文章目录
- 一:拉取Es和Kibana镜像
- 二:创建Es挂载目录
- 2.1:挂载相关配置
- 2.2:开放文件权限,否则后面运行容器会报错
- 三:运行Es容器
- 3.1: 运行参数说明
- 3.2: 运行容器命令
- 3.3: 开放防火墙
- 四:运行Kibana容器
- 4.1: 运行容器前置操作
- 4.1.1: 创建挂载目录和配置文件
- 4.1.2: 修改kibana.yml配置文件内容,添加Es相关信息
- 4.2: 运行Kibana容器命令
- 4.3: 放开Kibana端口
- 4.4: 查看客户端Kibana图形界面
- 五:设置Elasticsearch和Kibana账号密码
- 5.1:修改Elasticsearch.yml账号密码相关配置信息
- 5.2:修改完配置信息记得重启,或者进入容器查看es.yml有没有生效。我这边直接生效了,如果不生效最后可以用cp把主机机文件拷贝到容器内
- 5.3:进入容器执行修改密码命令
- 5.4:修改kibana.yml账号密码相关配置信息
- 5.4.1:主要添加这两行
- 5.5:重启Kibana服务
- 六:设置完账号密码重新访问输入账号和密码
- 6.1: 输入Es地址 http://192.1.103:9200/
- 6.1.1: 账号密码 : elastic/123456
- 6.2: 输入Kibana地址 http://192.168.56.104:5601/
- 6.1.2: 账号密码 : elastic/123456
一:拉取Es和Kibana镜像
docker pull elasticsearch:7.13.0
docker pull kibana:7.13.0
[root@master01 /]# docker pull elasticsearch:7.13.0
7.13.0: Pulling from library/elasticsearch
Digest: sha256:5928ef72ed4be974b6e41fba6599ed12806200e8710c48815c7fb0cbdf2283ca
Status: Downloaded newer image for elasticsearch:7.13.0
docker.io/library/elasticsearch:7.13.0
[root@master01 /]# docker pull kibana:7.13.0
7.13.0: Pulling from library/kibana
7a0437f04f83: Already exists
7e4505def4ad: Pull complete
48767df094e6: Pull complete
Digest: sha256:3b3ae5cc13de87cf7b8ebb0de0242358a33910f0c189a115b4271afe4b432dcd
Status: Downloaded newer image for kibana:7.13.0
docker.io/library/kibana:7.13.0
二:创建Es挂载目录
2.1:挂载相关配置
创建并输出到挂载 YML 配置文件
echo "http.host: 0.0.0.0" >> /usr/local/home/docker/elasticsearch/config/elasticsearch.yml
[root@master01 config]# echo "http.host: 0.0.0.0" >> /usr/local/home/docker/elasticsearch/config/elasticsearch.yml
创建并输出到挂载目录
mkdir config
mkdir data
mkdir log
[root@master01 home]# cd docker
[root@master01 docker]# pwd
/usr/local/home/docker
[root@master01 docker]# mkdir elasticsearch
[root@master01 docker]# cd elasticsearch/
[root@master01 elasticsearch]# ls
[root@master01 elasticsearch]# mkdir config
[root@master01 elasticsearch]# mkdir data
[root@master01 elasticsearch]# mkdir log
[root@master01 elasticsearch]# pwd
2.2:开放文件权限,否则后面运行容器会报错
chmod 777 -R log
chmod 777 -R data
chmod 777 -R config
[root@master01 elasticsearch]# ll
总用量 0
drwxr-xr-x 2 root root 31 1月 2 04:02 config
drwxr-xr-x 2 root root 6 1月 2 03:11 data
drwxr-xr-x 2 root root 6 1月 2 03:11 log
drwxr-xr-x 2 root root 6 1月 2 04:06 plugins
[root@master01 elasticsearch]# chmod 777 -R log
[root@master01 elasticsearch]# chmod 777 -R data
[root@master01 elasticsearch]# chmod 777 -R config
- 这事不开放权限容器日志异常
[0.021s][error][logging] Error opening log file 'logs/gc.log': Permission denied
[0.021s][error][logging] Initialization of output 'file=logs/gc.log' using options 'filecount=32,filesize=64m' failed.
error:
Invalid -Xlog option '-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m', see error log for details.
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.
at org.elasticsearch.tools.launchers.JvmOption.flagsFinal(JvmOption.java:119)
at org.elasticsearch.tools.launchers.JvmOption.findFinalOptions(JvmOption.java:81)
at org.elasticsearch.tools.launchers.JvmErgonomics.choose(JvmErgonomics.java:38)
at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.java:135)
at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86)
三:运行Es容器
3.1: 运行参数说明
# 容器名称: -name es-server
# 重启参数 --restart unless-stopped
# 局域网 --net es (需要该参数的话得创建Docker局域网络)
# 映射端口 -p 9200 : 服务接口端口,也是该节点与外部通讯使用的端口,如对es数据的crud
# 映射端口 -p 9300 : 各节点间的集群通讯端口
# 挂载目录 -v 配置目录 / 数据目录 / 日志目录
# 后台进程运行 -d
3.2: 运行容器命令
docker run --name es-server -d --restart unless-stopped -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms84m -Xmx512m" -p 9200:9200 -p 9300:9300 -v /usr/local/home/docker/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml -v /usr/local/home/docker/elasticsearch/data:/usr/share/elasticsearch/data -v /usr/local/home/docker/elasticsearch/plugins:/usr/share/elasticsearch/plugins -v /usr/local/home/docker/elasticsearch/log:/usr/share/elasticsearch/logs elasticsearch:7.13.0
[root@master01 config]# docker run --name es-server -d --restart unless-stopped -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms84m -Xmx512m" -p 9200:9200 -p 9300:9300 -v /usr/local/home/docker/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml -v /usr/local/home/docker/elasticsearch/data:/usr/share/elasticsearch/data -v /usr/local/home/docker/elasticsearch/plugins:/usr/share/elasticsearch/plugins -v /usr/local/home/docker/elasticsearch/log:/usr/share/elasticsearch/logs elasticsearch:7.13.0
abf8da5870ab5035755de7e95aa93ec8ed0b9da6aa6a8fcb5f45cc58b1ae0746
[root@master01 config]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abf8da5870ab elasticsearch:7.13.0 "/bin/tini -- /usr/l…" 4 seconds ago Up 1 second 0.0.0.0:9200->9200/tcp, :::9200->9200/tcp, 0.0.0.0:9300->9300/tcp, :::9300->9300/tcp es-server
3.3: 开放防火墙
[root@master01 elasticsearch]# firewall-cmd --permanent --zone=public --list-port
FirewallD is not running
[root@master01 elasticsearch]# status firewalld
-bash: status: 未找到命令
[root@master01 elasticsearch]# systemctl start firewalld.service #开启服务
[root@master01 elasticsearch]# systemctl enable firewalld.service #开机启动
Created symlink from /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service to /usr/lib/systemd/system/firewalld.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/firewalld.service to /usr/lib/systemd/system/firewalld.service.
[root@master01 elasticsearch]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 一 2023-01-02 03:30:46 CST; 16s ago
Docs: man:firewalld(1)
Main PID: 7825 (firewalld)
CGroup: /system.slice/firewalld.service
└─7825 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
1月 02 03:30:45 master01 systemd[1]: Starting firewalld - dynamic firewall daemon...
1月 02 03:30:46 master01 systemd[1]: Started firewalld - dynamic firewall daemon.
1月 02 03:30:46 master01 firewalld[7825]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It wi... it now.
Hint: Some lines were ellipsized, use -l to show in full.
[root@master01 elasticsearch]# firewall-cmd --permanent --zone=public --add-port=9200/tcp
success
[root@master01 elasticsearch]# firewall-cmd --permanent --zone=public --add-port=9300/tcp
success
[root@master01 elasticsearch]# firewall-cmd --reload
success
[root@master01 elasticsearch]# firewall-cmd --permanent --zone=public --list-port
9200/tcp 9300/tcp
四:运行Kibana容器
4.1: 运行容器前置操作
4.1.1: 创建挂载目录和配置文件
echo "http.host: 0.0.0.0" >> /usr/local/home/docker/kibana/config/kibana.yml
[root@localhost config]# pwd
/usr/local/home/docker/kibana/config
[root@localhost config]# echo "http.host: 0.0.0.0" >> /usr/local/home/docker/kibana/config/kibana.yml
[root@localhost config]# ls
kibana.yml
4.1.2: 修改kibana.yml配置文件内容,添加Es相关信息
[root@localhost config]# vi kibana.yml
# kibana相关的配置
# 设置为中文
# 汉译
i18n.locale: "zh-CN"
# es集群
elasticsearch.hosts: ["http://192..103:9200"]
server.host: 0.0.0.0
4.2: 运行Kibana容器命令
docker run -d --restart unless-stopped --name kibana -p 5601:5601 -v /usr/local/home/docker/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml kibana:7.13.0
[root@localhost config]# docker run -d --restart unless-stopped --name kibana -p 5601:5601 -v /usr/local/home/docker/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml kibana:7.13.0
8e31caaa65257c2f3164abf08dd0a937280003dbeff7766b0fa15e5f9ef9ba01
[root@localhost config]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8e31caaa6525 kibana:7.13.0 "/bin/tini -- /usr..." 8 seconds ago Up 7 seconds 0.0.0.0:5601->5601/tcp kibana
4.3: 放开Kibana端口
firewall-cmd --permanent --zone=public --add-port=5601/tcp
firewall-cmd --reload
4.4: 查看客户端Kibana图形界面
http://192..104:5601/
五:设置Elasticsearch和Kibana账号密码
5.1:修改Elasticsearch.yml账号密码相关配置信息
[root@master01 config]# pwd
/usr/local/home/docker/elasticsearch/config
[root@master01 config]# vi elasticsearch.yml
#替换配置信息
http.cors.allow-headers: Authorization
http.host: 0.0.0.0
http.cors.enabled: true
http.cors.allow-origin: "*"
#新增加了以下两行配置
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
5.2:修改完配置信息记得重启,或者进入容器查看es.yml有没有生效。我这边直接生效了,如果不生效最后可以用cp把主机机文件拷贝到容器内
5.3:进入容器执行修改密码命令
docker exec -it abf8da5870ab /bin/bash
elasticsearch-setup-passwords interactive
# 我设置的密码全是123456
[root@master01 config]# docker exec -it abf8da5870ab /bin/bash
[root@abf8da5870ab elasticsearch]# ls
LICENSE.txt NOTICE.txt README.asciidoc bin config data jdk lib logs modules plugins
[root@abf8da5870ab elasticsearch]# cd config/
[root@abf8da5870ab config]# ls
elasticsearch.keystore jvm.options log4j2.file.properties role_mapping.yml users
elasticsearch.yml jvm.options.d log4j2.properties roles.yml users_roles
[root@abf8da5870ab config]# vi elasticsearch.yml
[root@abf8da5870ab config]# elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]
ERROR: User cancelled operation
[root@abf8da5870ab config]# elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Passwords do not match.
Try again.
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
12Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
5.4:修改kibana.yml账号密码相关配置信息
[root@localhost config]# pwd
/usr/local/home/docker/kibana/config
[root@localhost config]# vi kibana.yml
5.4.1:主要添加这两行
elasticsearch.username: "elastic"
elasticsearch.password: "123456"
# 完整配置
# kibana相关的配置
# 设置为中文
i18n.locale: "zh-CN"
# es集群
elasticsearch.hosts: ["http://192..103:9200"]
elasticsearch.username: "elastic"
elasticsearch.password: "123456"
server.host: 0.0.0.0
xpack.monitoring.ui.container.elasticsearch.enabled: true
5.5:重启Kibana服务
六:设置完账号密码重新访问输入账号和密码
6.1: 输入Es地址 http://192.1.103:9200/
6.1.1: 账号密码 : elastic/123456
6.2: 输入Kibana地址 http://192.168.56.104:5601/
6.1.2: 账号密码 : elastic/123456
