一、服务器信息
1.系统:centos7.9
2.配置:2核8GB内存80GB存储
二、安装docker
1. 更新数据源
yum update
2. 设置安装的数据源(阿里)
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
3. 安装 Docker 客户端
yum install docker-ce
4. 查看 Docker 版本
docker -v
5. 启动 Docker
systemctl start docker
三、Centos7.9 安装 Docker-Compose
1. 通过yum安装
yum install -y docker-compose
2.通过curl方式安装
curl -L https://get.daocloud.io/docker/compose/releases/download/v2.4.1/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
3.直接在release中下载对应的linux发行版(推荐)
①网址:https://github.com/docker/compose/releases/tag
②下载完后将软件上传至服务器的【/usr/local/bin】目录下并重命名:
sudo mv docker-compose-linux-x86_64 docker-compose
③将可执行权限应用于二进制文件:
sudo chmod +x /usr/local/bin/docker-compose
④创建软链:
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
⑤查看docker-compose版本:
docker-compose -v
四、使用docker安装ELK
1.ELK代指ElasticSearch、Kibana、LogStash。
2.创建并运行一个ElasticSearch容器:
#7.6.2 启动需要增加discovery.type=single-node
docker run -e ES_JAVA_OPTS="-Xms256m -Xmx256m" -e discovery.type=single-node -d -p 9200:9200 -p 9300:9300 --name MyES elasticsearch:7.6.2
3.浏览器访问测试:http://服务器IP:9200,应输出如下结果:
{
"name": "f8d552739afd",
"cluster_name": "docker-cluster",
"cluster_uuid": "OxyNHcD-Q-mzX42mobfkiQ",
"version": {
"number": "7.6.2",
"build_flavor": "default",
"build_type": "docker",
"build_hash": "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
"build_date": "2020-03-26T06:34:37.794943Z",
"build_snapshot": false,
"lucene_version": "8.4.0",
"minimum_wire_compatibility_version": "6.8.0",
"minimum_index_compatibility_version": "6.0.0-beta1"
},
"tagline": "You Know, for Search"
}
4.创建并运行运行一个Kibana容器
**<1>**查看ES在docker中的ip地址,因为kibana在启动的时候需要连接到ES
#先使用命令 docker ps 查看ES容器ID
docker ps
#输出如下:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f8d552739afd elasticsearch:7.6.2 "/usr/local/bin/dock…" 28 hours ago Up 28 hours 0.0.0.0:9200->9200/tcp, :::9200->9200/tcp, 0.0.0.0:9300->9300/tcp, :::9300->9300/tcp MyES
#通过容器ID,查看容器IP地址。以上的a266d1ff5c1b就是我们ES的容器ID
docker inspect --format '{{ .NetworkSettings.IPAddress }}' f8d552739afd
#输出如下:
172.17.0.2
<2>创建并运行一个Kibana容器
#注意,此处的ELASTICSEARCH_URL需替换成上面ES容器的IP地址,否则Kibana连接不到ES
docker run -d --name MyKibana -p 5601:5601 -e ELASTICSEARCH_URL=http://172.17.0.2:9200 kibana:6.8.8
5.浏览器访问测试:http://服务器IP:5601
6.创建并运行运行一个LogStash容器
docker run -d -p 9600:9600 -p 4560:4560 --name MyLogStash logstash:6.8.8
7.运行后,进入容器内部。修改logstash.yml配置文件
docker exec -it logstash容器ID bash
cd config
vi logstash.yml
# 改成如下配置
http.host: "0.0.0.0"
xpack.monitoring.elasticsearch.url: http://172.17.0.2:9200
8.修改/usr/share/logstash/pipeline/pipeline下的logstash.conf文件
input {
tcp {
#模式选择为server
mode => "server"
#ip和端口根据自己情况填写,端口默认4560,对应下文logback.xml里appender中的destination
host => "0.0.0.0"
port => 4560
#格式json
codec => json_lines
}
}
output {
elasticsearch {
action => "index"
#这里是es的地址,多个es要写成数组的形式
hosts => "172.17.0.2:9200"
#用于kibana过滤,可以填项目名称
index => "springboot-logstash-%{+YYYY.MM.dd}"
}
stdout {
codec => rubydebug
}
}
9.重启logstash
docker restart MyLogStash
五、springboot集成ELK使用
1.初始化一个基于maven管理的springboot项目(具体细节不再阐述),项目结构如下:
2.关于pom.xml文件的配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.6.11</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>logstash-demo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>elk-demo</name>
<description>elk-demo</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--引入logstash收集日志-->
<dependency>
<groupId>net.logstash.logback</groupId>
<artifactId>logstash-logback-encoder</artifactId>
<version>5.3</version>
</dependency>
<dependency>
<!--方便打印日志-->
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.12</version>
</dependency>
<dependency>
<!--方便测试-->
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.13</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.1</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
3.关于application.yml文件的配置如下:
server.port: 8089
spring:
application:
name: springboot-logstash # 这里的应用名称即为ELK的索引*
# elasticsearch:
# # 此处替换对应ip
# uris: 服务器IP:9200
4.关于logback-spring.xml文件的配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE configuration>
<configuration>
<include resource="org/springframework/boot/logging/logback/defaults.xml"/>
<include resource="org/springframework/boot/logging/logback/console-appender.xml"/>
<!--应用名称-->
<property name="APP_NAME" value="springboot-logback-elk-demo"/>
<!--日志文件保存路径-->
<property name="LOG_FILE_PATH" value="${LOG_FILE:-${LOG_PATH:-${LOG_TEMP:-${java.io.tmpdir:-/tmp}}}/logs}"/>
<contextName>${APP_NAME}</contextName>
<!--每天记录日志到文件appender-->
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${LOG_FILE_PATH}/${APP_NAME}-%d{yyyy-MM-dd}.log</fileNamePattern>
<maxHistory>30</maxHistory>
</rollingPolicy>
<encoder>
<pattern>${FILE_LOG_PATTERN}</pattern>
</encoder>
</appender>
<!--输出到logstash的appender-->
<appender name="LOGSTASH" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
<!--可以访问的logstash日志收集端口-->
<destination>服务器IP:4560</destination>
<encoder charset="UTF-8" class="net.logstash.logback.encoder.LogstashEncoder"/>
</appender>
<root level="DEBUG">
<appender-ref ref="CONSOLE"/>
<appender-ref ref="FILE"/>
<appender-ref ref="LOGSTASH"/>
</root>
</configuration>
5.测试控制器TestController文件如下:
package com.example.logstashdemo.controller;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* @author lisw
* @program elk_project
* @description
* @createDate 2021-02-09 13:46:45
* @slogan 长风破浪会有时,直挂云帆济沧海。
**/
@RestController
@RequestMapping("/test")
public class TestController {
private final Logger logger = LoggerFactory.getLogger(getClass());
@RequestMapping("/elkAdd")
public String elkAdd(){
logger.info("日志记录"+System.currentTimeMillis());
return "1";
}
@RequestMapping("/elkget")
public String elkget(){
logger.info("输出info");
logger.debug("输出debug");
logger.error("输出error");
return "1t";
}
}
6.创建ELK索引
<1>找到对应的位置
<2>创建索引步骤一
<3>创建索引步骤二
<4>创建索引后的结果界面
7.先运行应用
8.测试结果
<1>接口一测试:
<2>接口二测试:
六、参考网址
1.Centos7.9 安装 Docker 和 Docker-Compose。
2.docker-compose -v 显示【/usr/local/bin/docker-compose:行1: html: 没有那个文件或目录】错误问题。
3.使用Docker搭建ELK,并与SpringBoot集成。
4.SpringBoot整合ELK教程。
5.SpringBoot整合Docker部署的ELK8以上版本。