Run the EK (Elasticseach, Kibana) stack with Docker and Docker-compose.
Based on the official images:
- Install Docker.
- Install Docker-compose.
- Clone this repository
On distributions which have SELinux enabled out-of-the-box you will need to either re-context the files or set SELinux into Permissive mode in order for fig-elk to start properly. For example on Redhat and CentOS, the following will apply the proper context:
.-root@centos ~
-$ chcon -R system_u:object_r:admin_home_t:s0 docker-elk/Start the ELK stack using docker-compose:
$ docker-compose upYou can also choose to run it in background (detached mode):
$ docker-compose up -dThen access Kibana UI by hitting http://localhost:5601 with a web browser.
By default, the stack exposes the following ports:
- 9200: Elasticsearch HTTP (with Marvel plugin accessible via http://localhost:9200/_plugin/marvel)
- 9300: Elasticsearch transport protocol
- 5601: Kibana 4 web interface
WARNING: If you're using boot2docker, you must access it via the boot2docker IP address instead of localhost.
WARNING: If you're using Docker Toolbox, you must access it via the docker-machine IP address instead of localhost.
NOTE: Configuration is not dynamically reloaded, you will need to restart the stack after any change in the configuration of a component.
The Kibana default configuration is stored in kibana/config/kibana.yml.
The Elasticsearch container is using the shipped configuration and it is not exposed by default.
If you want to override the default configuration, create a file elasticsearch/config/elasticsearch.yml and add your configuration in it.
Then, you'll need to map your configuration file inside the container in the docker-compose.yml. Update the elasticsearch container declaration to:
elasticsearch:
build: elasticsearch/
ports:
- "9200:9200"
volumes:
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.ymlIn order to persist Elasticsearch data, you'll have to mount a volume on your Docker host. Update the elasticsearch container declaration to:
elasticsearch:
build: elasticsearch/
ports:
- "9200:9200"
volumes:
- /path/to/storage:/usr/share/elasticsearch/dataThis will store elasticsearch data inside /path/to/storage.