elk: elasticsearch+kibana+logstash
自从elk升级8.0以后,强制使用上了SSL(可以关闭),踩了不少的坑,花了不少时间折腾。
使用的版本8.0.0
共3个部分,这是第1部分,elasticsearch8
1. 安装docker
2. 安装elastic
docker pull elasticsearch:8.0.0
3. 运行elastic, 不加载目录
#8.0 above, require password
docker run -p9200:9200 -p9300:9300 -e node.name=node-1 -d –name elasticsearch elasticsearch:8.0.0
运行后,复制目录到宿主机
#docker cp 0000:/usr/share/elasticsearch /mnt/md0/appdata/mydocker
0000是container_id, /mnt/md0/appdata/mydocker是本地目录,这两个地方换成自己的
完成后,停止容器
docker stop 0000
删除容器
docker rm 0000
4.运行正式的elastic
docker run -p9200:9200 -p9300:9300 -v /mnt/md0/appdata/mydocker/elasticsearch/config:/usr/share/elasticsearch/config -v /mnt/md0/appdata/mydocker/elasticsearch/data:/usr/share/elasticsearch/data -v /mnt/md0/appdata/mydocker/elasticsearch/logs:/usr/share/elasticsearch/logs -v /mnt/md0/appdata/mydocker/elasticsearch/plugins:/usr/share/elasticsearch/plugins -e TZ=Asia/Shanghai -e node.name=node-1 -d –name elasticsearch elasticsearch:8.0.0
5.进入elastic的主目录,修改连接的密码
#docker exec -it 0000 bash
$cd /usr/share/elasticsearch
$./bin/elasticsearch-setup-passwords interactive
提示输入密码和确认密码,全部都设成 111111 (最少6位)
6.完成后验证
浏览器访问:https://宿主机IP:9200
录入用户名:elastic 密码111111
7.附上elasticsearch.yml
cluster.name: “docker-cluster”
network.host: 0.0.0.0
#———————– BEGIN SECURITY AUTO CONFIGURATION ———————–
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 08-11-2022 02:57:31
#
# ——————————————————————————–
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: [“node-1”]
#———————– END SECURITY AUTO CONFIGURATION ————————-