====== Elasticsearch ====== Getting started with the Elastic Stack and Docker Compose: [[https://www.elastic.co/blog/getting-started-with-the-elastic-stack-and-docker-compose|part 1]] ([[https://github.com/elkninja/elastic-stack-docker-part-one|git]]), [[https://www.elastic.co/blog/getting-started-with-the-elastic-stack-and-docker-compose-part-2|part 2]] ([[https://github.com/elkninja/elastic-stack-docker-part-two|git]]).\\ 🎞️ [[https://www.youtube.com/watch?v=HOmq3STxAKg|Install Elasticsearch + Kibana 8.x with TLS/SSL]]\\ ====== Fluentd ====== https://docs.fluentd.org/configuration\\ https://hub.docker.com/r/fluent/fluentd/ ====== Kibana ====== [[https://www.elastic.co/guide/en/kibana/current/docker.html|Install Kibana with Docker]]\\ Кибана настраиваСтся Ρ‡Π΅Ρ€Π΅Π· ΠΏΠ΅Ρ€Π΅ΠΌΠ΅Π½Π½Ρ‹Π΅ окруТСния соотвСтствСнно [[https://www.elastic.co/guide/en/kibana/current/settings.html|ΠΏΠ°Ρ€Π°ΠΌΠ΅Ρ‚Ρ€Π°ΠΌ Π² kibana.yml]], с ΠΊΠ°ΠΏΠΈΡ‚Π°Π»ΠΈΠ·Π°Ρ†ΠΈΠ΅ΠΉ ΠΈ Π·Π°ΠΌΠ΅Π½ΠΎΠΉ Ρ‚ΠΎΡ‡Π΅ΠΊ Π½Π° подчёркивания Π² ΠΏΠ°Ρ€Π°ΠΌΠ΅Ρ‚Ρ€Π°Ρ…: ^Environment Variable ^Kibana Setting ^ |SERVER_NAME |server.name | |SERVER_BASEPATH |server.basePath | |ELASTICSEARCH_HOSTS |elasticsearch.hosts | ΠΈ Ρ‚. Π΄. ===== HTTPS ===== # Π‘ΠΊΠΎΠ½Π²Π΅Ρ€Ρ‚ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ исходный сторонний .pfx Π² .crt/.key openssl pkcs12 -in /tmp/source.pfx -clcerts -nokeys -out /efk/certs/kibana.crt openssl pkcs12 -in /tmp/source.pfx -nocerts -nodes -out /efk/certs/kibana.key https://tipoit.kz/elk-install-kibana kibana: depends_on: es01: condition: service_healthy image: kibana:${STACK_VERSION} labels: co.elastic.logs/module: kibana volumes: - ./certs:/usr/share/kibana/config/certs - ./kibanadata:/usr/share/kibana/data - ./kibana.yml:/usr/share/kibana/config/kibana.yml:ro ports: - ${KIBANA_PORT}:5601 environment: - SERVERNAME=kibana - ELASTICSEARCH_HOSTS=https://es01:9200 - ELASTICSEARCH_USERNAME=kibana_system - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD} - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt - XPACK_SECURITY_ENCRYPTIONKEY=${ENCRYPTION_KEY} - XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY=${ENCRYPTION_KEY} - XPACK_REPORTING_ENCRYPTIONKEY=${ENCRYPTION_KEY} - XPACK_REPORTING_KIBANASERVER_HOSTNAME=localhost - SERVER_SSL_ENABLED=true - SERVER_SSL_CERTIFICATE=config/certs/kibana/kibana.crt - SERVER_SSL_KEY=config/certs/kibana/kibana.key - SERVER_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt mem_limit: ${KB_MEM_LIMIT} healthcheck: test: [ "CMD-SHELL", "curl -I -s --cacert config/certs/ca/ca.crt https://localhost:5601 | grep -q 'HTTP/1.1 302 Found'", ] interval: 10s timeout: 10s retries: 120 https://github.com/elkninja/elastic-stack-docker-part-two/blob/main/docker-compose.yml ===== ΠšΠΎΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΡ ===== Π­Ρ‚Π°ΠΏΡ‹ прохоТдСния Π»ΠΎΠ³ΠΎΠ² Π²ΠΎ Π€Π»ΡŽΠ΅Π½Ρ‚Π΅:\\ Source -> Format -> Output Для ΠΊΠ°ΠΆΠ΄ΠΎΠ³ΠΎ этапа Π΅ΡΡ‚ΡŒ свои ΠΏΠ»Π°Π³ΠΈΠ½Ρ‹, Ρ‚. Π΅., для сбора ΠΈΠ· Ρ€Π°Π·Π½Ρ‹Ρ… источников (Ρ„Π°ΠΉΠ»Ρ‹, systemd ΠΈ Ρ‚ .ΠΏ.), форматирования/дополнСния/тэгирования ΠΈ ΠΎΡ‚ΠΏΡ€Π°Π²ΠΊΠΈ Π² Ρ€Π°Π·Π½Ρ‹Π΅ систСмы (Π½Π°ΠΏΡ€ΠΈΠΌΠ΅Ρ€, Elasticsearch). ====== Π›ΠΈΡ‚Π΅Ρ€Π°Ρ‚ΡƒΡ€Π° ====== Docker logging: https://www.fluentd.org/guides/recipes/docker-logging\\ Как Π½Π°ΡΡ‚Ρ€ΠΎΠΈΡ‚ΡŒ Ρ†Π΅Π½Ρ‚Ρ€Π°Π»ΠΈΠ·ΠΎΠ²Π°Π½Π½ΠΎΠ΅ Π»ΠΎΠ³ΠΈΡ€ΠΎΠ²Π°Π½ΠΈΠ΅ для Docker Swarm с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ Fluentd: https://cloud.vk.com/docs/cases/cases-logs/case-swarm\\ Better Log Parsing with Fluentd: https://work.haufegroup.io/fluentd-log-parsing/\\ Docker Setup Monitoring: https://www.frederikbanke.com/docker-setup-monitoring/\\ Настройка Ρ†Π΅Π½Ρ‚Ρ€Π°Π»ΠΈΠ·ΠΎΠ²Π°Π½Π½ΠΎΠ³ΠΎ логирования Π² Docker с ΠΏΡ€ΠΈΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ΠΌ EFK Stack: https://daffin.ru/devops/docker/efk/\\ [[https://www.youtube.com/playlist?list=PLPatHYWw1RVuaGUCZoqEnoqkxLed2jr-u|Elasticsearch + Docker-compose]], Ρ‚Π°ΠΊΠΆΠ΅ см. вСсь ΠΊΠ°Π½Π°Π»\\