3. elk compose 1) 172 개발 서버 docker-compose.yml::/opt/docker-test/Docker-compose.yml (개발서버에 elk버전은 7.17.7 로 설치) - elastic xpack 인증서 발급 예시 https://llnote.tistory.com/681 - 명령어 docker-compose build && docker-compose up -d 실행 version: '3.7' services: elastic01: image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7 container_name: es01 environment: - node.name=es01-node - cluster.name=es-docker-cluster - cluster.initial_master_nodes=es01-node,es02-node,es03-node - discovery.seed_hosts=118.220.143.173:9301,118.220.143.173:9302 - bootstrap.memory_lock=true #- 'ES_JAVA_OPTS=-Xms4g -Xmx4g' - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - network.host=0.0.0.0 - node.master=true - node.data=true # - discovery.seed_hosts: ["es01-node:9300", "es02-node:9301", "es03-node:9302"] - http.port=9200 - transport.tcp.port=9300 - network.publish_host=118.220.143.172 - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.client_authentication=required - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.keystore.password=todnRkd1% - xpack.security.transport.ssl.truststore.password=todnRkd1% - ELASTIC_PASSWORD=changeme - path.repo=/usr/share/elasticsearch/backup ulimits: #메모리 잠금을 설정 memlock: soft: -1 hard: -1 volumes: - "~/elasticsearch/data01/data:/data" # - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z #인증서가 있는 경우 # - backup:/usr/share/elasticsearch/backup ports: - 9200:9200 - 9300:9300 networks: - elastic restart: always logstash: #logstash 설정 image: docker.elastic.co/logstash/logstash:7.17.7 container_name: logstash7 volumes: #설정파일 경로 - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z #설정파일:docker logstash 경로 - ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z ports: - 5044:5044 - 50000:50000/tcp - 50000:50000/udp - 9600:9600 environment: LS_JAVA_OPTS: -Xms256m -Xmx256m LOGSTASH_INTERNAL_PASSWORD: changeme networks: - elastic depends_on: - elastic01 kibana: image: docker.elastic.co/kibana/kibana:7.17.7 container_name: kibana7 volumes: - ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml ports: - 5601:5601 restart: always volumes: data01: driver: local data02: driver: local data03: driver: local backup: driver: local networks: elastic: name: elastic driver: bridge 2) 173 개발 서버 docker-compose.yml:/opt/docker-elk/docker-compose.yml version: '3.7' services: elastic02: image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7 container_name: es02 environment: - node.name=es02-node - cluster.name=es-docker-cluster - cluster.initial_master_nodes=es02-node,es03-node,es01-node - discovery.seed_hosts=118.220.143.172:9300,118.220.143.173:9302 - bootstrap.memory_lock=true #- 'ES_JAVA_OPTS=-Xms4g -Xmx4g' - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - network.host=0.0.0.0 - node.master=true - node.data=true - http.port=9200 #- transport.publish_port=9201 - transport.tcp.port=9301 - network.publish_host=118.220.143.173 - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.client_authentication=required - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.keystore.password=todnRkd1% - xpack.security.transport.ssl.truststore.password=todnRkd1% - ELASTIC_PASSWORD=changeme - path.repo=/usr/share/elasticsearch/backup ulimits: memlock: soft: -1 hard: -1 volumes: - "~/elasticsearch/data02/data:/data" # - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z # - backup:/usr/share/elasticsearch/backup extra_hosts: - "es01:118.220.143.172" - "es02:118.220.143.173" - "es03:118.220.143.173" ports: - 9200:9200 - 9301:9301 networks: - elastic restart: always elastic03: image: docker.elastic.co/elasticsearch/elasticsearch:7.17.7 container_name: es03 environment: - node.name=es03-node - cluster.name=es-docker-cluster - cluster.initial_master_nodes=es03-node,es01-node,es02-node - discovery.seed_hosts=118.220.143.172:9300,118.220.143.173:9301 - bootstrap.memory_lock=true #- 'ES_JAVA_OPTS=-Xms4g -Xmx4g' - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - network.host=0.0.0.0 - transport.tcp.port=9302 - node.master=true - node.data=true - http.port=9201 #- transport.publish_port=9202 - network.publish_host=118.220.143.173 - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.client_authentication=required - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.keystore.password=todnRkd1% - xpack.security.transport.ssl.truststore.password=todnRkd1% - ELASTIC_PASSWORD=changeme - path.repo=/usr/share/elasticsearch/backup ulimits: memlock: soft: -1 hard: -1 volumes: - "~/elasticsearch/data03/data:/data" # - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:Z # - backup:/usr/share/elasticsearch/backup extra_hosts: - "es01:118.220.143.172" - "es02:118.220.143.173" - "es03:118.220.143.173" ports: - 9201:9201 - 9302:9302 networks: - elastic restart: always logstash: image: docker.elastic.co/logstash/logstash:7.17.7 container_name: logstash7 volumes: - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z - ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z ports: - 5044:5044 - 50000:50000/tcp - 50000:50000/udp - 9600:9600 environment: LS_JAVA_OPTS: -Xms256m -Xmx256m LOGSTASH_INTERNAL_PASSWORD: changeme networks: - elastic depends_on: - elastic02 - elastic03 volumes: data02: driver: local data03: driver: local backup: driver: local networks: elastic: name: elastic driver: bridge