java-5.1.47.jar"
    jdbc_driver_class => "com.mysql.jdbc.Driver"
    jdbc_connection_string => "jdbc:mysql://127.0.0.1:3306/sms_db"
    jdbc_user => "root"
    jdbc_password => "x5"
    schedule => "* * * * *"
    jdbc_default_timezone => "Asia/Shanghai"
    statement => "select * from sms_sendsms"
    use_column_value  => false
  }
}
output{
    elasticsearch{
        hosts => "192.168.44.129:9200" # ES连接
        index => "uum_user_log"      # ES索引名称
        document_id => "%{id}"   # id对应ORACLE中主键字段
    }
}

注:驱动程序这里我搞了好久都没有搞定,后面看到官方的github里面有人提问说将jar放到logstash容器里面的/usr/share/logstash/logstash-core/lib/jars文件夹中,好像logstash默认就是读取jars文件夹中的驱动,所以jdbc_driver_library 这个位置直接写驱动名称就行了,所以猜想启动语句中,不包含第二条挂载语句的话,jdbc_driver_library => " ../../../config/ mysql-connector-java-5.1.47.jar"是否可以这种挂载文件,本人未作校验。

kibana

Docker安装kibana

docker pull docker.io/kibana:7.2.0

配置:

docker run --rm -p 5601:5601 --link es:elasticsearch \
-e ELASTICSEARCH_URL=http://localhost:9200 --name kibana \
-v /home/elk/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml kibana:7.2.0

kibana.yml配置:

[root@localhost config]# cat kibana.yml 
#
## ** THIS IS AN AUTO-GENERATED FILE **
##
#
## Default Kibana configuration for docker target
server.name: kibana
server.host: "0"
elasticsearch.hosts: [ "http://192.168.44.130:9200" ]
xpack.monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: zh-CN      #汉化

个人博客,用于记录工作日常的问题。