Mirroring ready
[root@root ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest bb776ce48575 2 days ago 109MB
logstash latest 33c2b80b5322 5 months ago 653MB
kibana latest a674d23325b0 6 months ago 388MB
elasticsearch latest 5acf0e8da90b 6 months ago 486MB
[root@root ~]#
Open Linux system Rsyslog Service
- Rsyslog service to modify configuration files
set the following three parameters
$ModLoad imtcp
$InputTCPServerRun 514
*.* @@localhost:4560
- Restart rsyslog service
systemctl restart rsyslog
- View rsyslog service startup state
netstat -lnt
Service deployment elasticsearch
docker run -d -p 9200:9200 -v ~/elasticsearch/data:/usr/share/elasticsearch/data --name elasticsearch elasticsearch
Service deployment logstash
- Add ~ / logstash / logstash.conf configuration file as follows:
input {
syslog {
type => "rsyslog"
port => 4560
}
}
output {
elasticsearch {
hosts => [ "elasticsearch:9200" ]
}
}
We let out Logstash configuration application log data from the local Rsyslog service, and then forwarded to the ElasticSearch database!
- After configuration is complete, the container may be initiated by a command Logstash
docker run -d -p 4560:4560 \
-v ~/logstash/logstash.conf:/etc/logstash.conf \
--link elasticsearch:elasticsearch \
--name logstash logstash \
logstash -f /etc/logstash.conf
Service deployment kibana
docker run -d -p 5601:5601 \
--link elasticsearch:elasticsearch \
-e ELASTICSEARCH_URL=http://elasticsearch:9200 \
--name kibana kibana
Nginx started to produce container logs
docker run -d -p 90:80 --log-driver syslog --log-opt \
syslog-address=tcp://localhost:514 \
--log-opt tag="nginx" --name nginx nginx
verification
- Open your browser home page to generate many visits to nginx GET request
- Open Kibana visual interface: localhost: 5601
