-
Notifications
You must be signed in to change notification settings - Fork 11
Expand file tree
/
Copy pathdocker-compose-singlenode.yml
More file actions
103 lines (99 loc) · 3.11 KB
/
docker-compose-singlenode.yml
File metadata and controls
103 lines (99 loc) · 3.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
version: '3.5'
services:
syslog-ng:
container_name: syslog01
restart: always
env_file: .env
build:
context: ./
dockerfile: ./syslog-ng/syslog.dockerfile
args:
- SYSLOG_VERSION=${SYSLOG_VERSION}
- TIMEZONE=${TIMEZONE}
ports:
- "514:514/udp"
- "514:514/tcp"
labels:
Service name: "Syslog Log Collector"
networks:
- syslog
volumes:
- ${SYSLOG_CONF_DIR}:/etc/syslog-ng/:z
- certs:/etc/syslog-ng/certs/:z
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION}
container_name: es01
env_file: .env
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- discovery.type=single-node
- bootstrap.memory_lock=true
- xpack.security.enabled=true
- xpack.license.self_generated.type=basic
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=$CERTS_DIR/es01/es01.key
- xpack.security.http.ssl.certificate_authorities=$CERTS_DIR/ca/ca.crt
- xpack.security.http.ssl.certificate=$CERTS_DIR/es01/es01.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.certificate_authorities=$CERTS_DIR/ca/ca.crt
- xpack.security.transport.ssl.certificate=$CERTS_DIR/es01/es01.crt
- xpack.security.transport.ssl.key=$CERTS_DIR/es01/es01.key
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- data01:/usr/share/elasticsearch/data:z
- certs:$CERTS_DIR:z
#- "/etc/timezone:/etc/timezone:ro"
#- "/etc/localtime:/etc/localtime:ro"
ports:
- 9200:9200
networks:
- elastic
- syslog
healthcheck:
test: curl --cacert $CERTS_DIR/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
interval: 30s
timeout: 10s
retries: 5
kib01:
image: docker.elastic.co/kibana/kibana:${ELASTIC_VERSION}
container_name: kib01
restart: always
env_file: .env
depends_on:
- es01
ports:
- 5601:5601
environment:
SERVERNAME: localhost
ELASTICSEARCH_URL: https://es01:9200
ELASTICSEARCH_HOSTS: https://es01:9200
ELASTICSEARCH_USERNAME: ${ELASTICSEARCH_USERNAME}
ELASTICSEARCH_PASSWORD: ${ELASTICSEARCH_PASSWORD}
xpack.encryptedSavedObjects.encryptionKey: ${ENCRYPTION_KEY}
ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES: $CERTS_DIR/ca/ca.crt
SERVER_SSL_ENABLED: "true"
SERVER_SSL_KEY: $CERTS_DIR/kib01/kib01.key
SERVER_SSL_CERTIFICATE: $CERTS_DIR/kib01/kib01.crt
networks:
- elastic
volumes:
- certs:$CERTS_DIR:z
- ./kibana/kibana.yml:/usr/share/kibana/config/kibana.yml:z
#- "/etc/timezone:/etc/timezone:ro"
#- "/etc/localtime:/etc/localtime:ro"
volumes:
data01:
driver: local
certs:
driver: local
networks:
elastic:
driver: bridge
syslog:
driver: bridge