how to run elasticsearch and logstash with docker in CentOS7

Install docker

The installation command is as follows: 

curl -fsSL https://get.docker.com | bash -s docker 

After the installation is successful, enter the docker -v command

Docker version 20.10.6, build 370c289

Or you can directly enter docker, and if an error (-bash: docker: command not found) is reported, the installation is fail, otherwise the installation is successful

systemctl status docker

 docker.service - Docker Application Container Engine

  Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)

  Active: inactive (dead)

    Docs: https://docs.docker.com

Start docker¶

systemctl start docker

Configure docker image

Ubuntu 16.04+, Debian 8+, CentOS 7+

At present, the mainstream Linux distributions have used systemd for service management. Here is how to configure the mirror accelerator in the Linux distributions that use systemd.

Use Docker to pull the ElasticSearch image¶

docker pull elasticsearch:7.4.2

check image ID¶

docker images

Error:

[1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

[2]: the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured

1)  1st problem:

Edit /etc/sysctl.conf and append the following:

vm.max_map_count=655360

After saving, execute

sysctl -p

Restart es:

docker restart  [imageID]

2) 2nd error

Delete the previously created container first:

docker rm -f [containerID]

Add -e "discovery.type=single-node"

docker run -d -e ES_JAVA_POTS="-Xms256m -Xmx256m" -e"discovery.type=single-node" -p 9200:9200 -p 9300:9300 --name elasticsearch ***es image ID***

Continue to check the running logs:

docker logs  [imageID]

Verify that the run was successful¶

curl localhost:9200

{
  "name" : "28765a4c9e04",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "EUK5T7AmSAW-YvCwMU-W-w",
  "version" : {
    "number" : "7.4.2",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "2f90bbf7b93631e52bafb59b3b049cb44ec25e96",
    "build_date" : "2019-10-28T20:40:44.881551Z",
    "build_snapshot" : false,
    "lucene_version" : "8.2.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

this means the running of elasticsearch is successful.

Install “elasticsearch head” plug-in monitoring management for visual management¶

Pull mirror¶

docker pull tobias74/elasticsearch-head

run

docker run -d -p 9100:9100 image ID

check with IP address: 9100, 9100 is the default port of elasticsearch. 

a cross-domain access denied issue here:¶

Solution:

Enter the elasticsearch container and modify the configuration file elasticsearch.yml

docker ps -a # Get the id of running container "elasticsearch"

docker exec -it ******(container id) /bin/bash

cd ./config

Add in elasticsearch.yml:

http.cors.enabled: true

http.cors.allow-origin: "*"

Restart the elasticsearch container

docker restart [containerName]

Restart service

check logs are the same as above

docker logs [containerName]

when the running is successful, replace the IP address with localhost

Run successfully now