通过docker搭建lamp+wordpress+ELK监控
实验要求:docker搭建LAMP +wordpress,有监控,日志放在另外一台服务器上, 使用ELK进行日志收集展示
192.168.100.128 lamp+kabana
192.168.100.129 docker-lamp +wordpress + logstash +zabbix-agent
192.168.100.130 zabbix + elasticsearch
一、配置环境
1.先进行安装docker
[root@localhost docker]# yum -y install docker
2.进行配置docker的加速镜像
[root@localhost docker]# cd /etc/docker/
[root@localhost docker]# vim daemon.json
{
"registry-mirrors": ["https://yol1de5p.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.100.128"]
}
~
docker进行启动和开机自启
[root@localhost docker]# systemctl start docker
[root@localhost docker]# systemctl enable docker
查看查看镜像是否可用
[root@localhost docker]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.13.1
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Init Binary: /usr/libexec/docker/docker-init-current
containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: 66aedde759f33c190954815fb765eedc1d782dd9 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
seccomp
WARNING: You're not using the default seccomp profile
Profile: /etc/docker/seccomp.json
selinux
Kernel Version: 3.10.0-862.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 2
Total Memory: 1.779 GiB
Name: localhost.localdomain
ID: PQOY:ADSX:QEGQ:RJGC:4ECW:3X6S:BYMF:3AEH:WXBW:ZW5G:CVRI:VINM
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
192.168.100.128
127.0.0.0/8
Registry Mirrors:
https://yol1de5p.mirror.aliyuncs.com
Live Restore Enabled: false
Registries: docker.io (secure)
二、 拉去mysql和php镜像
[root@localhost docker]# docker pull mysql
[root@localhost docker]# docker pull php:7.2-apache
三、创建网络
[root@localhost docker]# docker network create lamp
查看网络
[root@localhost docker]# docker network ls
NETWORK ID NAME DRIVER SCOPE
f81b6f00fd07 bridge bridge local
3b6ec92601a8 host host local
9783e9b74d27 lamp bridge local
248da2b86740 none null local
四、创建生成mysql和php容器的脚本
先做个文件夹
[root@localhost ~]# mkdir mysql_php
[root@localhost ~]# cd mysql_php/
进行编写脚本
[root@localhost mysql_php]# vim docker_lamp.sh
#!/bin/bash
function mysql() {
docker run --name mysql --net lamp -p 3306:3306 \
-v /data/docker/mysql/data:/var/lib/mysql \
-v /data/docker/mysql/conf:/etc/mysql/conf.d \
-v /data/docker/mysql/logs:/logs \
-e MYSQL_ROOT_PASSWORD=test123456 \
-d mysql:latest --character-set-server=utf8
}
function httpd_php() {
docker run --name httpd-php --net lamp -p 80:80 \
-v /data/docker/httpd/conf:/etc/apache2/sites-enabled \
-v /data/docker/www:/var/www/html \
-v /data/docker/httpd/logs:/var/log/apache2 \
-d php:7.2-apache
}
$1
启动mysql和php容器(启动容器之前首先关闭selinux【setenforce 0】)
[root@localhost mysql_php]# sh docker_lamp.sh mysql
dcaea8e2efe8832ac863d73c728f15799f57072e9b66174626a706ba9a51152b
[root@localhost mysql_php]# sh docker_lamp.sh httpd_php
52ff6c908d0d042030c9a535c55638566202cc9472bd873e0773279dad8b5f7c
查看容器
[root@localhost mysql_php]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
21f6d844d9e2 php:7.2-apache "docker-php-entryp..." About a minute ago Up About a minute 0.0.0.0:80->80/tcp httpd-php
7bfa31aadbe1 mysql:latest "docker-entrypoint..." About a minute ago Up About a minute 0.0.0.0:3306->3306/tcp, 33060/tcp mysql
写一个php测试页进行测试
[root@localhost mysql_php]# echo "" > /data/docker/www/index.php
通过浏览器访问http://192.168.2.226
修改mysql密码加密方式为mysql_native_password
[root@localhost ~]# vim /data/docker/mysql/conf/docker_mysql.conf
[mysqld]
default-authentication-plugin=mysql_native_password
五、数据库操作
登陆mysql容器,创建、配置wordpress数据库
[root@localhost ~]# docker exec -it mysql /bin/bash
root@7bfa31aadbe1:/# mysql -uroot -ptest123456
mysql> create database wordpress;
mysql> create user wps@localhost identified by '123456';
mysql> grant all privileges on wordpress.* to wps@localhost;
mysql> create user [email protected] identified by '123456';
mysql> grant all privileges on wordpress.* to [email protected];
mysql> alter user [email protected] identified with mysql_native_password by '123456';
mysql> flush privileges;
六、配置wordpress博客系统
下载wordpress包并解压
wget https://cn.wordpress.org/wordpress-4.9.4-zh_CN.tar.gz
tar -zxvf wordpress-4.9.4-zh_CN.tar.gz -C /data/docker/www/
配置wordpress博客*
修改wp-config-sample.php配置
[root@localhost wordpress]# cd /data/docker/www/wordpress/
[root@localhost wordpress]# mv wp-config-sample.php wp-config.php
[root@localhost wordpress]# vim wp-config.php #修改以下内容
/ WordPress数据库的名称 */
define('DB_NAME', 'wordpress');
/ MySQL数据库用户名 */
define('DB_USER', 'wps');
/ MySQL数据库密码 */
define('DB_PASSWORD', '123456');
/ MySQL主机 */
define('DB_HOST', '172.18.0.1');
/ 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8');
/ 数据库整理类型。如不确定请勿更改 */
define('DB_COLLATE', '');
mysql容器里安装mysqli扩展
[root@localhost ~]# docker exec -it httpd-php /bin/bash
apt-get update
apt-get install libpng-dev
cd /usr/local/bin/
./docker-php-ext-install gd mysqli
./docker-php-ext-enable gd mysqli
exit
docker restart httpd-php(启动之后关闭防火墙)
修改wp-db.php文件,将mysql_connect替换为mysqli_connect
[root@localhost ~]# cd /data/docker/www/wordpress/
[root@localhost wordpress]# sed -i "s/mysql_connect/mysqli_connect/g" wp-includes/wp-db.php
之后通过浏览器测试 :http://本机ip/wordpress 如果成功会出现一下界面
搭建配置zabbix
传入zabbix的源
[root@localhost ~]# cd /etc/yum.repos.d
[root@localhost yum.repos.d]# vim zabbix.repo
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/zabbix/4.4/rhel/7/$basearch/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
[zabbix-debuginfo]
name=Zabbix Official Repository debuginfo - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/zabbix/4.4/rhel/7/$basearch/debuginfo/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
gpgcheck=0
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/non-supported/rhel/7/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=0
在web端安装zabbix-agent并设置开机自启
[root@localhost yum.repos.d]# yum -y install zabbix-agent
[root@localhost yum.repos.d]# vim /etc/zabbix/zabbix_agentd.conf
Server=192.168.100.130
ServerActive=192.168.100.130
[root@localhost yum.repos.d]# systemctl start zabbix-agent
[root@localhost yum.repos.d]# systemctl enable zabbix-agent
在服务端安装zabbix服务和mysql
[root@localhost yum.repos.d]# yum -y install mariadb mariadb-server zabbix-server-mysql zabbix-web-mysql zabbix-agent zabbix-get
启动mysql并设置开机自启
[root@localhost yum.repos.d]# systemctl start mariadb
[root@localhost yum.repos.d]# systemctl enable mariadb
配置mysql
[root@localhost yum.repos.d]# mysql
MariaDB [(none)]> create database zabbix charset utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on *.* to zabbix@localhost identified by 'zabbix';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.01 sec)
测试登录mysql的zabbix用户
[root@localhost yum.repos.d]# mysql -uzabbix -h localhost -pzabbix
查看一下zabbix的服务
[root@localhost ~]# ll /usr/share/doc/zabbix-server-mysql-4.4.8/create.sql.gz
-rw-r--r--. 1 root root 1476658 4月 27 18:21 /usr/share/doc/zabbix-server-mysql-4.4.8/create.sql.gz
导入数据
[root@localhost ~]# zcat /usr/share/doc/zabbix-server-mysql-4.4.8/create.sql.gz | mysql -uzabbix -pzabbix -hlocalhost zabbix
登录数据库并且查看数据
[root@localhost ~]# mysql
MariaDB [zabbix]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
| zabbix |
+--------------------+
5 rows in set (0.00 sec)
MariaDB [zabbix]> show tables;
+----------------------------+
| Tables_in_zabbix |
+----------------------------+
| acknowledges |
| actions |
| alerts |
| application_discovery |
| application_prototype |
修改zabbix的配置文件
[root@localhost ~]# vim /etc/zabbix/zabbix_server.conf
DBPassword=zabbix
启动zabbix和httpd的相关服务并设置开机自启
[root@localhost ~]# systemctl enable httpd zabbix-server zabbix-agent
[root@localhost ~]# systemctl start httpd zabbix-server zabbix-agent
查看端口
[root@localhost ~]# netstat -nlpt | grep -E "80|10050|10051"
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 14225/zabbix_agentd
tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 15590/zabbix_server
tcp6 0 0 :::10050 :::* LISTEN 14225/zabbix_agentd
tcp6 0 0 :::10051 :::* LISTEN 15590/zabbix_server
tcp6 0 0 :::80 :::* LISTEN 14281/httpd
修改时间并启动httpd
[root@localhost ~]# vim /etc/httpd/conf.d/zabbix.conf
php_value date.timezone Asia/Shanghai
[root@localhost ~]# systemctl restart httpd
上传修改字体防止乱码
[root@localhost ~]# cd /usr/share/zabbix/assets/fonts/
[root@localhost fonts]# ls
graphfont.ttf simkai.ttf
[root@localhost fonts]# rm -rf graphfont.ttf
[root@localhost fonts]# mv simkai.ttf graphfont.ttf
其浏览器查看ip/zabbix
一直下一步到这个界面
密码是:zabbix
通过服务端的get工具映射80端口如果是1 那么zabbix搭建成功
[root@localhost fonts]# zabbix_get -s 192.168.100.129 -k net.tcp.listen[80]
1
通过配置对lamp进行监控
通过tar包搭建ELK
在zabbix的服务端
安装jdk
[root@localhost ELK]# rpm -ivh jdk-8u131-linux-x64_.rpm
解压elasticsearch的tar包
[root@localhost ELK]# tar xf elasticsearch-7.7.0-linux-x86_64.tar.gz
[root@localhost ELK]# mv elasticsearch-7.7.0 /usr/local/elasticsearch
创建一个elasticsearch数据存储目录,并赋予elk用户拥有所属权限
[root@localhost src]# groupadd elk
[root@localhost src]# useradd -g elk elk -m
[root@localhost src]# chown -R elk.elk /usr/local/elasticsearch/
[root@localhost elk]# ll /usr/local/elasticsearch/
总用量 560
drwxr-xr-x. 2 elk elk 4096 5月 12 10:04 bin
drwxr-xr-x. 3 elk elk 169 5月 20 10:44 config
drwxr-xr-x. 9 elk elk 107 5月 12 10:04 jdk
drwxr-xr-x. 3 elk elk 4096 5月 12 10:04 lib
-rw-r--r--. 1 elk elk 13675 5月 12 09:58 LICENSE.txt
drwxr-xr-x. 2 elk elk 6 5月 12 10:03 logs
drwxr-xr-x. 45 elk elk 4096 5月 12 10:04 modules
-rw-r--r--. 1 elk elk 534753 5月 12 10:03 NOTICE.txt
drwxr-xr-x. 2 elk elk 6 5月 12 10:03 plugins
-rw-r--r--. 1 elk elk 8165 5月 12 09:58 README.asciidoc
创建一个elasticsearch数据存储目录,并赋予elk用户拥有所属权限
[root@localhost elk]# mkdir -p /data/elasticsearch
[root@localhost elk]# chown -R elk.elk /data/elasticsearch
修改elasticsearch配置文件,记得先备份一下配置文件再修改
[root@localhost src]# cd /usr/local/elasticsearch/config/
[root@localhost config]# cp elasticsearch.yml elasticsearch.yml.bak
[root@localhost config]# vim elasticsearch.yml
cluster.name: ELK-Cluster
node.name: node-1
path.data: /data/elasticsearch
path.logs: /usr/local/elasticsearch/logs
network.host: 192.168.100.130
http.port: 9200
cluster.initial_master_nodes: ["node-1"]
修改相关内核参数
[root@localhost config]# echo "vm.max_map_count=262144" >> /etc/sysctl.con
[root@localhost config]# sysctl -p
[root@localhost config]# vim /etc/security/limits.conf
* soft nproc 65536
* hard nproc 65536
* soft nofile 65536
* hard nofile 65536
切换用户elk来运行elasticsearch
[root@localhost config]# su - elk
[elk@localhost ~]$ cd /usr/local/elasticsearch/
[elk@localhost elasticsearch]$ ./bin/elasticsearch -d
如果启动出现max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
ERROR: Elasticsearch did not exit normally - check the logs at /usr/local/elasticsearch/logs/ELK-Cluster.log
的错误 可以以下操作
[elk@localhost elasticsearch]$ su root
[root@localhost elasticsearch]# sysctl -w vm.max_map_count=655360
vm.max_map_count = 655360
[root@localhost elasticsearch]# sysctl -a | grep "vm.max_map_count"
看看可否输出655360在进行上一步的启动
检查elasticsearch状态,如下则表示正常运行
[elk@localhost elasticsearch]$ curl http://192.168.100.130:9200
{
"name" : "node-1",
"cluster_name" : "ELK-Cluster",
"cluster_uuid" : "purTNbhaReGu7w1imX2Evg",
"version" : {
"number" : "7.7.0",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "81a1e9eda8e6183f5237786246f6dced26a10eaf",
"build_date" : "2020-05-12T02:01:37.602180Z",
"build_snapshot" : false,
"lucene_version" : "8.5.1",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
logstash配置安装(docker端)
安装jdk
[root@localhost ELK]# rpm -ivh jdk-8u131-linux-x64_.rpm
解压logstash
[root@localhost ELK]# tar xzvf logstash-7.7.0.tar.gz
[root@localhost ELK]# mv logstash-7.7.0 /usr/local/logstash
修改配置文件
[root@localhost ELK]# cd /usr/local/logstash/config/
[root@localhost config]# vim httpd.conf
input {
file {
path => ["/data/docker/httpd/logs/other_vhosts_access.log"]
type => "httpd-log"
start_position => "beginning"
}
}
output {
elasticsearch {
hosts => ["192.168.100.130:9200"]
index => "httpd_log-%{+YYYY.MM.dd}"
}
}
指定配置文件运行logstash
[root@localhost bin]# cd /usr/local/logstash/bin/
[root@localhost bin]# ./logstash -f /usr/local/logstash/config/httpd.conf &
[root@localhost bin]# netstat -lntup |grep 9600
tcp6 0 0 127.0.0.1:9600 :::* LISTEN 39391/java
安装配置kibana
安装jdk
[root@localhost src]# rpm -ivh jdk-8u131-linux-x64_.rpm
解压到/usr/local并重命名为kibana
[root@localhost src]# tar xzvf kibana-7.7.0-linux-x86_64.tar.gz
[root@localhost src]# mv kibana-7.7.0-linux-x86_64 /usr/local/kibana
修改配置文件
[root@localhost config]# cd /usr/local/kibana/config/
[root@localhost config]# vim kibana.yml
server.port: 5601
server.host: "192.168.100.128"
elasticsearch.hosts: ["http://192.168.100.130:9200"]
logging.dest: /var/log/kibana.log
给/var/log/kibana.log文件加权限
[root@localhost config]# touch /var/log/kibana.log
[root@localhost config]# chmod 777 -R /var/log/kibana.log
进入安装目录下/bin启动kibana
[root@localhost config]# cd /usr/local/kibana/bin/
[root@localhost bin]# ./kibana --allow-root &
[root@localhost bin]# netstat -nlpt | grep 5601
tcp 0 0 192.168.100.128:5601 0.0.0.0:* LISTEN 12490/./../node/bin
查看kibana页面 ip:5601(关闭防火墙)
