vim /home/elasticsearch/config/elasticsearch.yml

添加以下内容:
cluster.name: "docker-cluster"
network.host: 0.0.0.0
http.cors.enabled: true
http.cors.allow-origin: "*"

3.运行容器

docker run -d --name elasticsearch \
-p 9200:9200 -p 9300:9300 \
-e "ES_JAVA_OPTS=-Xms512m -Xmx512m" \
-v /home/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-e "discovery.type=single-node" \
elasticsearch:7.8.0

4.通过地址访问

地址为: http://192.168.51.187:9200/

二、安装elasticsearch-head

1.拉取镜像

docker pull docker.io/mobz/elasticsearch-head:5

2.运行容器

docker run --name=elasticsearch-head -d -p 9100:9100 docker.io/mobz/elasticsearch-head:5

3.访问可视化界面

三、安装 kibana

1.拉取镜像

docker pull kibana:7.8.0

2.运行容器

docker run -d --name kibana --link elasticsearch:elasticsearch -p 5601:5601 kibana:7.8.0

3.通过地址访问

地址为: http://192.168.51.187:5601

四、安装 logstash

1.拉取镜像

docker pull logstash:7.8.0

2.准备logstash的配置文件

vim logstash.conf


input {
  beats {
    port => 5044
  }
  file{
        path=>"/tmp/nginx/logs/access.log"
  }
}

output {
  stdout {
    codec => rubydebug
  }
  elasticsearch{
        hosts=>"192.168.51.187:9200"
  }
}

3.运行容器

docker run -d \
--name=logstash \
-v /home/nginx/logs/access.log:/tmp/nginx/logs/access.log \
-v /home/logstash/logstash.conf:/usr/share/logstash/pipeline/logstash.conf \
docker.io/logstash:7.8.0

4.在kibana中新建索引 logstash-*

5.可以通过kibana查看关联的nginx日志

五、安装filebeat

1.编辑配置文件filebeat.yml

vim filebeat.yml

filebeat.inputs:
- type: log
  enabled: true
  paths:
    - /var/log/messages/test.log
filebeat.config:
  modules:
    path: ${path.config}/modules.d/*.yml
    reload.enabled: false

processors:
- add_cloud_metadata: ~
- add_docker_metadata: ~

output.elasticsearch:
  hosts: ["192.168.220.76:9200"]

2.启动容器

docker run -d \
  --name=filebeat \
  --restart=always \
  -v /home/filebeat/filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml \
  -v /home/filebeat/logs:/var/log/messages \
  elastic/filebeat:7.8.0