도커(docker) 설치
도커 설치
curl -fsSL https://get.docker.com/ | sudo sh사용자 docker 그룹에 추가 (sudo 없이 사용하기 위해)
sudo usermod -aG docker UserName # 재부팅하면 권한 적용됨설치 확인하기
docker versiongit 설치
패키지 리스트 업데이트
sudo apt-get install git 설치
sudo apt install git설치 확인
git --version정보 입력 (push했을때 올라갈 내 정보)
git config --global user.name [이름]
git config --global user.mail [메일 주소]ELK 스택 설치 (Github Repository 이용)
ELK 스택을 구성한 git repository를 clone하여 설치
git clone
git clone https://github.com/deviantony/docker-elk.git
cd docker-elk1. Elasticsearch
X-pack 제거(Monitoring을 제외한 대부분의 기능이 유료이므로 제거)
# vi elasticsearch/config/elasticsearch.yml
cluster.name: "docker-cluster"
network.host: 0.0.0.0한글 분석기 nori 설치
# vi elasticsearch/Dockerfile
ARG ELK_VERSION
# https://www.docker.elastic.co/
FROM docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION}
# 한글 분석기 nori 설치
RUN elasticsearch-plugin install analysis-nori2. Kibana
X-pack 제거
# vi kibana/config/kibana.yml
server.name: kibana
server.host: "0"
elasticsearch.hosts: [ "http://elasticsearch:9200" ]3. Logstach
X-pack 제거
# vi logstash/config/logstash.yml
http.host: "0.0.0.0"# vi logstash/pipeline/logstash.conf
input {
beats {
port => 5044
}
tcp {
port => 5000
}
}
# Logstash의 가공한 정보를 어디에 출력할지 설정
# 모든 데이터를 elk-%{+YYYY.MM.dd}라는 이름의 인덱스를 만들어서 Elasticsearch로 보내도록 설정
output {
elasticsearch {
hosts => "elasticsearch:9200"
index => "elk-%{+YYYY.MM.dd}"
# ID/PW 사용 X
# user => "elastic"
# password => "changeme"
}
}
4. docker-compose
ES_JAVA_OPTS 수정 (메모리 사이즈 수정)
ELASTIC PASSWORD 삭제 (비밀번호 삭제)
# vi docker-compose.yml
version: '3.2'
services:
elasticsearch:
container_name: elasticsearch #컨테이너가 이름 지정
build:
context: elasticsearch/
args:
ELK_VERSION: $ELK_VERSION
volumes:
- type: bind
source: ./elasticsearch/config/elasticsearch.yml
target: /usr/share/elasticsearch/config/elasticsearch.yml
read_only: true
- type: volume
source: elasticsearch
target: /usr/share/elasticsearch/data
ports:
- "9200:9200"
- "9300:9300"
environment:
ES_JAVA_OPTS: "-Xmx1024m -Xms1024m" # 자바 메모리 수정
# ELASTIC_PASSWORD: changeme # ID/PW 사용 X
# Use single node discovery in order to disable production mode and avoid bootstrap checks.
# see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
discovery.type: single-node
networks:
- elk
logstash:
container_name: logstash #컨테이너가 이름 지정
build:
context: logstash/
args:
ELK_VERSION: $ELK_VERSION
volumes:
- type: bind
source: ./logstash/config/logstash.yml
target: /usr/share/logstash/config/logstash.yml
read_only: true
- type: bind
source: ./logstash/pipeline
target: /usr/share/logstash/pipeline
read_only: true
ports:
- "5044:5044"
- "5000:5000/tcp"
- "5000:5000/udp"
- "9600:9600"
environment:
LS_JAVA_OPTS: "-Xmx1024m -Xmx1024m" # 자바 메모리 수정
networks:
- elk
depends_on:
- elasticsearch
kibana:
container_name: kibana #컨테이너가 이름 지정
build:
context: kibana/
args:
ELK_VERSION: $ELK_VERSION
volumes:
- type: bind
source: ./kibana/config/kibana.yml
target: /usr/share/kibana/config/kibana.yml
read_only: true
ports:
- "5601:5601"
networks:
- elk
depends_on:
- elasticsearch
networks:
elk:
driver: bridge
volumes:
elasticsearch:# vi docker-stack.yml
version: '3.3'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.11.1
ports:
- "9200:9200"
- "9300:9300"
configs:
- source: elastic_config
target: /usr/share/elasticsearch/config/elasticsearch.yml
environment:
ES_JAVA_OPTS: "-Xmx1024m -Xms1024m" # 자바 메모리 수정
# ELASTIC_PASSWORD: changeme # ID/PW 사용 X
# Use single node discovery in order to disable production mode and avoid bootstrap checks.
# see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
discovery.type: single-node
# Force publishing on the 'elk' overlay.
network.publish_host: _eth0_
networks:
- elk
deploy:
mode: replicated
replicas: 1
logstash:
image: docker.elastic.co/logstash/logstash:7.11.1
ports:
- "5044:5044"
- "5000:5000"
- "9600:9600"
configs:
- source: logstash_config
target: /usr/share/logstash/config/logstash.yml
- source: logstash_pipeline
target: /usr/share/logstash/pipeline/logstash.conf
environment:
LS_JAVA_OPTS: "-Xmx1024m -Xmx1024m" # 자바 메모리 수정
networks:
- elk
deploy:
mode: replicated
replicas: 1
kibana:
image: docker.elastic.co/kibana/kibana:7.11.1
ports:
- "5601:5601"
configs:
- source: kibana_config
target: /usr/share/kibana/config/kibana.yml
networks:
- elk
deploy:
mode: replicated
replicas: 1
configs:
elastic_config:
file: ./elasticsearch/config/elasticsearch.yml
logstash_config:
file: ./logstash/config/logstash.yml
logstash_pipeline:
file: ./logstash/pipeline/logstash.conf
kibana_config:
file: ./kibana/config/kibana.yml
networks:
elk:
driver: overlay4. 실행
docker-compose build && docker-compose up -d5.종료
docker-compose down -v6. ELK 포트 및 Kibana 접속
Elasticsearch : 9200 / 9300
Logstash : 5000 / 9600
Kibana : 5601ex) http://{ip-address}:5601/
References
🏋🏻 개인적으로 공부한 내용을 기록하고 있습니다.
잘못된 부분이 있다면 과감하게 지적해주세요!! 🏋'docker' 카테고리의 다른 글
| [docker] 도커 명령어 정리 (0) | 2021.11.23 |
|---|---|
| [docker] Ubuntu (우분투)에 docker 설치 (Feat. portainer) (0) | 2021.11.23 |
| [docker] 도커 개념 정리 (0) | 2021.11.22 |
댓글