1、安装Elasticsearch
docker search elasticsearch:7.6.1
docker pull elasticsearch:7.6.1
docker network create --driver bridge elk
docker network ls
docker network inspect elk
docker run --name elasticsearch \
--network=elk -p 9200:9200 -p 9300:9300 \
-e "discovery.type=single-node" \
-e ES_JAVA_OPTS="-Xms128m -Xmx128m" \
-d elasticsearch:7.6.1
docker exec -it elasticsearch /bin/bash
docker cp elasticsearch:/usr/share/elasticsearch/config /my/elasticsearch/
unzip elasticsearch-analysis-ik-7.6.1.zip -d /my/elasticsearch/plugins/ik
cd /my/elasticsearch/plugins/ik/config
vim IKAnalyzer.cfg.xml
docker run --name elasticsearch \
--network=elk -p 9200:9200 -p 9300:9300 \
--privileged=true --restart=always \
-e "discovery.type=single-node" \
-e ES_JAVA_OPTS="-Xms1024m -Xmx1024m" \
-v /my/elasticsearch/config:/usr/share/elasticsearch/config \
-v /my/elasticsearch/data:/usr/share/elasticsearch/data \
-v /my/elasticsearch/plugins:/usr/share/elasticsearch/plugins \
-v /my/elasticsearch/logs:/usr/share/elasticsearch/logs \
-d elasticsearch:7.6.1
1.1、说明:
--name elasticsearch:将容器命名为 elasticsearch
-p 9200:9200:将容器的9200端口映射到宿主机9200端口
-p 9300:9300:将容器的9300端口映射到宿主机9300端口,目的是集群互相通信
-e "discovery.type=single-node":单例模式
-e ES_JAVA_OPTS="-Xms64m -Xmx128m":配置内存大小
-v /my/elasticsearch/conf:/usr/share/elasticsearch/config:将配置文件挂载到宿主机
-v /my/elasticsearch/data:/usr/share/elasticsearch/data:将数据文件夹挂载到宿主机
-v /my/elasticsearch/plugins:/usr/share/elasticsearch/plugins:将插件目录挂载到宿主机(需重启,自动映射)
-d elasticsearch:7.6.1 :后台运行容器,并返回容器ID
1.2、测试
curl http://localhost:9200
{
"name" : "6a122f6a7607",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "8HINmx36T3qPzpCS6b_Yyg",
"version" : {
"number" : "7.6.1",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "2f90bbf7b93631e52bafb59b3b049cb44ec25e96",
"build_date" : "2019-10-28T20:40:44.881551Z",
"build_snapshot" : false,
"lucene_version" : "8.2.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
1.3、手动安装ik分词,ik分词器的版本要和elasticsearch的版本对应
cd /my/tools.bak
unzip /my/tools.bak/elasticsearch-analysis-ik-7.6.1.zip -d /my/elasticsearch/plugins/ik7.6.1
docker cp /my/elasticsearch/plugins/ik7.6.1 elasticsearch:/usr/share/elasticsearch/plugins
docker exec -it elasticsearch /bin/bash
cd /usr/share/elasticsearch/plugins
1.4、测试postman
POST http://localhost:9200/_analyze?pretty
{
"analyzer":"ik_smart",
"text":"中华"
}
{
"tokens": [
{
"token": "中华",
"start_offset": 0,
"end_offset": 2,
"type": "CN_WORD",
"position": 0
}
]
}
1.5、elasticsearch.yml配置
cluster.name: my-application
node.name: node-1
path.data: /home/es/elasticsearch/data
path.logs: /home/es/elasticsearch/logs
network.host: 0.0.0.0
network.bind_host: 0.0.0.0
http.port: 9200
cluster.initial_master_nodes: ["node-1"]
http.cors.enabled: true
http.cors.allow-origin: "*"
2、安装logstash
docker pull logstash:7.6.1
docker run --network=elk --name=logstash --rm -di logstash:7.6.1
docker exec -it logstash /bin/bash
docker cp logstash:/usr/share/logstash/config /my/logstash/
docker cp logstash:/usr/share/logstash/pipeline /my/logstash/
docker cp logstash:/usr/share/logstash/logstash-core/lib/jars/ /my/logstash/
docker run --network=elk --name=logstash \
--privileged=true --restart=always \
-v /my/logstash/config:/usr/share/logstash/config \
-v /my/logstash/pipeline:/usr/share/logstash/pipeline \
-v /my/logstash/jars:/usr/share/logstash/logstash-core/lib/jars \
-d logstash:7.6.1
2.1、logstash.conf
input {
jdbc {
jdbc_connection_string => "jdbc:mysql://localhost:3306/yourdatabase?useUnicode=true&characterEncoding=utf8&serverTimezone=Asia/Shanghai&useSSL=false&allowMultiQueries=true"
jdbc_user => "root"
jdbc_password => "yourpassword"
jdbc_driver_library => "/usr/share/logstash/logstash-core/lib/jars/mysql-connector-java-8.0.20.jar"
jdbc_driver_class => "com.mysql.cj.jdbc.Driver"
jdbc_paging_enabled => true
jdbc_page_size => "5000"
clean_run => true
statement_filepath => "/usr/share/logstash/config/mysql/product.sql"
lowercase_column_names => false
}
}
output {
elasticsearch {
hosts => ["http://elasticsearch:9200"]
index => "tb_product"
document_id => "%{id}"
}
stdout {
codec => json_lines
}
}
3、安装kibana
docker pull kibana:7.6.1
docker run --name kibana \
--privileged=true --network=elk \
-p 5601:5601 -d kibana:7.6.1
docker exec -it kibana /bin/bash
docker cp kibana:/usr/share/kibana/config/kibana.yml /my/kibana/conf/
vim /my/kibana/conf/kibana.yml
docker run --network=elk --name kibana \
--privileged=true --restart=always \
-v /my/kibana/conf/kibana.yml:/usr/share/kibana/config/kibana.yml \
-p 5601:5601 -d kibana:7.6.1
3.1、kibana.yml配置
server.name: kibana
server.host: "0"
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
xpack.monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: zh-CN
