- ElasticSearch【存储】
- Logtash【日志聚合器】
- Kibana【界面】
答案:
代码语言:javascript复制version: '2'
services:
elasticsearch:
image: elasticsearch
# command: elasticsearch
ports:
- "9200:9200" # REST API端口
- "9300:9300" # RPC端口
logstash:
image: logstash
command: logstash -f /etc/logstash/conf.d/logstash.conf
volumes:
- ./config:/etc/logstash/conf.d
- /opt/build:/opt/build
ports:
- "5000:5000"
kibana:
image: kibana
environment:
- ELASTICSEARCH_URL=http://elasticsearch:9200
ports:
- "5601:5601"logstash.conf 参考示例:
input {
file {
codec => json
path => "/opt/build/*.json"
}
}
filter {
grok {
match => { "message" => "%{TIMESTAMP_ISO8601:timestamp}s %{LOGLEVEL:severity}s [%{DATA:service},%{DATA:trace},%{DATA:span},%{DATA:exportable}]s %{DATA:pid}---s [%{DATA:thread}]s %{DATA:class}s :s %{GREEDYDATA:rest}" }
}
}
output {
elasticsearch {
hosts => "elasticsearch:9200"
}
}参考文档
https://docs.docker.com/compose/samples-for-compose/#samples-tailored-to-demo-compose
