零、参考链接

elk安装

https://www.elastic.co/guide/en/elasticsearch/reference/6.4/docker.html#docker-cli-run-prod-mode

https://github.com/elastic/kibana-docker/tree/6.4

https://www.elastic.co/guide/en/kibana/current/docker.html


zabbix安装

https://www.zabbix.com/documentation/3.4/zh/manual/installation/containers

https://github.com/zabbix/zabbix-docker


一、安装elk

docker安装参见《centos7.2 docker安装》

docker-compose安装参见《centos7.2 docker-compose安装》

1、下载ELK镜像

# 需要配置阿里的docker加速,否则会链接超时
$ docker pull docker.elastic.co/elasticsearch/elasticsearch:6.4.0
$ docker pull docker.elastic.co/kibana/kibana:6.4.2
$ docker pull docker.elastic.co/elasticsearch/elasticsearch:6.4.2
$ docker pull docker.elastic.co/logstash/logstash:6.4.2
$ docker pull docker.elastic.co/kibana/kibana:6.4.2
$ docker pull grafana/grafana:latest

# 我们使用docker-compose启动容器。如果直接运行容器,命令如下:
# 例  启动elasticsearch
$  docker run -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:6.4.0

为了持久存储,创建本地路径,挂载到容器中
$ mkdir -p /opt/elk/elasticsearch/data1
$ mkdir -p /opt/elk/elasticsearch/data2
$ mkdir -p /opt/elk/logstash/conf.d
$ mkdir -p /opt/elk/logstash/log
$ mkdir -p /opt/elk/grafana/data1


2、docker-compose启动

1)编辑docker-composh配置文件

# 指定容器网络,否则启动后会自动配置一个172.17.0.0/16网络
# 创建两个elasticsearch node
$ mkdir elasticsearch
$ cd elasticsearch
$ vim docker-compose.yml
version: '2'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.4.2
    volumes:
      - /opt/elk/elasticsearch/data1:/usr/share/elasticsearch/data
    environment:
      - cluster.name=elk-cluster
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    container_name: elasticsearch
    hostname: elasticsearch
    ulimits:
      memlock:
        soft: -1
        hard: -1
    ports:
      - 9200:9200
      - 9300:9300
    networks: [elastic]
  elasticsearch2:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.4.2
    volumes:
      - /opt/elk/elasticsearch/data2:/usr/share/elasticsearch/data
    environment:
      - cluster.name=elk-cluster
      - "discovery.zen.ping.unicast.hosts=elasticsearch"
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    container_name: elasticsearch2
    hostname: elasticsearch2
    ulimits:
      memlock:
        soft: -1
        hard: -1
    networks: [elastic]

  logstash:
    image: docker.elastic.co/logstash/logstash:6.4.2
    command: logstash -f /etc/logstash/conf.d/logstash.conf
    volumes:
      #- /opt/elk/logstash/conf.d:/etc/logstash/conf.d
      - /opt/elk/logstash/conf.d:/usr/share/logstash/pipelin
      - /opt/elk/logstash/log:/tmp
    container_name: logstash
    hostname: logstash
    environment:
      - cluster.name=elk-cluster
    depends_on:
      - elasticsearch
    ports:
      - "7001-7005:7001-7005"
      - "4567:4567"
    networks: [elastic]
   
  kibana:
    image: docker.elastic.co/kibana/kibana:6.4.2
    container_name: kibana
    hostname: kibana
    environment:
      - cluster.name=elk-cluster
    depends_on:
      - elasticsearch
    ports:
      - 5601:5601
    networks: [elastic]

  grafana:
    image: grafana/grafana:latest
    volumes:
      - /opt/elk/grafana/data1:/var/lib/grafana
    container_name: grafana
    hostname: grafana
    environment:
      - cluster.name=elk-cluster
    ports:
      - 3000:3000
    networks: [elastic]

networks:
  elastic:
    driver: bridge
    ipam:
     config:
     - subnet: 10.10.1.0/24
       gateway: 10.10.1.2


2)启动容器

$ docker-compose up
# 停止   docker-compose down
# 彻底删除(包括volume)   docker-compos down -v 

报错:
elasticsearch2    |
 [2018-09-26T09:52:29,998][INFO ][o.e.b.BootstrapChecks    ] [9KXjsdu] 
bound or publishing to a non-loopback address, enforcing bootstrap 
checks
elasticsearch2    | ERROR: [1] bootstrap checks failed
elasticsearch2    | [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

解决:
$ vim /etc/sysctl.conf
    vm.max_map_count=262144

$ sysctl -w vm.max_map_count=262144
查看是否修改 sysctl -a |grep vm.max_map_count


# 启动两个elasticsearch node,grafana, kibana, logstash。
# 这里logstash没有正常启动,还未查找原因 ??


3) 确认服务是否启动

$ docker ps 
$ curl http://127.0.0.1:9200/_cat/health
1538013520 01:58:40 docker-cluster green 2 2 0 0 0 0 0 0 - 100.0%


二、安装zabbix

1) 下载zabbix镜像

# 这里不部署proxy
$ docker pull zabbix/zabbix-web-nginx-mysql:centos-4.0-latest
$ zabbix/zabbix-agent:centos-4.0-latest
$ zabbix/zabbix-server-mysql:centos-4.0-latest


2)创建环境变量文件

# 参考zabbix官方github
$ mkdir zabbix
$ cd zabbix
$ mkdir zbx_env/var/lib/mysql

$ vim .env_db_mysql
MYSQL_USER=zabbix
MYSQL_PASSWORD=zabbix
MYSQL_ROOT_PASSWORD=root_pwd
MYSQL_DATABASE=zabbix

$ vim  .env_srv
ZBX_JAVAGATEWAY_ENABLE=true


3)docker-compose启动

$ vim docker-compose.yml
version: '3.5'
services:
mysql-server:
   image: mysql:5.7
   command: [mysqld, --character-set-server=utf8, --collation-server=utf8_bin]
   volumes:
    - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw
   env_file:
    - .env_db_mysql
   user: root
   stop_grace_period: 1m
   networks:
    zbx_net:
     aliases:
      - mysql-server
                          
zabbix-server:
  image: zabbix/zabbix-server-mysql:centos-4.0-latest
  ports:
   - "10051:10051"
  links:
   - mysql-server:mysql-server
  ulimits:
   nproc: 65535
   nofile:
    soft: 20000
    hard: 40000
  deploy:
   resources:
    limits:
      cpus: '0.70'
      memory: 1G
    reservations:
      cpus: '0.5'
      memory: 512M
  env_file:
   - .env_db_mysql
   - .env_srv
  user: root
  depends_on:
   - mysql-server
  networks:
   zbx_net:
    aliases:
     - zabbix-server
  stop_grace_period: 30s
  sysctls:
   - net.ipv4.ip_local_port_range=1024 65000
   - net.ipv4.conf.all.accept_redirects=0
   - net.ipv4.conf.all.secure_redirects=0
   - net.ipv4.conf.all.send_redirects=0
  labels:
   com.zabbix.description: "Zabbix server with MySQL database support"
com.zabbix.company: "Zabbix SIA"
com.zabbix.component: "zabbix-server"
   com.zabbix.dbtype: "mysql"
   com.zabbix.os: "centos"

zabbix-web-nginx-mysql:
  image: zabbix/zabbix-web-nginx-mysql:centos-4.0-latest
  ports:
   - "8081:80"
   - "8443:443"
  links:
   - mysql-server:mysql-server
   - zabbix-server:zabbix-server
  deploy:
   resources:
    limits:
      cpus: '0.70'
      memory: 512M
    reservations:
      cpus: '0.5'
      memory: 256M
  env_file:
   - .env_db_mysql
   - .env_web
  user: root
  depends_on:
   - mysql-server
   - zabbix-server
  healthcheck:
   test: ["CMD", "curl", "-f", "http://localhost"]
   interval: 10s
   timeout: 5s
   retries: 3
   start_period: 30s
  networks:
   zbx_net:
    aliases:
     - zabbix-web-nginx
  stop_grace_period: 10s
  stop_grace_period: 10s
  sysctls:
   - net.core.somaxconn=65535
  labels:
   com.zabbix.description: "Zabbix frontend on Nginx web-server with MySQL database support"
com.zabbix.company: "Zabbix SIA"
com.zabbix.component: "zabbix-frontend"
   com.zabbix.webserver: "nginx"
   com.zabbix.dbtype: "mysql"
   com.zabbix.os: "centos"

zabbix-agent:
  image: zabbix/zabbix-agent:centos-4.0-latest
  ports:
   - "10050:10050"
  links:
   - zabbix-server:zabbix-server
  deploy:
   resources:
    limits:
      cpus: '0.2'
      memory: 128M
    reservations:
      cpus: '0.1'
      memory: 64M
   mode: global
  env_file:
   - .env_agent
  user: root
  privileged: true
  pid: "host"
  networks:
   #zbx_net_backend:
   zbx_net:
    aliases:
     - zabbix-agent
  stop_grace_period: 5s
  labels:
   com.zabbix.description: "Zabbix agent"
com.zabbix.company: "Zabbix SIA"
com.zabbix.component: "zabbix-agentd"
   com.zabbix.os: "centos"

networks:
  zbx_net:
    driver: bridge
    ipam:
      config:
      - subnet: 10.10.202.0/24
      
      
$ 
docker-compose up


4)测试zabbix api

$ curl -i -X POST -H 'Content-type:application/json' -d '
{"jsonrpc":"2.0","method":"user.login","params":
    { 
    "user":"Admin","password":"zabbix"
    },"auth":null,"id":0
}' 
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Oct 2018 06:46:31 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST
Access-Control-Max-Age: 1000

{"jsonrpc":"2.0","result":"f7de1d2d81b2af6f59c0c0315efe9489","id":0}


5)zabbix配置agent监控

# ip为agent container的ip

# 查看容器IP:docker inspect containerID

docker部署ELK、grafana、zabbix_zabbix

三、配置

1)kibana页面添加filebeat-6.4.2-*索引

# 查看索引
$ curl 'localhost:9200/_cat/indices?v'
health status index                     uuid                   pri rep docs.count docs.deleted store.size pri.store.size
green  open   .kibana                   jPYo91jORcqJV×××dQBz5g   1   0          2            0     27.3kb         27.3kb
yellow open   filebeat-6.4.2-2018.10.08 lLxqsZkdTn2BvPt8XOvLEw   3   1         86            0     32.2kb         32.2kb
yellow open   filebeat-6.4.2-2018.10.09 bdthCbExR869hGNyHf0pTw   3   1        150            0    117.8kb        117.8kb
yellow open   filebeat-6.4.2-2018.10.13 uM0FOXVGSUGfsD1YsvDBHA   3   1        146            0      117kb          117kb
yellow open   filebeat-6.4.2-2018.10.10 IpTJYhBJT5WcbBS6iJHyKA   3   1        155            0      137kb          137kb
yellow open   filebeat-6.4.2-2018.10.12 FFhNJ-PDSGO1zF_3sqJARw   3   1        877            0    214.9kb        214.9kb
yellow open   filebeat-6.4.2-2018.10.15 PQ13ujeqRbWaQ1SBpqLJzQ   3   1        170            0    158.4kb        158.4kb
yellow open   filebeat-6.4.2-2018.10.11 1uVupWcOQmCBTQBeUBxUgQ   3   1        164            0     82.9kb         82.9kb
yellow open   filebeat-6.4.2-2018.10.16 u-lMBFGETvu47GvppV7uvA   3   1         24            0     85.3kb         85.3kb
yellow open   filebeat-6.4.2-2018.10.14 Pe4ulKddTV-eHaY9Gl3wIw   3   1        146            0      116kb          116kb


2)grafana配置elk数据源

docker部署ELK、grafana、zabbix_zabbix_02docker部署ELK、grafana、zabbix_grafana_03


3)grafana配置zabbix数据源 

# 配置之前需要安装plugin,参考《grafana配置zabbix》

docker部署ELK、grafana、zabbix_zabbix_02docker部署ELK、grafana、zabbix_grafana_05