文章目录
- Elasticsearch7.2.1 部署docker
-
- 安装docker
- 安装docker-compose 单机容器编排工具
- 安装es7
- 安装kibana
- docker环境下es和kibana权限认证
- 安装logstash
Elasticsearch7.2.1 部署docker
安装docker
1.uname -a 查看当前系统版本
其中:
uname -r:发行版号 3.10
3.10.0-693.2.2.el7.x86_64
uname -v: 内核编译日期
#1 SMP Tue Sep 12 22:26:13 UTC 2017
uname -o:操作系统
GNU/Linux
2.yum -y install docker 下载安装docker 或者sudo wget -qO- https://get.docker.com | sh 下载最新版本
运行docker version查看docker版本
3.启动docker服务 service docker start
docker info查看docker存储位置
docker ps 查看是否有docker进程
Docker常用命令:
docker logs -f 容器名 查看日志
docker images 查看镜像文件
docker ps 查看正在运行的容器
docker ps –a 查看所有的容器
docker stop CONTAINER_ID 停止容器
docker container exec -it f0b1c8ab3633 /bin/bash 进入到容器
exit 退出
docker version 查看版本
docker run -d -p 81:80 nginx 启动nginx容器
docker rmi imgageid 删除镜像
docker rm 容器id 删除容器
docker volumes ls 查看所有volume存储名称
docker volumes inspect volumeName 查看指定存储名称的路径
安装docker-compose 单机容器编排工具
1.linux安装
curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
2.Apply executable permissions to the binary:应用(可执行)的权限 即戴绿帽
chmod +x /usr/local/bin/docker-compose
chmod a+x和chmod +x 一致
u代表用户,g代表用户组,o代表其他,a代表所有
查看版本 $ docker-compose --version
docker-compose version 1.24.1, build 1110ad01
3. 创建软链接 相当于windows的快捷方式
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
/usr/bin下存在以下快捷方式
docker-compose -> /usr/local/bin/docker-compose
- 启动
docker-compose up & 后台启动 若配置文件修改了会重建容器,没有持久化的修改丢失
docker-compose -f es.yml up & 指定别名-f
停止:
docker-compose down 删除所有容器
docker-compose stop 停止所有容器
docker-compose stop 容器名 service 如es01和es02
注意:
max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
vm.max_map_count kernel setting needs to be set to at least 262144
故而sysctl -w vm.max_map_count=262144 即/etc/sysctl.conf文件下新增这一条
sysctl -p使其生效
安装es7
1.拉取镜像
docker pull docker.elastic.co/elasticsearch/elasticsearch:7.2.1
2.运行es
docker run --name es7 -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:7.2.1
--name es7将这个容器命名es7
起名之后 docker restart es7 容器的重启通过自定义的命名进行操作
-p 9200:9200 将宿主端口映射到Docker容器中的9200端口 此时可访问容器中的es服务 主机:容器
3.修改配置
max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
查看集群状态:
curl http://127.0.0.1:9200/_cat/health
查看所有结点:
curl http://127.0.0.1:9200/_cat/nodes
修改容器的配置文件:
docker exec -it es01[容器名] bash
vi config/elasticsearch.yml
exit退出容器
安装kibana
1.拉取镜像
docker pull docker.elastic.co/kibana/kibana:7.2.1
设置配置:
通过环境变量设置 优先使用环境变量
services:
kibana:
image: docker.elastic.co/kibana/kibana:7.2.1
environment:
SERVER_NAME: kibana.example.org # 默认kibana
ELASTICSEARCH_URL: http://elasticsearch.example.org # 默认localhost:9200
绑定配置:
services:
kibana:
image: docker.elastic.co/kibana/kibana:7.2.1
volumes:
- ./kibana.yml:/usr/share/kibana/config/kibana.yml
docker环境下es和kibana权限认证
修改docker-compose
version: '2.2'
services:
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.2.1
container_name: es01
environment:
- node.name=es01
- discovery.seed_hosts=es02
- cluster.initial_master_nodes=es01,es02
- cluster.name=docker-cluster
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- esdata01:/usr/share/elasticsearch/data
- esconfig01:/usr/share/elasticsearch/config
ports:
- 9200:9200
networks:
- esnet
es02:
image: docker.elastic.co/elasticsearch/elasticsearch:7.2.1
container_name: es02
environment:
- node.name=es02
- discovery.seed_hosts=es01
- cluster.initial_master_nodes=es01,es02
- cluster.name=docker-cluster
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- esdata02:/usr/share/elasticsearch/data
- esconfig02:/usr/share/elasticsearch/config
networks:
- esnet
kibana:
image: docker.elastic.co/kibana/kibana:7.2.1
container_name: kibana
environment:
SERVER_NAME: kibana
ELASTICSEARCH_HOSTS: http://对外ip:9200
ELASTICSEARCH_URL: http://对外ip:9200
ports:
- 5601:5601
volumes:
- kibana:/usr/share/kibana/config
volumes:
esdata01:
driver: local
esdata02:
driver: local
esconfig01:
driver: local
esconfig02:
driver: local
kibana:
driver: local
networks:
esnet:
es:7.2.1利用x-pack进行权限认证
首先生成证书
docker-compose up es01& 开启容器
docker exec -it es01 bash 进入容器
再执行
bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""
前提是volumes同步了config文件下的证书
修改配置文件
在master结点下的config下elasticsearch.yml配置文件中添加如下配置
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
然后重新启动
设置密码
bin/elasticsearch-setup-passwords interactive # auto 自动设置密码,interactive手动设置密码
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
同步集群其他结点:
将证书和以下配置同步到其他结点的config文件夹下
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
最后重启所有结点
此时访问9200需要认证
设置kibana:
修改配置文件kibana.yml
elasticsearch.username: "kibana"
elasticsearch.password: "你设置的密码"
此时访问kibana
安装logstash
1.拉取镜像
docker pull docker.elastic.co/logstash/logstash:7.2.1