-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yaml
117 lines (112 loc) · 3.77 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: elk
services:
setup:
container_name: setup
image: docker.elastic.co/elasticsearch/elasticsearch:$STACK_VERSION
user: "0"
env_file:
- .env
volumes:
- ./setup/script.sh:/usr/share/elasticsearch/script.sh
- ./setup/instances.yml:/usr/share/elasticsearch/config/certs/instances.yml
- certs:/usr/share/elasticsearch/config/certs
command: sh script.sh
healthcheck:
test: [ "CMD-SHELL", "[ -f config/certs/ca.zip ] && [ -f config/certs/certs.zip ]" ]
interval: 2s
timeout: 100ms
retries: 50
start_period: 0s
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:$STACK_VERSION
container_name: elasticsearch
depends_on:
setup:
condition: service_healthy
volumes:
- certs:/usr/share/elasticsearch/config/certs
- elastic-data:/usr/share/elasticsearch/data
ports:
- 9200:9200
environment:
node.name: dev-node
cluster.name: dev-cluster
discovery.type: single-node
ELASTIC_PASSWORD: $ELASTIC_PASSWORD
bootstrap.memory_lock: true # perf: allow memory locking to prevent memory swaping
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.key: certs/elasticsearch/elasticsearch.key
xpack.security.http.ssl.certificate: certs/elasticsearch/elasticsearch.crt
xpack.security.http.ssl.certificate_authorities: certs/ca/ca.crt
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.key: certs/elasticsearch/elasticsearch.key
xpack.security.transport.ssl.certificate: certs/elasticsearch/elasticsearch.crt
xpack.security.transport.ssl.certificate_authorities: certs/ca/ca.crt
xpack.security.transport.ssl.verification_mode: certificate
xpack.license.self_generated.type: basic
xpack.ml.use_auto_machine_memory_percent: true
mem_limit: 1G
ulimits:
# perf: allow unlimited memlock for optimal performance preventing elasticsearch from swaping memory as possible
memlock:
soft: -1
hard: -1
healthcheck:
test: [ "CMD-SHELL", "nc -z localhost 9200 || exit 1" ]
interval: 5s
timeout: 1s
retries: 5
start_period: 20s
kibana:
image: docker.elastic.co/kibana/kibana:$STACK_VERSION
container_name: kibana
depends_on:
elasticsearch:
condition: service_healthy
volumes:
- certs:/usr/share/kibana/config/certs
- kibana-data:/usr/share/kibana/data
ports:
- 5601:5601
environment:
SERVERNAME: kibana
ELASTICSEARCH_HOSTS: https://elasticsearch:9200
ELASTICSEARCH_USERNAME: kibana_system
ELASTICSEARCH_PASSWORD: $KIBANA_PASSWORD
ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES: config/certs/ca/ca.crt
mem_limit: 1G
healthcheck:
test: [ "CMD-SHELL", "curl -s http://localhost:5601 > /dev/null || exit 1" ]
interval: 5s
timeout: 3s
retries: 10
start_period: 20s
logstash:
image: docker.elastic.co/logstash/logstash:$STACK_VERSION
container_name: logstash
depends_on:
elasticsearch:
condition: service_healthy
volumes:
- ./logstash/logstash.conf:/usr/share/logstash/pipeline/logstash.conf
- certs:/usr/share/logstash/config/certs
- ./app/logs:/usr/share/logstash/logs/my-app
- logstash-data:/usr/share/logstash/data
user: "0"
environment:
HTTP_HOST: logstash
HTTP_PORT: 9600
XPACK_MONITORING_ENABLED: false
XPACK_MONITORING_ELASTICSEARCH_HOSTS: https://elasticsearch:9200,http://elasticsearch:9200
ELASTIC_PASSWORD: $ELASTIC_PASSWORD
app:
container_name: app
build: ./app
volumes:
- ./app:/app
volumes:
certs: {}
elastic-data: {}
kibana-data: {}
logstash-data: {}