基于Docker安装部署ELK版本8.11.3(http模式)
本文介绍了ELK 8.11.3(HTTP模式)的安装部署过程。主要内容包括:1)Elasticsearch安装,通过Docker方式拉取镜像、配置挂载目录、修改配置文件并启动服务;2)Kibana安装,创建配置文件并链接Elasticsearch;3)Logstash安装,配置输入、过滤和输出规则。重点说明了各组件间的认证配置、目录权限设置以及密码管理。安装完成后可通过9200端口访问Elasti
·
ELK8.11.3(http模式)
Elasticsearch安装
安装elasticsearch指定版本:elasticsearch:8.11.3
1.拉取镜像:
docker pull docker.1ms.run/library/elasticsearch:8.11.3
2.临时启动copy配置文件
docker run -d --name elasticsearch8 -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e "ES_JAVA_OPTS=-Xms512m -Xmx1024m" docker.1ms.run/library/elasticsearch:8.11.3
3.创建挂载目录:
mkdir -p /data/elasticsearch8.11.3/config
mkdir -p /data/elasticsearch8.11.3/plugins
mkdir -p /data/elasticsearch8.11.3/data
mkdir -p /data/elasticsearch8.11.3/logs
4.拷贝配置文件:
docker cp elasticsearch8:/usr/share/elasticsearch/config /data/elasticsearch8.11.3/config
docker cp elasticsearch8:/usr/share/elasticsearch/data /data/elasticsearch8.11.3/data
docker cp elasticsearch8:/usr/share/elasticsearch/logs /data/elasticsearch8.11.3/logs
docker cp elasticsearch8:/usr/share/elasticsearch/plugins /data/elasticsearch8.11.3/plugins
5.设置目录权限:设置用户755权限
chmod -R 755 /data/elasticsearch/
6.修改配置文件
修改/data/elasticsearch8.11.3/config/elasticsearch.yml
关闭https:
cluster.name: "docker-cluster"
network.host: 0.0.0.0
#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 03-12-2025 05:36:37
#
# --------------------------------------------------------------------------------
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: false
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
#----------------------- END SECURITY AUTO CONFIGURATION -------------------------
7.停止旧容器并删除
#停止旧容器
docker stop elasticsearch8
#删除旧容器
docker rm elasticsearch8
8.启动elasticsearch8镜像:
ELASTIC_PASSWORD=Yourpassword 换成你的密码
docker run -d --name elasticsearch8 \
-h 127.0.0.1 \
-p 9200:9200 \
-p 9300:9300 \
-e "discovery.type=single-node" \
-e "ES_JAVA_OPTS=-Xms512m -Xmx2048m" \
-e ELASTIC_PASSWORD=Yourpassword \
-v /etc/localtime:/etc/localtime \
-v /etc/timezone:/etc/timezone \
-v /data/elasticsearch8.11.3/config:/usr/share/elasticsearch/config \
-v /data/elasticsearch8.11.3/plugins:/usr/share/elasticsearch/plugins \
-v /data/elasticsearch8.11.3/data:/usr/share/elasticsearch/data \
-v /data/elasticsearch8.11.3/logs:/data/elasticsearch8.11.3/logs \
--restart always \
docker.1ms.run/library/elasticsearch:8.11.3
9.设置密码
进入运行elasticsearch的docker容器设置各用户的密码:
设置密码的账号:elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_use
docker exec -it elasticsearch8 /bin/bash
./bin/elasticsearch-setup-passwords interactive
Kibana安装
安装kibana指定版本:kibana:8.11.3
1.拉取制定版本镜像:
docker pull docker.1ms.run/library/kibana:8.11.3
2.创建kibana挂载的相关目录:
mkdir -p /data/kibana8.11.3/config
3.创建kibana的配置文件kibana.yml:
cd /data/kibana8.11.3/config
touch kibana.yml
kibana.yml内容如下:
注意替换kibana_system的密码。
#
# ** THIS IS AN AUTO-GENERATED FILE **
#
# Default Kibana configuration for docker target
server.host: "0.0.0.0"
server.shutdownTimeout: "5s"
elasticsearch.hosts: ["http://elasticsearch:9200"]
monitoring.ui.container.elasticsearch.enabled: true
# elasticsearch.ssl.certificateAuthorities: ["/certs/http_ca.crt"]
elasticsearch.username: "kibana_system"
elasticsearch.password: "******"
i18n.locale: "zh-CN"
4.启动镜像:
docker run --name kibana8 -p 5601:5601 \
--link elasticsearch8:elasticsearch \
-e "elasticsearch.hosts=https://elasticsearch:9200" \
-v /etc/localtime:/etc/localtime \
-v /data/kibana8.11.3/config:/usr/share/kibana/config \
--restart=always \
-d docker.1ms.run/library/kibana:8.11.3
启动成功浏览器可以访问:http://ip:5601/
Logstash安装
安装Logstash指定版本:logstash:8.11.3
1.拉取制定版本镜像:
docker pull docker.1ms.run/library/logstash:8.11.3
2.创建Logstash 相关挂载目录:
mkdir -p /data/logstash8.11.3
3.创建配置文件
创建:logstash.conf
cd /data/logstash8.11.3
touch logstash.conf
logstash.conf内容如下:
input {
beats {
port => 5044
}
}
filter {
grok {
match => { "message" => "%{TIMESTAMP_ISO8601:timestamp} $$%{DATA:thread}$$ %{LOGLEVEL:level} %{JAVACLASS:logger} - %{GREEDYDATA:message}" }
}
date {
match => [ "timestamp", "yyyy-MM-dd HH:mm:ss" ]
}
}
output {
elasticsearch {
hosts => ["http://elasticsearch:9200"]
index => "app-logs-%{+YYYY.MM.dd}"
user => "logstash_system"
password => "******"
}
}
创建:logstash.yml
cd /data/logstash8.11.3
touch logstash.yml
logstash.yml内容如下:
http.host: "0.0.0.0"
xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: *******
4.启动镜像:
docker run --name logstash8 -p 5044:5044 -p 9600:9600 \
--link elasticsearch8:elasticsearch \
-v /etc/localtime:/etc/localtime \
-v /etc/timezone:/etc/timezone \
-v /data/logstash8.11.3/logstash.yml:/usr/share/logstash/config/logstash.yml \
-v /data/logstash8.11.3/logstash.conf:/usr/share/logstash/pipeline/logstash.conf \
--restart=always \
-d docker.1ms.run/library/logstash:8.11.3
火山引擎开发者社区是火山引擎打造的AI技术生态平台,聚焦Agent与大模型开发,提供豆包系列模型(图像/视频/视觉)、智能分析与会话工具,并配套评测集、动手实验室及行业案例库。社区通过技术沙龙、挑战赛等活动促进开发者成长,新用户可领50万Tokens权益,助力构建智能应用。
更多推荐
4
0- 0
已为社区贡献1条内容
所有评论(0)