一、安装ui
1. -- 中文docker网页管理( https://www.dockernb.com/ )
(1)docker run -d --name ui --restart always -p 16001:8081 -v /var/run/docker.sock:/var/run/docker.sock wangbinxingkong/fast
(2)用户初始账号/密码:admin/888888
2. -- 油猴脚本,把@match后面的127.0.0.1:16001改成实际ip:端口。自动登录,删除页头、页尾。
// ==UserScript==
// @name New Userscript
// @namespace http://tampermonkey.net/
// @version 0.1
// @description try to take over the world!
// @author You
// @match http://127.0.0.1:16001/pc/
// @grant none
// ==/UserScript==
(function() {
'use strict';
// Your code here...
document.querySelector("#app > section > section > header").remove()
document.querySelector("#app > section > section > main > div.footer > p").remove()
setTimeout(function(){
let name = document.querySelector("#app > section > section > main > div.main.clearfix > div > div > div > p:nth-child(3) > input[type=text]")
let pass = document.querySelector("#app > section > section > main > div.main.clearfix > div > div > div > p:nth-child(5) > input[type=password]")
let login = document.querySelector("#app > section > section > main > div.main.clearfix > div > div > div > p.submit > button")
if(name && pass){
name.value = "admin"
name.dispatchEvent(new Event('input'))
pass.value = "888888"
pass.dispatchEvent(new Event('input'))
login.click()
}
}, 700);
})();
二、安装efk
1. -- 运行
(1)docker run -itd --name efk-e -p 16021:9200 -e ES_JAVA_OPTS="-Xms128m -Xmx128m" -e discovery.type=single-node --restart always docker.elastic.co/elasticsearch/elasticsearch:6.8.9
(2)docker run -itd --name efk-k -p 16002:5601 -e I18N_LOCALE=zh-CN -e ELASTICSEARCH_URL=http://192.168.15.135:16021 --restart always docker.elastic.co/kibana/kibana:6.8.9
(3)docker run -itd --name efk-f --network host -v /a_soft/efk/fluentd/conf:/fluentd/etc --restart always fluent/fluentd:v1.3.2-debian-1.0
// 不能用7.10.x版本,因为es版本低,会拿不到模板
(4)docker run -itd --name efk-fb -v /a_soft/efk/filebeat/conf/filebeat.yml:/usr/share/filebeat/filebeat.yml -v /log:/log --user root --privileged=true --restart always store/elastic/filebeat:7.4.1
2. -- 端口
elasticsearch: 9200(对外接口) 9300(集群通讯)
kibana:5601(对外接口)
fluentd: 8888 8889 24224
3. -- 配置文件
#(1)filebeat.yml
#=========================== Filebeat inputs =============================
filebeat.inputs:
- type: log
enabled: true
encoding: utf-8
paths:
- /log/a1.txt
fields:
type: test-err
- type: log
enabled: true
encoding: utf-8
paths:
- /log/*/test*.log
fields:
type: test-info
#=========================== Template =============================
setup.template.name: test
setup.template.pattern: test-*
#=========================== Elasticsearch output =============================
output.elasticsearch:
hosts: ["192.168.15.135:36021"]
index: "test-default-%{+yyyy.MM.dd}"
indices:
- index: "test-err-%{+yyyy.MM.dd}"
when.equals:
fields.type: "test-err"
- index: "test-info-%{+yyyy.MM.dd}"
when.equals:
fields.type: "test-info"
# protocol: "https"
# username: "elastic"
# password: "changeme"
# (2)fluent.conf // 要输出至es,还需安装插件
<source>
@type forward
port 24224
bind 0.0.0.0
</source>
<match *.**>
@type copy
<store>
@type elasticsearch
host 192.168.15.135
port 9200
logstash_format true
logstash_prefix fluentd
logstash_dateformat %Y.%m.%d
include_tag_key true
type_name access_log
tag_key @log_name
flush_interval 1s
</store>
<store>
@type stdout
</store>
</match>