A complete ELK Stack environment containerized and able to be used in DEV or PROD
- Elasticsearch (cluster)
- Kibana
- Logstash
- Metricbeat for Metrics Monitoring
- Filebeat to collect logs
For now you can create a cluster of Elasticsearch to handle more data processing and with a little tricks and magic be able to run the cluster on swarm mode.
Here we need some adaptations, as the stack is suposed to be used on development or production(only for reading logs) the x-autentication needs to be enabled.
To start the cluster
docker-compose up -d
To stop the cluster
docker-compose down
- Create the stack-cert on Master Node ( es01 )
$ docker exec es01 bin/elasticsearc-certutil ca && mv elastic-stack.p12 config/certs/
Obs: no need to create a password, if you want you'll need extra steps to make the cluster works. You can find the information you need here
- On Each Node ( including Master )
$ docker exec esXX bin/elasticsearch-certutil cert --ca /config/certs/elastic-stack-ca.p12 && mv elastic-certificates.p12 /config/certs
After generating the certs you can uncomment the volume that binds the elasticsearch.yml from each node on docker-compose.yml and run the following commands:
$ chown 1000:0 -R volumes/
To run a single elasticsearch node you don't need to set up the certs, so you can remove these lines from your elasticsearch.yml file:
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
You have two options, set ut the passwords manually or automatic, if you choose automatic don't forget to save the passwords, otherwise you won't be able to use your cluster.
- Manually
$ docker exec es01 bin/elasticsearch-setup-passwords interactive -b
- Automatic
$ docker exec es01 bin/elasticsearch-setup-passwords auto
$ curl -u elastic:<your_awesome_password> -XGET "172.100.22.4:9200/_cluster/health?pretty"
( in progress....)
- Twitter - @ViniciusMarc_
- Linkedin - VinĂcius Vieira