Elasticsearch + Kibana 5.0のDockerImage
ここ最近、会社のログ収集基盤周りばかりと向き合っているので、 上記エントリを参考に手元のKitematicで5.0-betaを起動するところまでの記録です。
環境: MacOS El Capitan 10.11.6, VirtualBox 5.0.16, Docker Kitematic 0.10.0, boot2docker 1.10.3
エントリ通り、以下のdocker-compose.ymlを用意。
--- version: '2' services: kibana: image: docker.elastic.co/kibana/kibana links: - elasticsearch ports: - 5601:5601 elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch cap_add: - IPC_LOCK volumes: - esdata1:/usr/share/elasticsearch/data ports: - 9200:9200 environment: - -Xms2g - -Xmx2g volumes: esdata1: driver: local
できたら、コマンド一発で起動するはずが、Elasticsearch側コンテナでエラー
% docker-compose up ・・・ elasticsearch_1 | max virtual memory areas vm.max_map_count [65530] likely too low, increase to at least [262144] elasticsearch_1 | [2016-09-24T13:34:47,265][INFO ][o.e.n.Node ] [RaJ4T2F] stopping ... elasticsearch_1 | [2016-09-24T13:34:47,343][INFO ][o.e.n.Node ] [RaJ4T2F] stopped elasticsearch_1 | [2016-09-24T13:34:47,344][INFO ][o.e.n.Node ] [RaJ4T2F] closing ... elasticsearch_1 | [2016-09-24T13:34:47,383][INFO ][o.e.n.Node ] [RaJ4T2F] closed ・・・
docker-machineのカーネルパラメータを変更する必要があります。(https://github.com/elastic/elasticsearch-docker)
docker-machine ssh sudo sysctl -w vm.max_map_count=262144
デフォルト設定としたいなら、/etc/sysctl.conf
に書いときます。
再度起動コマンドを実行。
% docker-compose up ・・・ elasticsearch_1 | [2016-09-24T14:05:07,637][WARN ][o.e.d.s.g.GroovyScriptEngineService] [groovy] scripts are deprecated, use [painless] scripts instead ・・・ kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:elasticsearch@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Kibana index ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."} kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","ui settings","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch plugin is red"} kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["license","info","xpack"],"pid":6,"message":"Imported license information from Elasticsearch: mode: trial | status: active | expiry date: 2016-10-23T17:22:33+00:00"} kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:xpack_main@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."} kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:graph@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."} kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:reporting@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."} kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:security@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the kibana index."} kibana_1 | {"type":"log","@timestamp":"2016-09-24T14:05:21Z","tags":["status","plugin:monitoring@5.0.0-beta1","info"],"pid":6,"state":"green","message":"Status changed from red to green - Ready","prevState":"red","prevMsg":"Elasticsearch is still initializing the Monitoring indices"} ・・・
groovyはdeprecatedで、painlessを使っていきましょうよというメッセージが。
先日のElastic社のブログで触れられていたPainlessというElasticsearch組み込みスクリプトのこと。
あとは、上記起動メッセージから、5.0から標準内臓のX-Packプラギンがロードされていることが確認できます。
ともかく正常に起動できてそうなので、http://192.168.99.100:5601
にアクセス(192.168.99.100はdocker-machineのipアドレス)
すると、Shieldの認証フォームが。デフォルトの認証情報でログインします。
おお、なんかKibana4までしか触ったことがないとちょっと感動するくらい様変わりしたUIだ。。
せっかくなので、Painless書いてみるかと思っているところ。