一、docker、docker-compose环境安装
二、构建容器
1、编写docker-compose.yml
version: '3'
services:
elasticsearch:
image: elasticsearch:7.17.3
container_name: elasticsearch
environment:
- "cluster.name=elasticsearch" #设置集群名称为elasticsearch
- "discovery.type=single-node" #以单一节点模式启动
- "ES_JAVA_OPTS=-Xms512m -Xmx512m" #设置使用jvm内存大小
volumes:
#- /opt/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml #插件文件挂载
- /opt/elasticsearch/plugins:/usr/share/elasticsearch/plugins #插件文件挂载
- /opt/elasticsearch/data:/usr/share/elasticsearch/data #数据文件挂载
ports:
- 9200:9200
- 9300:9300
networks:
- elk
kibana:
image: kibana:7.17.3
container_name: kibana
links:
- elasticsearch:es #可以用es这个域名访问elasticsearch服务
depends_on:
- elasticsearch #kibana在elasticsearch启动之后再启动
environment:
- "elasticsearch.hosts=http://es:9200" #设置访问elasticsearch的地址
ports:
- 5601:5601
networks:
- elk
logstash:
image: logstash:7.17.3
container_name: logstash
volumes:
- /opt/logstash/logstash.conf:/usr/share/logstash/pipeline/logstash.conf #挂载logstash的配置文件
depends_on:
- elasticsearch #kibana在elasticsearch启动之后再启动
links:
- elasticsearch:es #可以用es这个域名访问elasticsearch服务
ports:
- 4560:4560
networks:
- elk
networks:
elk:2、编写/opt/logstash/logstash.conf文件(与docker-compose.yml里对应,可自行更改)
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => 4560
codec => json_lines
}
}
output {
elasticsearch {
hosts => "es:9200"
index => "fincourt-logs-%{type}-%{+YYYY.MM.dd}"
}
}三、运行docker-compose.yml
1、运行elk
chmod 777 elasticsearch/data
#安装 elk
docker-compose up -d
#完成后查看容器
docker ps2、安装logstash插件
docker exec -it logstash /bin/bash -c "cd /bin && logstash-plugin install logstash-codec-json_lines"
docker restart logstash四、springboot项目接入
1、在项目中pom.xml添加logstash-logback-encoder依赖
<dependency>
<groupId>net.logstash.logback</groupId>
<artifactId>logstash-logback-encoder</artifactId>
<version>4.11</version>ba
</dependency>2、配置logback-spring.xml,并启动项目
<!--输出到logstash的appender,{ip:端口}可在nacos中配置再在此读取,具体Ip和端口根据宿主机安装的logstash决定-->
<appender name="LOGSTASH" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
<destination>192.168.1.149:4560</destination>
<encoder charset="UTF-8" class="net.logstash.logback.encoder.LogstashEncoder" />
</appender>
<!--系统操作日志-->
<root level="info">
<appender-ref ref="file_info" />
<appender-ref ref="file_error" />
<appender-ref ref="LOGSTASH"/> <!--输出到logstash-->五、访问Kibana界面
1、初始化index
六、设置ELK账号密码访问
1、elasticsearch配置
xpack.security.enabled: true重启再进入
docker restart elasticsearch
docker exec -it elasticsearch bash
#进入安装目录,为内置账号生成密码(自建)
/opt/elasticsearch/bin/elasticsearch-setup-passwords interactive
#进入安装目录,为内置账号生成密码(自动)
#/opt/elasticsearch/bin/elasticsearch-setup-passwords auto2、修改kibana
#停掉kibana,修改kibana的配置文件vim /opt/kibana/confif/kibana.yml,在结尾追加以下内容
kibana.index: ".kibana"
elasticsearch.username: "kibana"
elasticsearch.password: "Qs@123456"3、修改logstash
vi /opt/logstash/logstash.conf
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => 4560
codec => json_lines
}
}
output {
elasticsearch {
hosts => "es:9200"
index => "springboot-logs-%{projectName}-%{+YYYY.MM.dd}"
user => "elastic"
password => "Qs@123456"
}
}本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
