Elasticsearch + Kibana 5.0のDockerImage
ここ最近、会社のログ収集基盤周りばかりと向き合っているので、 上記エントリを参考に手元のKitematicで5.0-betaを起動するところまでの記録です。
環境: MacOS El Capitan 10.11.6, VirtualBox 5.0.16, Docker Kitematic 0.10.0, boot2docker 1.10.3
エントリ通り、以下のdocker-compose.ymlを用意。
---
version: '2'
services:
kibana:
image: docker.elastic.co/kibana/kibana
links:
- elasticsearch
ports:
- 5601:5601
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch
cap_add:
- IPC_LOCK
volumes:
- esdata1:/usr/share/elasticsearch/data
ports:
- 9200:9200
environment:
- -Xms2g
- -Xmx2g
volumes:
esdata1:
driver: local
できたら、コマンド一発で起動するはずが、Elasticsearch側コンテナでエラー
% docker-compose up ・・・ elasticsearch_1 | max virtual memory areas vm.max_map_count [65530] likely too low, increase to at least [262144] elasticsearch_1 | [2016-09-24T13:34:47,265][INFO ][o.e.n.Node ] [RaJ4T2F] stopping ... elasticsearch_1 | [2016-09-24T13:34:47,343][INFO ][o.e.n.Node ] [RaJ4T2F] stopped elasticsearch_1 | [2016-09-24T13:34:47,344][INFO ][o.e.n.Node ] [RaJ4T2F] closing ... elasticsearch_1 | [2016-09-24T13:34:47,383][INFO ][o.e.n.Node ] [RaJ4T2F] closed ・・・
docker-machineのカーネルパラメータを変更する必要があります。(https://github.com/elastic/elasticsearch-docker)
docker-machine ssh sudo sysctl -w vm.max_map_count=262144
デフォルト設定としたいなら、/etc/sysctl.confに書いときます。
再度起動コマンドを実行。
% docker-compose up
・・・
elasticsearch_1 | [2016-09-24T14:05:07,637][WARN ][o.e.d.s.g.GroovyScriptEngineService] [groovy] scripts are deprecated, use [painless] scripts instead
・・・
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:elasticsearch@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Kibana index ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."}
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","ui settings","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch plugin is red"}
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["license","info","xpack"],"pid":6,"message":"Imported license information from Elasticsearch: mode: trial | status: active | expiry date: 2016-10-23T17:22:33+00:00"}
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:xpack_main@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."}
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:graph@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."}
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:reporting@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."}
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:security@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."}
kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:monitoring@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the Monitoring indices"}
・・・
groovyはdeprecatedで、painlessを使っていきましょうよというメッセージが。
先日のElastic社のブログで触れられていたPainlessというElasticsearch組み込みスクリプトのこと。
あとは、上記起動メッセージから、5.0から標準内臓のX-Packプラギンがロードされていることが確認できます。
ともかく正常に起動できてそうなので、http://192.168.99.100:5601にアクセス(192.168.99.100はdocker-machineのipアドレス)
すると、Shieldの認証フォームが。デフォルトの認証情報でログインします。
おお、なんかKibana4までしか触ったことがないとちょっと感動するくらい様変わりしたUIだ。。
せっかくなので、Painless書いてみるかと思っているところ。
