docker-compose安装elk

docker-compose.yml

yml 复制代码
version: '3.8'

services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:8.14.0
    container_name: elasticsearch
    environment:
      - node.name=elasticsearch
      - cluster.name=es-docker-cluster
      - discovery.type=single-node
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - xpack.security.enabled=false
      - xpack.security.enrollment.enabled=false
      - xpack.security.http.ssl.enabled=false
      - xpack.security.transport.ssl.enabled=false
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
      - ./data/elasticsearch:/usr/share/elasticsearch/data
      - ./elasticsearch/plugins:/usr/share/elasticsearch/plugins
    ports:
      - "9200:9200"
      - "9300:9300"
    networks:
      - elk
    restart: unless-stopped

  logstash:
    image: docker.elastic.co/logstash/logstash:8.14.0
    container_name: logstash
    volumes:
      - ./logstash/config/logstash.conf:/usr/share/logstash/pipeline/logstash.conf
      - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml
    ports:
      - "5044:5044"
      - "15000:5000/tcp"
      - "15000:5000/udp"
      - "9600:9600"
    environment:
      - LS_JAVA_OPTS=-Xms256m -Xmx256m
    networks:
      - elk
    depends_on:
      - elasticsearch
    restart: unless-stopped

  kibana:
    image: docker.elastic.co/kibana/kibana:8.14.0
    container_name: kibana
    ports:
      - "5601:5601"
    environment:
      - ELASTICSEARCH_HOSTS=http://elasticsearch:9200
      - NODE_OPTIONS=--openssl-legacy-provider
      - SERVER_NAME=kibana
      - SERVER_HOST=0.0.0.0
      - ELASTICSEARCH_USERNAME=  # 留空以禁用安全
      - ELASTICSEARCH_PASSWORD=  # 留空以禁用安全
      - XPACK_SECURITY_ENABLED=false
      - XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY=fhjskloppd678ehkdfdlliverpoolfcr
      - I18N_LOCALE=zh-CN
      - XPACK_FLEET_ENABLED=false
      - XPACK_SPACES_ENABLED=false
      - ELASTICSEARCH_HOSTS=http://elasticsearch:9200
      - NODE_OPTIONS=--openssl-legacy-provider
    networks:
      - elk
    depends_on:
      - elasticsearch
    restart: unless-stopped

networks:
  elk:
    driver: bridge

elasticsearch/config/elasticsearch.yml

yml 复制代码
cluster.name: "es-docker-cluster"
network.host: 0.0.0.0

# 单节点配置
discovery.type: single-node

# 关闭安全特性(开发环境)
xpack.security.enabled: false
xpack.security.enrollment.enabled: false

# 禁用 HTTPS
xpack.security.http.ssl.enabled: false
xpack.security.transport.ssl.enabled: false

# 允许跨域
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization

elasticsearch/plugins

sh 复制代码
wget https://release.infinilabs.com/analysis-ik/stable/elasticsearch-analysis-ik-8.14.0.zip
unzip elasticsearch-analysis-ik-8.14.0.zip -d analysis-ik
rm elasticsearch-analysis-ik-8.14.0.zip

kibana/config/kibana.yml

yml 复制代码
server.name: kibana
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://elasticsearch:9200"]
monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: "zh-CN"
xpack.security.enabled: false
xpack.encryptedSavedObjects.encryptionKey: 'fhjskloppd678ehkdfdlliverpoolfcr'

# 添加缺失的 xpack.security 相关配置
xpack.security.encryptionKey: 'fhjskloppd678ehkdfdlliverpoolfcr'

logstash/config/logstash.conf

conf 复制代码
input {
  tcp {
    port => 5000
    codec => json
  }
  beats {
    port => 5044
  }
}

output {
  elasticsearch {
    hosts => ["elasticsearch:9200"]
    index => "logstash-%{+YYYY.MM.dd}"
  }
  stdout {
    codec => rubydebug
  }
}

logstash/config/logstash.yml

yml 复制代码
http.host: "0.0.0.0"
path.config: /usr/share/logstash/pipeline
相关推荐
lichenyang4532 天前
Docker 学习笔记(五):Docker Compose,用一个 YAML 启动前端、后端和 MongoDB
docker
lichenyang4532 天前
Docker 学习笔记(四):Dockerfile,把项目打成自己的镜像
docker·容器
lichenyang4532 天前
Docker 学习笔记(三):Docker 网络、bridge、子网和容器互通
docker·容器
lichenyang4532 天前
Docker 学习笔记(二):docker run 的参数到底在控制什么?
docker·容器
Patrick_Wilson7 天前
从「改个端口」到 502:Next.js on k8s 的容器端口、Service 映射与 env 覆盖
docker·kubernetes·next.js
Suroy7 天前
DockerView-Go:用 Go 写一个终端 Docker 监控工具,顺便做了个 Web 仪表盘
docker
云恒要逆袭7 天前
运行你的第一个Docker容器
后端·docker·容器
宋均浩8 天前
# Docker 镜像瘦身实战:从 1.2G 到 80MB 的五个优化步骤
ci/cd·docker
程序员老赵9 天前
10 分钟部署 OpenCode:Docker 一键安装,浏览器打开就能用 AI 写代码(附完整命令与排错)
docker·容器·ai编程
WangMingHua1119 天前
LM Studio Docker 部署——本地大模型一键启动
docker