docker-compose部署graylog

发表于 | 分类于 | | 阅读次数:
字数统计: 422 | 阅读时长 ≈ 2

简介

开源的完整日志管理工具,功能和ELK类似,但比ELK简单。

包括以下四个组件:

  • mongodb
  • elasticsearch
  • graylog-server
  • graylog-web

生产环境部署方案
arch

docker-compose.yaml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
version: '3'

services:
  # MongoDB: https://hub.docker.com/_/mongo/
  mongo:
    image: mongo:4.2
    container_name: graylog_mongo
    volumes:
      - mongo_data:/data/db
    networks:
      - graylog
  # Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
    container_name: graylog_elasticsearch
    volumes:
      - es_data:/usr/share/elasticsearch/data
    environment:
      - http.host=0.0.0.0
      - transport.host=localhost
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    deploy:
      resources:
        limits:
          memory: 1g
    networks:
      - graylog
  # Graylog: https://hub.docker.com/r/graylog/graylog/
  graylog:
    image: graylog/graylog:4.0
    container_name: graylog
    volumes:
      - graylog_data:/usr/share/graylog/data
      # Mount local configuration directory into Docker container
      - ./config:/usr/share/graylog/data/config
      - ./plugin:/usr/share/graylog/data/plugin
    # environment:
    #   # CHANGE ME (must be at least 16 characters)!
    #   - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
    #   # Password: admin
    #   - GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
    #   - GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:9000/

    entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 --  /docker-entrypoint.sh
    networks:
      - graylog
    restart: always
    depends_on:
      - mongo
      - elasticsearch
    ports:
      # Graylog web interface and REST API
      - 9000:9000
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp
      # 测试数据写入端口
      - 5555:5555
# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/
volumes:
  mongo_data:
    driver: local
  es_data:
    driver: local
  graylog_data:
    driver: local
networks:
  graylog:
    driver: bridge

目录结构

1
2
3
4
5
6
7
8
9
10
11
12
.
├── README.md
├── config
│   ├── graylog.conf
│   ├── log4j2.xml
│   └── node-id
├── data
├── docker-compose.yml
└── plugin
    └── graylog-integrations-plugins-4.0.3
        └── plugin
            └── graylog-plugin-integrations-4.0.3.jar
  • config 目录存放自定义配置文件
  • plugin 目录存放插件文件

自定义配置文件

1
2
3
4
mkdir config
cd config
wget https://raw.githubusercontent.com/Graylog2/graylog-docker/4.0/config/graylog.conf
wget https://raw.githubusercontent.com/Graylog2/graylog-docker/4.0/config/log4j2.xml

插件安装

1
2
3
4
mkdir plugin
cd plugin
wget https://downloads.graylog.org/releases/graylog-integrations/graylog-integrations-plugins-4.0.3.tgz
tar -xvzf graylog-integrations-plugins-4.0.3.tgz graylog-integrations-plugins-4.0.3/plugin/graylog-plugin-integrations-4.0.3.jar

参考资料

graylog installation docker

坚持原创技术分享,您的支持将鼓励我继续创作!