Obsidian/3. elk compose

228 lines
7.6 KiB
Plaintext
Raw Normal View History

2023-08-14 15:46:10 +00:00
3. elk compose
1) 172 개발 서버 docker-compose.yml::/opt/docker-test/Docker-compose.yml (개발서버에 elk버전은 7.17.7 로 설치)
- elastic xpack 인증서 발급 예시 https://llnote.tistory.com/681
- 명령어 docker-compose build && docker-compose up -d 실행
version: '3.7'
services:
elastic01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7
container_name: es01
environment:
- node.name=es01-node
- cluster.name=es-docker-cluster
- cluster.initial_master_nodes=es01-node,es02-node,es03-node
- discovery.seed_hosts=118.220.143.173:9301,118.220.143.173:9302
- bootstrap.memory_lock=true
#- 'ES_JAVA_OPTS=-Xms4g -Xmx4g'
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- network.host=0.0.0.0
- node.master=true
- node.data=true
# - discovery.seed_hosts: ["es01-node:9300", "es02-node:9301", "es03-node:9302"]
- http.port=9200
- transport.tcp.port=9300
- network.publish_host=118.220.143.172
- xpack.security.enabled=true
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.client_authentication=required
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12
- xpack.security.transport.ssl.keystore.password=todnRkd1%
- xpack.security.transport.ssl.truststore.password=todnRkd1%
- ELASTIC_PASSWORD=changeme
- path.repo=/usr/share/elasticsearch/backup
ulimits: #메모리 잠금을 설정
memlock:
soft: -1
hard: -1
volumes:
- "~/elasticsearch/data01/data:/data"
# - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z #인증서가 있는 경우
# - backup:/usr/share/elasticsearch/backup
ports:
- 9200:9200
- 9300:9300
networks:
- elastic
restart: always
logstash: #logstash 설정
image: docker.elastic.co/logstash/logstash:7.17.7
container_name: logstash7
volumes: #설정파일 경로
- ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z #설정파일:docker logstash 경로
- ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
ports:
- 5044:5044
- 50000:50000/tcp
- 50000:50000/udp
- 9600:9600
environment:
LS_JAVA_OPTS: -Xms256m -Xmx256m
LOGSTASH_INTERNAL_PASSWORD: changeme
networks:
- elastic
depends_on:
- elastic01
kibana:
image: docker.elastic.co/kibana/kibana:7.17.7
container_name: kibana7
volumes:
- ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml
ports:
- 5601:5601
restart: always
volumes:
data01:
driver: local
data02:
driver: local
data03:
driver: local
backup:
driver: local
networks:
elastic:
name: elastic
driver: bridge
2) 173 개발 서버 docker-compose.yml:/opt/docker-elk/docker-compose.yml
version: '3.7'
services:
elastic02:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7
container_name: es02
environment:
- node.name=es02-node
- cluster.name=es-docker-cluster
- cluster.initial_master_nodes=es02-node,es03-node,es01-node
- discovery.seed_hosts=118.220.143.172:9300,118.220.143.173:9302
- bootstrap.memory_lock=true
#- 'ES_JAVA_OPTS=-Xms4g -Xmx4g'
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- network.host=0.0.0.0
- node.master=true
- node.data=true
- http.port=9200
#- transport.publish_port=9201
- transport.tcp.port=9301
- network.publish_host=118.220.143.173
- xpack.security.enabled=true
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.client_authentication=required
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12
- xpack.security.transport.ssl.keystore.password=todnRkd1%
- xpack.security.transport.ssl.truststore.password=todnRkd1%
- ELASTIC_PASSWORD=changeme
- path.repo=/usr/share/elasticsearch/backup
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- "~/elasticsearch/data02/data:/data"
# - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z
# - backup:/usr/share/elasticsearch/backup
extra_hosts:
- "es01:118.220.143.172"
- "es02:118.220.143.173"
- "es03:118.220.143.173"
ports:
- 9200:9200
- 9301:9301
networks:
- elastic
restart: always
elastic03:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7
container_name: es03
environment:
- node.name=es03-node
- cluster.name=es-docker-cluster
- cluster.initial_master_nodes=es03-node,es01-node,es02-node
- discovery.seed_hosts=118.220.143.172:9300,118.220.143.173:9301
- bootstrap.memory_lock=true
#- 'ES_JAVA_OPTS=-Xms4g -Xmx4g'
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- network.host=0.0.0.0
- transport.tcp.port=9302
- node.master=true
- node.data=true
- http.port=9201
#- transport.publish_port=9202
- network.publish_host=118.220.143.173
- xpack.security.enabled=true
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.client_authentication=required
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12
- xpack.security.transport.ssl.keystore.password=todnRkd1%
- xpack.security.transport.ssl.truststore.password=todnRkd1%
- ELASTIC_PASSWORD=changeme
- path.repo=/usr/share/elasticsearch/backup
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- "~/elasticsearch/data03/data:/data"
# - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z
# - backup:/usr/share/elasticsearch/backup
extra_hosts:
- "es01:118.220.143.172"
- "es02:118.220.143.173"
- "es03:118.220.143.173"
ports:
- 9201:9201
- 9302:9302
networks:
- elastic
restart: always
logstash:
image: docker.elastic.co/logstash/logstash:7.17.7
container_name: logstash7
volumes:
- ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z
- ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
ports:
- 5044:5044
- 50000:50000/tcp
- 50000:50000/udp
- 9600:9600
environment:
LS_JAVA_OPTS: -Xms256m -Xmx256m
LOGSTASH_INTERNAL_PASSWORD: changeme
networks:
- elastic
depends_on:
- elastic02
- elastic03
volumes:
data02:
driver: local
data03:
driver: local
backup:
driver: local
networks:
elastic:
name: elastic
driver: bridge