dmsergeev/docker-compose.yml Secret

## docker-compose.yml
version: '2.2'
services:
  es01:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
    container_name: es01
    environment:
      - node.name=es01
      - cluster.name=es-docker-cluster
      - discovery.seed_hosts=es02,es03
      - cluster.initial_master_nodes=es01,es02,es03
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - data01:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
    networks:
      - elastic

  es02:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
    container_name: es02
    environment:
      - node.name=es02
      - cluster.name=es-docker-cluster
      - discovery.seed_hosts=es01
      - cluster.initial_master_nodes=es01,es02
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - data02:/usr/share/elasticsearch/data
    ports:
      - 9201:9201
    networks:
      - elastic

  kib01:
    image: docker.elastic.co/kibana/kibana:7.9.1
    container_name: kib01
    ports:
      - 5601:5601
    environment:
      ELASTICSEARCH_URL: http://es01:9200
      ELASTICSEARCH_HOSTS: http://es01:9200
    networks:
      - elastic

  packetbeat:
    image: docker.elastic.co/beats/packetbeat:7.9.2
    container_name: packetbeat
    # Packetbeat needs some elevated privileges to capture network traffic.
    # We'll grant them with POSIX capabilities.
    cap_add: ['NET_RAW', 'NET_ADMIN']
    # Use "host mode" networking to allow Packetbeat to capture traffic from
    # the real network interface on the host, rather than being isolated to the
    # container's virtual interface.
    network_mode: host
    # Since we did that, Packetbeat is not part of the "stack" Docker network
    # that the other containers are connected to, and thus can't resolve the
    # hostname "elasticsearch". Instead, we'll tell it to find Elasticsearch
    # on "localhost", which is the Docker host machine in this context.
    command: -e -E 'output.elasticsearch.hosts=["localhost:9200"]'
    command: --strict.perms=false -e -E output.elasticsearch.hosts="http://localhost:9200" # -e flag to log to stderr and disable syslog/file output
    volumes:
      - './packetbeat.yml:/usr/share/packetbeat/packetbeat.yml:ro'

volumes:
  data01:
    driver: local
  data02:
    driver: local
  data03:
    driver: local

networks:
  elastic:
    driver: bridge

## packetbeat.yml
packetbeat.interfaces.device: any
packetbeat.interfaces.snaplen: 1514
packetbeat.interfaces.type: pcap
packetbeat.interfaces.buffer_size_mb: 100

packetbeat.protocols.http:
  ports: [9200]

logging.metrics.enabled: false
	version: '2.2'
	services:
	es01:
	image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
	container_name: es01
	environment:
	- node.name=es01
	- cluster.name=es-docker-cluster
	- discovery.seed_hosts=es02,es03
	- cluster.initial_master_nodes=es01,es02,es03
	- bootstrap.memory_lock=true
	- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
	ulimits:
	memlock:
	soft: -1
	hard: -1
	volumes:
	- data01:/usr/share/elasticsearch/data
	ports:
	- 9200:9200
	networks:
	- elastic

	es02:
	image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
	container_name: es02
	environment:
	- node.name=es02
	- cluster.name=es-docker-cluster
	- discovery.seed_hosts=es01
	- cluster.initial_master_nodes=es01,es02
	- bootstrap.memory_lock=true
	- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
	ulimits:
	memlock:
	soft: -1
	hard: -1
	volumes:
	- data02:/usr/share/elasticsearch/data
	ports:
	- 9201:9201
	networks:
	- elastic

	kib01:
	image: docker.elastic.co/kibana/kibana:7.9.1
	container_name: kib01
	ports:
	- 5601:5601
	environment:
	ELASTICSEARCH_URL: http://es01:9200
	ELASTICSEARCH_HOSTS: http://es01:9200
	networks:
	- elastic

	packetbeat:
	image: docker.elastic.co/beats/packetbeat:7.9.2
	container_name: packetbeat
	# Packetbeat needs some elevated privileges to capture network traffic.
	# We'll grant them with POSIX capabilities.
	cap_add: ['NET_RAW', 'NET_ADMIN']
	# Use "host mode" networking to allow Packetbeat to capture traffic from
	# the real network interface on the host, rather than being isolated to the
	# container's virtual interface.
	network_mode: host
	# Since we did that, Packetbeat is not part of the "stack" Docker network
	# that the other containers are connected to, and thus can't resolve the
	# hostname "elasticsearch". Instead, we'll tell it to find Elasticsearch
	# on "localhost", which is the Docker host machine in this context.
	command: -e -E 'output.elasticsearch.hosts=["localhost:9200"]'
	command: --strict.perms=false -e -E output.elasticsearch.hosts="http://localhost:9200" # -e flag to log to stderr and disable syslog/file output
	volumes:
	- './packetbeat.yml:/usr/share/packetbeat/packetbeat.yml:ro'

	volumes:
	data01:
	driver: local
	data02:
	driver: local
	data03:
	driver: local

	networks:
	elastic:
	driver: bridge
	packetbeat.interfaces.device: any
	packetbeat.interfaces.snaplen: 1514
	packetbeat.interfaces.type: pcap
	packetbeat.interfaces.buffer_size_mb: 100

	packetbeat.protocols.http:
	ports: [9200]

	logging.metrics.enabled: false