how to run elasticsearch and logstash with docker in CentOS7

created at 06-30-2021 views: 69

Install docker

The installation command is as follows: 

curl -fsSL | bash -s docker 

After the installation is successful, enter the docker -v command

Docker version 20.10.6, build 370c289

Or you can directly enter docker, and if an error (-bash: docker: command not found) is reported, the installation is fail, otherwise the installation is successful

systemctl status docker
 docker.service - Docker Application Container Engine

  Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)

  Active: inactive (dead)


Start docker

systemctl start docker

Configure docker image

Ubuntu 16.04+, Debian 8+, CentOS 7+

At present, the mainstream Linux distributions have used systemd for service management. Here is how to configure the mirror accelerator in the Linux distributions that use systemd.

Use Docker to pull the ElasticSearch image

docker pull elasticsearch:7.4.2

check image ID

docker images


[1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

[2]: the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured

1)  1st problem:

Edit /etc/sysctl.conf and append the following:


After saving, execute

sysctl -p

Restart es:

docker restart  [imageID]

2) 2nd error

Delete the previously created container first:

docker rm -f [containerID]

Add -e "discovery.type=single-node"

docker run -d -e ES_JAVA_POTS="-Xms256m -Xmx256m" -e"discovery.type=single-node" -p 9200:9200 -p 9300:9300 --name elasticsearch ***es image ID***

Continue to check the running logs:

docker logs  [imageID]

running logs

Verify that the run was successful

curl localhost:9200
  "name" : "28765a4c9e04",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "EUK5T7AmSAW-YvCwMU-W-w",
  "version" : {
    "number" : "7.4.2",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "2f90bbf7b93631e52bafb59b3b049cb44ec25e96",
    "build_date" : "2019-10-28T20:40:44.881551Z",
    "build_snapshot" : false,
    "lucene_version" : "8.2.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  "tagline" : "You Know, for Search"

this means the running of elasticsearch is successful.

Install “elasticsearch head” plug-in monitoring management for visual management

Pull mirror

docker pull tobias74/elasticsearch-head


docker run -d -p 9100:9100 image ID

check with IP address: 9100, 9100 is the default port of elasticsearch. 

check with IP at 9100 port

a cross-domain access denied issue here:


Enter the elasticsearch container and modify the configuration file elasticsearch.yml

docker ps -a # Get the id of running container "elasticsearch"

docker exec -it ******(container id) /bin/bash

cd ./config

Add in elasticsearch.yml:

http.cors.enabled: true

http.cors.allow-origin: "*"

Restart the elasticsearch container

docker restart [containerName]

Restart service

check logs are the same as above

docker logs [containerName]

when the running is successful, replace the IP address with localhost

replace the IP address with localhost

Run successfully now

created at:06-30-2021
edited at: 07-31-2021: