228 lines
7.6 KiB
Plaintext
228 lines
7.6 KiB
Plaintext
|
3. elk compose
|
||
|
|
||
|
1) 172 개발 서버 docker-compose.yml::/opt/docker-test/Docker-compose.yml (개발서버에 elk버전은 7.17.7 로 설치)
|
||
|
- elastic xpack 인증서 발급 예시 https://llnote.tistory.com/681
|
||
|
- 명령어 docker-compose build && docker-compose up -d 실행
|
||
|
|
||
|
|
||
|
version: '3.7'
|
||
|
services:
|
||
|
elastic01:
|
||
|
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7
|
||
|
container_name: es01
|
||
|
environment:
|
||
|
- node.name=es01-node
|
||
|
- cluster.name=es-docker-cluster
|
||
|
- cluster.initial_master_nodes=es01-node,es02-node,es03-node
|
||
|
- discovery.seed_hosts=118.220.143.173:9301,118.220.143.173:9302
|
||
|
- bootstrap.memory_lock=true
|
||
|
#- 'ES_JAVA_OPTS=-Xms4g -Xmx4g'
|
||
|
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||
|
- network.host=0.0.0.0
|
||
|
- node.master=true
|
||
|
- node.data=true
|
||
|
# - discovery.seed_hosts: ["es01-node:9300", "es02-node:9301", "es03-node:9302"]
|
||
|
- http.port=9200
|
||
|
- transport.tcp.port=9300
|
||
|
- network.publish_host=118.220.143.172
|
||
|
- xpack.security.enabled=true
|
||
|
- xpack.security.transport.ssl.enabled=true
|
||
|
- xpack.security.transport.ssl.verification_mode=certificate
|
||
|
- xpack.security.transport.ssl.client_authentication=required
|
||
|
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
|
||
|
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12
|
||
|
- xpack.security.transport.ssl.keystore.password=todnRkd1%
|
||
|
- xpack.security.transport.ssl.truststore.password=todnRkd1%
|
||
|
- ELASTIC_PASSWORD=changeme
|
||
|
- path.repo=/usr/share/elasticsearch/backup
|
||
|
|
||
|
ulimits: #메모리 잠금을 설정
|
||
|
memlock:
|
||
|
soft: -1
|
||
|
hard: -1
|
||
|
volumes:
|
||
|
- "~/elasticsearch/data01/data:/data"
|
||
|
# - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z #인증서가 있는 경우
|
||
|
# - backup:/usr/share/elasticsearch/backup
|
||
|
ports:
|
||
|
- 9200:9200
|
||
|
- 9300:9300
|
||
|
networks:
|
||
|
- elastic
|
||
|
restart: always
|
||
|
|
||
|
logstash: #logstash 설정
|
||
|
image: docker.elastic.co/logstash/logstash:7.17.7
|
||
|
container_name: logstash7
|
||
|
volumes: #설정파일 경로
|
||
|
- ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z #설정파일:docker logstash 경로
|
||
|
- ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
|
||
|
ports:
|
||
|
- 5044:5044
|
||
|
- 50000:50000/tcp
|
||
|
- 50000:50000/udp
|
||
|
- 9600:9600
|
||
|
environment:
|
||
|
LS_JAVA_OPTS: -Xms256m -Xmx256m
|
||
|
LOGSTASH_INTERNAL_PASSWORD: changeme
|
||
|
networks:
|
||
|
- elastic
|
||
|
depends_on:
|
||
|
- elastic01
|
||
|
|
||
|
kibana:
|
||
|
image: docker.elastic.co/kibana/kibana:7.17.7
|
||
|
container_name: kibana7
|
||
|
volumes:
|
||
|
- ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml
|
||
|
ports:
|
||
|
- 5601:5601
|
||
|
restart: always
|
||
|
|
||
|
volumes:
|
||
|
data01:
|
||
|
driver: local
|
||
|
data02:
|
||
|
driver: local
|
||
|
data03:
|
||
|
driver: local
|
||
|
backup:
|
||
|
driver: local
|
||
|
|
||
|
networks:
|
||
|
elastic:
|
||
|
name: elastic
|
||
|
driver: bridge
|
||
|
|
||
|
2) 173 개발 서버 docker-compose.yml:/opt/docker-elk/docker-compose.yml
|
||
|
version: '3.7'
|
||
|
services:
|
||
|
elastic02:
|
||
|
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7
|
||
|
container_name: es02
|
||
|
environment:
|
||
|
- node.name=es02-node
|
||
|
- cluster.name=es-docker-cluster
|
||
|
- cluster.initial_master_nodes=es02-node,es03-node,es01-node
|
||
|
- discovery.seed_hosts=118.220.143.172:9300,118.220.143.173:9302
|
||
|
- bootstrap.memory_lock=true
|
||
|
#- 'ES_JAVA_OPTS=-Xms4g -Xmx4g'
|
||
|
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||
|
- network.host=0.0.0.0
|
||
|
- node.master=true
|
||
|
- node.data=true
|
||
|
- http.port=9200
|
||
|
#- transport.publish_port=9201
|
||
|
- transport.tcp.port=9301
|
||
|
- network.publish_host=118.220.143.173
|
||
|
- xpack.security.enabled=true
|
||
|
- xpack.security.transport.ssl.enabled=true
|
||
|
- xpack.security.transport.ssl.verification_mode=certificate
|
||
|
- xpack.security.transport.ssl.client_authentication=required
|
||
|
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
|
||
|
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12
|
||
|
- xpack.security.transport.ssl.keystore.password=todnRkd1%
|
||
|
- xpack.security.transport.ssl.truststore.password=todnRkd1%
|
||
|
- ELASTIC_PASSWORD=changeme
|
||
|
- path.repo=/usr/share/elasticsearch/backup
|
||
|
|
||
|
ulimits:
|
||
|
memlock:
|
||
|
soft: -1
|
||
|
hard: -1
|
||
|
volumes:
|
||
|
- "~/elasticsearch/data02/data:/data"
|
||
|
# - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z
|
||
|
# - backup:/usr/share/elasticsearch/backup
|
||
|
extra_hosts:
|
||
|
- "es01:118.220.143.172"
|
||
|
- "es02:118.220.143.173"
|
||
|
- "es03:118.220.143.173"
|
||
|
ports:
|
||
|
- 9200:9200
|
||
|
- 9301:9301
|
||
|
networks:
|
||
|
- elastic
|
||
|
restart: always
|
||
|
|
||
|
elastic03:
|
||
|
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7
|
||
|
container_name: es03
|
||
|
environment:
|
||
|
- node.name=es03-node
|
||
|
- cluster.name=es-docker-cluster
|
||
|
- cluster.initial_master_nodes=es03-node,es01-node,es02-node
|
||
|
- discovery.seed_hosts=118.220.143.172:9300,118.220.143.173:9301
|
||
|
- bootstrap.memory_lock=true
|
||
|
#- 'ES_JAVA_OPTS=-Xms4g -Xmx4g'
|
||
|
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||
|
- network.host=0.0.0.0
|
||
|
- transport.tcp.port=9302
|
||
|
- node.master=true
|
||
|
- node.data=true
|
||
|
- http.port=9201
|
||
|
#- transport.publish_port=9202
|
||
|
- network.publish_host=118.220.143.173
|
||
|
- xpack.security.enabled=true
|
||
|
- xpack.security.transport.ssl.enabled=true
|
||
|
- xpack.security.transport.ssl.verification_mode=certificate
|
||
|
- xpack.security.transport.ssl.client_authentication=required
|
||
|
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
|
||
|
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12
|
||
|
- xpack.security.transport.ssl.keystore.password=todnRkd1%
|
||
|
- xpack.security.transport.ssl.truststore.password=todnRkd1%
|
||
|
- ELASTIC_PASSWORD=changeme
|
||
|
- path.repo=/usr/share/elasticsearch/backup
|
||
|
|
||
|
ulimits:
|
||
|
memlock:
|
||
|
soft: -1
|
||
|
hard: -1
|
||
|
volumes:
|
||
|
- "~/elasticsearch/data03/data:/data"
|
||
|
# - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z
|
||
|
# - backup:/usr/share/elasticsearch/backup
|
||
|
extra_hosts:
|
||
|
- "es01:118.220.143.172"
|
||
|
- "es02:118.220.143.173"
|
||
|
- "es03:118.220.143.173"
|
||
|
ports:
|
||
|
- 9201:9201
|
||
|
- 9302:9302
|
||
|
networks:
|
||
|
- elastic
|
||
|
restart: always
|
||
|
|
||
|
logstash:
|
||
|
image: docker.elastic.co/logstash/logstash:7.17.7
|
||
|
container_name: logstash7
|
||
|
volumes:
|
||
|
- ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z
|
||
|
- ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
|
||
|
ports:
|
||
|
- 5044:5044
|
||
|
- 50000:50000/tcp
|
||
|
- 50000:50000/udp
|
||
|
- 9600:9600
|
||
|
environment:
|
||
|
LS_JAVA_OPTS: -Xms256m -Xmx256m
|
||
|
LOGSTASH_INTERNAL_PASSWORD: changeme
|
||
|
networks:
|
||
|
- elastic
|
||
|
depends_on:
|
||
|
- elastic02
|
||
|
- elastic03
|
||
|
|
||
|
volumes:
|
||
|
data02:
|
||
|
driver: local
|
||
|
data03:
|
||
|
driver: local
|
||
|
backup:
|
||
|
driver: local
|
||
|
|
||
|
networks:
|
||
|
elastic:
|
||
|
name: elastic
|
||
|
driver: bridge
|