Use docker build elk

mkdir -p /mydata/elasticsearch/config
mkdir -p /mydata/elasticsearch/data

echo "http.host: 0.0.0.0">>/mydata/elasticsearch/config/elasticsearch.yml

docker pull elasticsearch:5.6.11

docker run --name elasticsearch -p 9200:9200 -p 9300:9300 \
-e "discovery.type=single-node" \
-e "ES_JAVA_OPTS=-Xms256m -Xmx256m" \
/mydata/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/ -v elasticsearch.yml \
 -v / mydata / elasticsearch / the Data: / usr / report this content share / elasticsearch / the Data \
 -d elasticsearch: 5.6 . 11 

Docker PS 


9200 : HTTP RESTful interfaces
 9300 : elasticsearch cluster internal communication interface 


# set the initial memory and maximum memory
 -e " ES_JAVA_OPTS = -Xms256m-Xmx256m- " 

as Free - m

 =============== logstash ======================== ====== 
mkdir -p / mydata / logstash / 

cd / mydata / logstash / 

vim logstash.conf 

the INPUT { 
    TCP { 
        #host =>"192.168.95.128"
        port => 4560
        codec => json_lines
    }
} 
output {
     stdout {
        codec => rubydebug
     }
     elasticsearch {
        #action => "index"
        hosts => ["192.168.20.130:9200"]
        index => "applog"
     }
}

docker pull logstash:5.6.15
 
docker run -d -p 4560 : 4560 \
 -v /mydata/logstash/logstash.conf:/etc/ logstash.conf \
 - Link elasticsearch: elasticsearch \
 --name logstash logstash: 5.6 . 15 \ 
logstash -f / etc / logstash.conf 

# installation plug 
Docker Exec -it logstash / bin / bash 
cd / usr / report this content share / logstash / bin (do not know to use the directory to find whereis logstash) 
logstash -plugin List | grep json_lines (If you do not find json_lines, perform the following installation) 
logstash -plugin install codec--logstash json_lines


 ===================== kibana ======================= 
# necessarily correspond with elasticsearch version
pull kibana Docker:5.6 . 11 

Docker RUN -p 5601 : 5601 - name kibana \
 - Link elasticsearch: elasticsearch \
 -e ELASTICSEARCH_URL = HTTP: // 192.168.20.130:9200 \ 
-d kibana: 5.6 . 11 



# container at startup 
docker update ID --restart = Always 



Docker all the containers start command 
Docker $ start (PS Docker -a | awk ' {}. 1 Print $ ' | tail -n + 2 ) 

Docker in order to close all containers 
Docker STOP $ (Docker PS - A | awk ' {}. 1 Print $' | tail -n +2 ) 

Docker remove all containers command 
Docker RM $ (Docker PS -a | awk ' {Print $. 1} ' | tail -n + 2 ) 

Docker remove all mirror 
Docker RMI $ (Docker Images | awk ' {Print $. 3 } ' | tail -n + 2 ) 

tail -n + 2 indicates the start of reading from the second row
Use docker build elk

Guess you like
