安装elk
version: '3'
services:
elasticsearch:
image: elasticsearch:8.16.2
restart: unless-stopped
container_name: elasticsearch
environment:
- "discovery.type=single-node"
- "cluster.name=docker-cluster"
- "network.host=0.0.0.0"
- "http.cors.enabled=true"
- "http.cors.allow-headers=Authorization,X-Requested-With,Content-Length,Content-Type"
- "xpack.security.enabled=false"
- "ELASTIC_PASSWORD=123456"
- "ES_JAVA_OPTS=-Xms2g -Xmx2g"
volumes:
- /data/elasticsearch/data:/usr/share/elasticsearch/data
- /data/elasticsearch/logs:/usr/share/elasticsearch/logs
- /data/elasticsearch/plugins:/usr/share/elasticsearch/plugins
#- /data/elasticsearch/config:/usr/share/elasticsearch/config # 容器内没权限获取这个文件夹权限
ports:
- "9200:9200"
- "9300:9300"
networks:
- elastic_net
kibana:
image: kibana:8.16.2
container_name: kibana
restart: unless-stopped
depends_on:
- elasticsearch
environment:
- "ELASTICSEARCH_HOSTS=http://elasticsearch:9200"
- "ELASTICSEARCH_USERNAME=elastic"
- "ELASTICSEARCH_PASSWORD=123456"
- "monitoring.ui.container.elasticsearch.enabled:true"
ports:
- "5601:5601"
networks:
- elastic_net
networks:
elastic_net:
driver: bridge
由于容器权限问题 需要先将部分文件
#- /data/elasticsearch/config:/usr/share/elasticsearch/config # 容器内没权限获取这个文件夹权限
- 先注释这行 将容器跑起来
- 拷贝配置文件到本地
- 创建用户
- 卸载容器
- 重新安装
拷贝文件
docker cp elasticsearch:/usr/share/elasticsearch/data /opt/elasticsearch/
docker cp elasticsearch:/usr/share/elasticsearch/plugins /opt/elasticsearch/
docker cp elasticsearch:/usr/share/elasticsearch/config /opt/elasticsearch/
创建用户
创建新账户
elasticsearch-users useradd kibana
给账户授权
elasticsearch-users roles -a superuser username
elasticsearch-users roles -a kibana_system username
浙公网安备 33010602011771号