Detailed explanation of using Docker to quickly deploy the ELK environment (latest version 5.5.1)

After installing Docker on the Linux server, Pull the relevant official Docker image:

docker pull docker.elastic.co/elasticsearch/elasticsearch:5.5.1
docker pull docker.elastic.co/kibana/kibana:5.5.1
docker pull docker.elastic.co/logstash/logstash:5.5.1

Start the Elastic Search container:

docker run -p 9200:9200 -e "http.host=0.0.0.0" -e "transport.host=127.0.0.1" \
--name my-elastic -d docker.elastic.co/elasticsearch/elasticsearch:5.5.1

Start the Kibana container:

docker run -p 5601:5601 -e "ELASTICSEARCH_URL=http://localhost:9200" --name my-kibana \
--network host -d docker.elastic.co/kibana/kibana:5.5.1

Create logstash/logstash.yml and configure xpack to monitor logstash:

http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline
xpack.monitoring.elasticsearch.url: http://localhost:9200
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: changeme

Create logstash/conf.d/logstash.conf and configure the input and output of logstash:

input {
 file {
  path => "/tmp/access_log"
  start_position => "beginning"
 }
}
output {
 elasticsearch
  hosts => ["localhost:9200"]
  user => "elastic"
  password => "changeme"
 }
}

Start the Logstash container:

docker run -v /home/ubuntu/logstash/conf.d:/usr/share/logstash/pipeline/:ro -v /tmp:/tmp:ro \
-v /home/ubuntu/logstash/logstash.yml:/usr/share/logstash/config/logstash.yml:ro --name my-logstash \
--network host -d docker.elastic.co/logstash/logstash:5.5.1

Test it and add two lines of information to /tmp/access.log:

echo "Hello World!" >> /tmp/access_log
echo "Hello ELK!" >> /tmp/access_log

Open the kibana link http://yourhost:5601 and log in using the username/password: elastic/changeme. On the "Configure an index pattern" page, click the Create button. Click the Monitor menu to view the status of the ELK node

Kibana Monitor

Click the Discover menu in Kibana to see the relevant log information:

Kibana Discover

Deploy using Elastic Search cluster

Elastic officially provides a method to start the Elastic Search cluster with docker-compose. First, install docker-compose

curl -L https://github.com/docker/compose/releases/download/1.15.0/docker-compose-Linux-x86_64 \
> /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

Create an elasticsearch/docker-compose.yml file:

version: '2'
services:
 elasticsearch1:
  image: docker.elastic.co/elasticsearch/elasticsearch:5.5.1
  container_name: elasticsearch1
  environment:
   - cluster.name=docker-cluster
   - bootstrap.memory_lock=true
   - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
  ulimits:
   memlock:
    soft: -1
    hard: -1
  mem_limit: 1g
  volumes:
   - esdata1:/usr/share/elasticsearch/data
  ports:
   - 9200:9200
  networks:
   -esnet
 elasticsearch2:
  image: docker.elastic.co/elasticsearch/elasticsearch:5.5.1
  environment:
   - cluster.name=docker-cluster
   - bootstrap.memory_lock=true
   - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
   - "discovery.zen.ping.unicast.hosts=elasticsearch1"
  ulimits:
   memlock:
    soft: -1
    hard: -1
  mem_limit: 1g
  volumes:
   - esdata2:/usr/share/elasticsearch/data
  networks:
   -esnet

volumes:
 esdata1:
  driver: local
 esdata2:
  driver: local

networks:
 esnet:

Append a line to the /etc/sysctl.conf file

vm.max_map_count = 262144

Execute the command to apply the changes:

sudo sysctl -p

Execute the following command in the directory where docker-compose.yml is located to start the elastic search cluster:

docker stop my-elastic && docker rm my-elastic
docker-compose up &

In the Monitor menu in Kibana, you can see that the Elastic Search cluster is working properly:

Elastic Cluster

Change the default password

The default account password for Elastic Docker Images is elastic/changeme. Using the default password is unsafe. Suppose you want to change the password to elastic0. Execute the command on the server where Docker is located to change the password of user elastic:

curl -XPUT -u elastic 'localhost:9200/_xpack/security/user/elastic/_password' -H "Content-Type: application/json" \
-d '{
 "password" : "elastic0"
}'

Set the password and restart Kibana:

docker stop my-kibana && docker rm my-kibana
docker run -p 5601:5601 -e "ELASTICSEARCH_URL=http://localhost:9200" -e "ELASTICSEARCH_PASSWORD=elastic0" \
--name my-kibana --network host -d docker.elastic.co/kibana/kibana:5.5.1

Modify the passwords in logstash/logstash.yml and logstash/conf.d/logstash.conf, and then restart the logstash service

docker restart my-logstash

Test it and add two lines of information to /tmp/access.log:

echo "Hello World!" >> /tmp/access_log
echo "Hello ELK!" >> /tmp/access_log

Open the kibana link http://yourhost:5601 and log in using username/password: elastic/elastic0. On the "Configure an index pattern" page, click the Create button. Click the Monitor menu to view the status of the ELK node. The default password has been changed successfully.

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.

You may also be interested in:

Sample code for deploying ELK using Docker-compose
Detailed explanation of how to use Docker to quickly deploy the ELK environment (latest version 5.5.1)

<<: js realizes packaging multiple pictures into zip

>>: How to install mysql via yum on centos7

Detailed explanation of using Docker to quickly deploy the ELK environment (latest version 5.5.1)

Detailed explanation of MySQL redo log (redo log) and rollback log (undo logo)

Play and save WeChat public account recording files (convert amr files to mp3)

Tips for adding favicon to a website: a small icon in front of the URL

Summary of Mysql high performance optimization skills

Detailed tutorial on docker-compose deployment and configuration of Jenkins

Detailed explanation of how Vue returns values to dynamically generate forms and submit data

Some suggestions on Vue code readability

Several ways to vertically and horizontally center in CSS3 with indefinite height and width

Docker installs and runs the rabbitmq example code

CSS and HTML and front-end technology layer diagram

Recommend

WeChat applet implements fixed header and list table components

Analysis and solution of Chinese garbled characters in HTML hyperlinks

CSS uses position + margin to achieve the method of horizontal and vertical centering of fixed boxes

A brief analysis of React's understanding of state

MySQL 8.0.17 installation and simple configuration tutorial under macOS

Vue realizes picture switching effect

How to expand the disk space of Linux server

Understand the basics of Navicat for MySQL in one article

Implementation of Nginx Intranet Standalone Reverse Proxy

Mobile web screen adaptation (rem)

vue3 custom directive details

Make your website run fast

Summary of common Mysql DDL operations

18 common commands in MySQL command line

Users need to know why