1. 首页
  2. IT资讯

搭建ELK容器化,so easy

“u003Cpu003E对于熟悉ELK的技术人员来说,ELK的搭建过程是相对比较繁琐。容器化搭建ELK 可以让复杂的事情简单化.u003Cu002Fpu003Eu003Cpu003E架构简图如下:u003Cu002Fpu003Eu003Cdiv class=”pgc-img”u003Eu003Cimg src=”http:u002Fu002Fp1.pstatp.comu002Flargeu002Fpgc-imageu002F2a1efa21138e4807a6396999e8e33a31″ img_width=”702″ img_height=”126″ alt=”搭建ELK容器化,so easy” inline=”0″u003Eu003Cp class=”pgc-img-caption”u003Eu003Cu002Fpu003Eu003Cu002Fdivu003Eu003Ch1 class=”pgc-h-arrow-right”u003Edocker宿主机操作u003Cu002Fh1u003Eu003Cpu003Eu003Cstrongu003E安装dockeru003Cu002Fstrongu003Eu003Cu002Fpu003Eu003Cpreu003E[root@docker ~]# wget https:u002Fu002Fmirrors.aliyun.comu002Fdocker-ceu002Flinuxu002Fcentosu002Fdocker-ce.repo -O u002Fetcu002Fyum.repos.du002Fdocker- ce.repou003Cu002Fpreu003Eu003Cpreu003E[root@docker ~]# yum install docker-ce -y u003Cu002Fpreu003Eu003Cpreu003E[root@docker ~]# systemctl start dockeru003Cu002Fpreu003Eu003Cpreu003E[root@docker ~]# systemctl enable dockeru003Cu002Fpreu003Eu003Ch1 class=”pgc-h-arrow-right”u003E下载elk整合版镜像u003Cu002Fh1u003Eu003Cpreu003E[root@docker ~]# docker search elk |head -2u003Cu002Fpreu003Eu003Cpreu003E NAME DESCRIPTIONu003Cu002Fpreu003Eu003Cpreu003ESTARS OFFICIAL AUTOMATEDu003Cu002Fpreu003Eu003Cpreu003Esebpu002Felk Collect, search and visualise log data with … u003Cu002Fpreu003Eu003Cpreu003E934 [OK]u003Cu002Fpreu003Eu003Cpreu003E[root@docker ~]# docker pull sebpu002Felku003Cu002Fpreu003Eu003Ch1 class=”pgc-h-arrow-right”u003E修改内核参数u003Cu002Fh1u003Eu003Cpreu003E[root@docker ~]# vim u002Fetcu002Fsysctl.confu003Cu002Fpreu003Eu003Cpreu003E vm.max_map_count=262144u003Cu002Fpreu003Eu003Cpreu003E[root@docker ~]# sysctl -p u003Cu002Fpreu003Eu003Cpreu003E如果不修改,运行容器时会报下图错误,所以需要提前修改u003Cu002Fpreu003Eu003Cdiv class=”pgc-img”u003Eu003Cimg src=”http:u002Fu002Fp1.pstatp.comu002Flargeu002Fpgc-imageu002F1077fcd5cbe04c57b66a8d4d5ce8115f” img_width=”961″ img_height=”228″ alt=”搭建ELK容器化,so easy” inline=”0″u003Eu003Cp class=”pgc-img-caption”u003Eu003Cu002Fpu003Eu003Cu002Fdivu003Eu003Ch1 class=”pgc-h-arrow-right”u003E运行容器u003Cu002Fh1u003Eu003Cpu003Eu003Cbru002Fu003Eu003Cu002Fpu003Eu003Cpreu003E运行容器的docker-host内存需要比较大(我这里测试时为3G)u003Cu002Fpreu003Eu003Cpreu003E [root@docker ~]# docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -it –name elk sebpu002Felku003Cu002Fpreu003Eu003Ch1 class=”pgc-h-arrow-right”u003E修改容器内的logstash配置文件u003Cu002Fh1u003Eu003Cdiv class=”pgc-img”u003Eu003Cimg src=”http:u002Fu002Fp1.pstatp.comu002Flargeu002Fpgc-imageu002F0aa8582270d04adb83745daadaedd876″ img_width=”591″ img_height=”238″ alt=”搭建ELK容器化,so easy” inline=”0″u003Eu003Cp class=”pgc-img-caption”u003Eu003Cu002Fpu003Eu003Cu002Fdivu003Eu003Cdiv class=”pgc-img”u003Eu003Cimg src=”http:u002Fu002Fp1.pstatp.comu002Flargeu002Fpgc-imageu002Fb114c5242261439dbd6856856cde942a” img_width=”588″ img_height=”393″ alt=”搭建ELK容器化,so easy” inline=”0″u003Eu003Cp class=”pgc-img-caption”u003Eu003Cu002Fpu003Eu003Cu002Fdivu003Eu003Cpu003Eu003Cbru002Fu003Eu003Cu002Fpu003Eu003Cpu003Eu003Cstrongu003E重启容器u003Cu002Fstrongu003Eu003Cu002Fpu003Eu003Cpreu003E[root@docker ~]# docker restart elku003Cu002Fpreu003Eu003Ch1 class=”pgc-h-arrow-right”u003E应用服务器上操作u003Cu002Fh1u003Eu003Cpu003Eu003Cstrongu003E下载并安装filebeatu003Cu002Fstrongu003Eu003Cu002Fpu003Eu003Cpreu003E[root@filebeat ~]# wgetu003Cbru003E https:u002Fu002Fartifacts.elastic.cou002Fdownloadsu002Fbeatsu002Ffilebeatu002Ffilebea t-7.4.2-x86_64.rpmu003Cbru003Eu003Cbru003E[root@filebeat ~]# rpm -ivh filebeat-7.4.2-x86_64.rpmu003Cu002Fpreu003Eu003Cpu003Eu003Cstrongu003E修改filebeat配置文件u003Cu002Fstrongu003Eu003Cu002Fpu003Eu003Cdiv class=”pgc-img”u003Eu003Cimg src=”http:u002Fu002Fp3.pstatp.comu002Flargeu002Fpgc-imageu002F2a11c2e2452846c095ac0ba3aa4cdc20″ img_width=”590″ img_height=”124″ alt=”搭建ELK容器化,so easy” inline=”0″u003Eu003Cp class=”pgc-img-caption”u003Eu003Cu002Fpu003Eu003Cu002Fdivu003Eu003Cdiv class=”pgc-img”u003Eu003Cimg src=”http:u002Fu002Fp1.pstatp.comu002Flargeu002Fpgc-imageu002Fbff41014807f4c159b2aaabb462c6a84″ img_width=”588″ img_height=”344″ alt=”搭建ELK容器化,so easy” inline=”0″u003Eu003Cp class=”pgc-img-caption”u003Eu003Cu002Fpu003Eu003Cu002Fdivu003Eu003Cpu003Eu003Cstrongu003E启动filebeat服务u003Cu002Fstrongu003Eu003Cu002Fpu003Eu003Cpreu003E[root@filebeat ~]# systemctl restart filebeatu003Cu002Fpreu003Eu003Cpreu003E [root@filebeat ~]# systemctl enable filebeatu003Cu002Fpreu003Eu003Cpu003Eu003Cstrongu003E测试u003Cu002Fstrongu003Eu003Cu002Fpu003Eu003Cpu003E在应用服务器上操作产生日志u003Cu002Fpu003Eu003Cpreu003E[root@filebeat ~]# yum install vsftpd -yu003Cu002Fpreu003Eu003Cpreu003E或u003Cu002Fpreu003Eu003Cpreu003E[root@filebeat ~]# echo 111111 >> u002Fvaru002Flogu002Fyum.logu003Cu002Fpreu003Eu003Cpu003E然后通过浏览器访问kibanau003Cu002Fpu003Eu003Cdiv class=”pgc-img”u003Eu003Cimg src=”http:u002Fu002Fp1.pstatp.comu002Flargeu002Fpgc-imageu002F580636e553f341e380690094093fdef5″ img_width=”1327″ img_height=”544″ alt=”搭建ELK容器化,so easy” inline=”0″u003Eu003Cp class=”pgc-img-caption”u003Eu003Cu002Fpu003Eu003Cu002Fdivu003E”

原文始发于:搭建ELK容器化,so easy

主题测试文章,只做测试使用。发布者:程序员,转转请注明出处:http://www.cxybcw.com/26662.html

联系我们

13687733322

在线咨询:点击这里给我发消息

邮件:1877088071@qq.com

工作时间:周一至周五,9:30-18:30,节假日休息

QR code