Created
November 18, 2018 07:05
-
-
Save michaelhyatt/a03582d1b30f62152ebe9817e72c2a6c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
version: '3.6' | |
services: | |
# The environment variable "TAG" is used throughout this file to | |
# specify the version of the images to run. The default is set in the | |
# '.env' file in this folder. It can be overridden with any normal | |
# technique for setting environment variables, for example: | |
# | |
# TAG=6.0.0-beta1 docker-compose up | |
# | |
# REF: https://docs.docker.com/compose/compose-file/#variable-substitution | |
# | |
# Also be sure to set the ELASTIC_VERSION variable. For released versions, | |
# ${TAG} and ${ELASTIC_VERSION} will be identical, but for pre-release | |
# versions, ${TAG} might contain an extra build identifier, like | |
# "6.0.0-beta1-3eab5b40", so a full invocation might look like: | |
# | |
# ELASTIC_VERSION=6.0.0-beta1 TAG=6.0.0-beta1-3eab5b40 docker-compose up | |
# | |
elasticsearch: | |
image: docker.elastic.co/elasticsearch/elasticsearch:${TAG} | |
container_name: elasticsearch | |
# secrets: | |
# - source: ca.crt | |
# target: /usr/share/elasticsearch/config/certs/ca/ca.crt | |
# - source: elasticsearch.yml | |
# target: /usr/share/elasticsearch/config/elasticsearch.yml | |
# - source: elasticsearch.keystore | |
# target: /usr/share/elasticsearch/config/elasticsearch.keystore | |
# - source: elasticsearch.key | |
# target: /usr/share/elasticsearch/config/certs/elasticsearch/elasticsearch.key | |
# - source: elasticsearch.crt | |
# target: /usr/share/elasticsearch/config/certs/elasticsearch/elasticsearch.crt | |
ports: ['9200:9200'] | |
networks: ['stack'] | |
# volumes: | |
# - 'es_data:/usr/share/elasticsearch/data' | |
# - './scripts/setup-users.sh:/usr/local/bin/setup-users.sh:ro' | |
# healthcheck: | |
# test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi | |
# interval: 30s | |
# timeout: 10s | |
# retries: 5 | |
kibana: | |
image: docker.elastic.co/kibana/kibana:${TAG} | |
container_name: kibana | |
# secrets: | |
# - source: kibana.yml | |
# target: /usr/share/kibana/config/kibana.yml | |
# - source: kibana.keystore | |
# target: /usr/share/kibana/data/kibana.keystore | |
# - source: ca.crt | |
# target: /usr/share/kibana/config/certs/ca/ca.crt | |
# - source: kibana.key | |
# target: /usr/share/kibana/config/certs/kibana/kibana.key | |
# - source: kibana.crt | |
# target: /usr/share/kibana/config/certs/kibana/kibana.crt | |
ports: ['5601:5601'] | |
networks: ['stack'] | |
depends_on: ['elasticsearch'] | |
# healthcheck: | |
# test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:5601 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi | |
# interval: 30s | |
# timeout: 10s | |
# retries: 5 | |
# logstash: | |
# image: docker.elastic.co/logstash/logstash:${TAG} | |
# container_name: logstash | |
# secrets: | |
# - source: logstash.conf | |
# target: /usr/share/logstash/pipeline/logstash.conf | |
# - source: logstash.yml | |
# target: /usr/share/logstash/config/logstash.yml | |
# - source: logstash.keystore | |
# target: /usr/share/logstash/config/logstash.keystore | |
# - source: ca.crt | |
# target: /usr/share/logstash/config/certs/ca/ca.crt | |
# networks: ['stack'] | |
# depends_on: ['elasticsearch'] | |
# healthcheck: | |
# test: bin/logstash -t | |
# interval: 60s | |
# timeout: 50s | |
# retries: 5 | |
# auditbeat: | |
# image: docker.elastic.co/beats/auditbeat:${TAG} | |
# container_name: auditbeat | |
# command: -e --strict.perms=false # -e flag to log to stderr and disable syslog/file output | |
# cap_add: ['AUDIT_CONTROL', 'AUDIT_READ'] | |
# secrets: | |
# - source: auditbeat.yml | |
# target: /usr/share/auditbeat/auditbeat.yml | |
# - source: auditbeat.keystore | |
# target: /usr/share/auditbeat/auditbeat.keystore | |
# - source: ca.crt | |
# target: /usr/share/auditbeat/certs/ca/ca.crt | |
# # Auditbeat must run in the main process namespace. | |
# pid: host | |
# volumes: | |
# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro' | |
# networks: ['stack'] | |
# depends_on: ['elasticsearch', 'kibana'] | |
# healthcheck: | |
# test: auditbeat --strict.perms=false test config | |
# interval: 30s | |
# timeout: 15s | |
# retries: 5 | |
# | |
# filebeat: | |
# image: docker.elastic.co/beats/filebeat:${TAG} | |
# container_name: filebeat | |
# command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output | |
# # If the host system has logs at "/var/log", mount them at "/mnt/log" | |
# # inside the container, where Filebeat can find them. | |
# # volumes: ['/var/log:/mnt/log:ro'] | |
# secrets: | |
# - source: filebeat.yml | |
# target: /usr/share/filebeat/filebeat.yml | |
# - source: filebeat.keystore | |
# target: /usr/share/filebeat/filebeat.keystore | |
# - source: ca.crt | |
# target: /usr/share/filebeat/certs/ca/ca.crt | |
# volumes: | |
# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro' | |
# networks: ['stack'] | |
# depends_on: ['elasticsearch', 'kibana'] | |
# healthcheck: | |
# test: filebeat test config | |
# interval: 30s | |
# timeout: 15s | |
# retries: 5 | |
# | |
# heartbeat: | |
# image: docker.elastic.co/beats/heartbeat:${TAG} | |
# container_name: heartbeat | |
# command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output | |
# secrets: | |
# - source: heartbeat.yml | |
# target: /usr/share/heartbeat/heartbeat.yml | |
# - source: heartbeat.keystore | |
# target: /usr/share/heartbeat/heartbeat.keystore | |
# - source: ca.crt | |
# target: /usr/share/heartbeat/certs/ca/ca.crt | |
# volumes: | |
# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro' | |
# networks: ['stack'] | |
# depends_on: ['elasticsearch', 'kibana'] | |
# healthcheck: | |
# test: heartbeat test config | |
# interval: 30s | |
# timeout: 15s | |
# retries: 5 | |
# | |
# metricbeat: | |
# image: docker.elastic.co/beats/metricbeat:${TAG} | |
# container_name: metricbeat | |
# # The commented sections below enable Metricbeat to monitor the Docker host, | |
# # rather than the Metricbeat container. It's problematic with Docker for | |
# # Windows, however, since "/proc", "/sys" etc. don't exist on Windows. | |
# # The same likely applies to OSX (needs testing). | |
# # volumes: | |
# # - /proc:/hostfs/proc:ro | |
# # - /sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro | |
# # - /:/hostfs:ro | |
# command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output | |
# secrets: | |
# - source: metricbeat.yml | |
# target: /usr/share/metricbeat/metricbeat.yml | |
# - source: metricbeat.keystore | |
# target: /usr/share/metricbeat/metricbeat.keystore | |
# - source: ca.crt | |
# target: /usr/share/metricbeat/certs/ca/ca.crt | |
# volumes: | |
# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro' | |
# networks: ['stack'] | |
# depends_on: ['elasticsearch', 'kibana'] | |
# healthcheck: | |
# test: metricbeat test config | |
# interval: 30s | |
# timeout: 15s | |
# retries: 5 | |
# | |
# packetbeat: | |
# image: docker.elastic.co/beats/packetbeat:${TAG} | |
# container_name: packetbeat | |
# # Packetbeat needs some elevated privileges to capture network traffic. | |
# # We'll grant them with POSIX capabilities. | |
# cap_add: ['NET_RAW', 'NET_ADMIN'] | |
# # Use "host mode" networking to allow Packetbeat to capture traffic from | |
# # the real network interface on the host, rather than being isolated to the | |
# # container's virtual interface. | |
# network_mode: host | |
# # Since we did that, Packetbeat is not part of the "stack" Docker network | |
# # that the other containers are connected to, and thus can't resolve the | |
# # hostname "elasticsearch". Instead, we'll tell it to find Elasticsearch | |
# # on "localhost", which is the Docker host machine in this context. | |
# command: -e -E 'output.elasticsearch.hosts=["localhost:9200"]' | |
# depends_on: ['elasticsearch'] | |
# command: --strict.perms=false -e -E output.elasticsearch.hosts="https://localhost:9200" # -e flag to log to stderr and disable syslog/file output | |
# secrets: | |
# - source: packetbeat.yml | |
# target: /usr/share/packetbeat/packetbeat.yml | |
# - source: packetbeat.keystore | |
# target: /usr/share/packetbeat/packetbeat.keystore | |
# - source: ca.crt | |
# target: /usr/share/packetbeat/certs/ca/ca.crt | |
# volumes: | |
# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro' | |
# depends_on: ['elasticsearch', 'kibana'] | |
# healthcheck: | |
# test: packetbeat test config | |
# interval: 30s | |
# timeout: 15s | |
# retries: 5 | |
apm-server: | |
image: docker.elastic.co/apm/apm-server:${TAG} | |
container_name: apm_server | |
ports: ['8200:8200'] | |
networks: ['stack'] | |
command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output | |
# secrets: | |
# - source: apm-server.yml | |
# target: /usr/share/apm-server/apm-server.yml | |
# - source: apm-server.keystore | |
# target: /usr/share/apm-server/apm-server.keystore | |
# - source: ca.crt | |
# target: /usr/share/apm-server/certs/ca/ca.crt | |
# volumes: | |
# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro' | |
depends_on: ['elasticsearch', 'kibana'] | |
# healthcheck: | |
# test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:8200/healthcheck >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi | |
# interval: 30s | |
# timeout: 10s | |
# retries: 5 | |
networks: {stack: {}} | |
# use docker volume to persist ES data outside of a container. | |
volumes: | |
es_data: | |
# secrets: | |
# ca.crt: | |
# file: ./config/ssl/ca/ca.crt | |
# logstash.yml: | |
# file: ./config/logstash/logstash.yml | |
# logstash.keystore: | |
# file: ./config/logstash/logstash.keystore | |
# logstash.conf: | |
# file: ./config/logstash/pipeline/logstash.conf | |
# elasticsearch.yml: | |
# file: ./config/elasticsearch/elasticsearch.yml | |
# elasticsearch.keystore: | |
# file: ./config/elasticsearch/elasticsearch.keystore | |
# elasticsearch.key: | |
# file: ./config/elasticsearch/elasticsearch.key | |
# elasticsearch.crt: | |
# file: ./config/elasticsearch/elasticsearch.crt | |
# elasticsearch.p12: | |
# file: ./config/elasticsearch/elasticsearch.p12 | |
# kibana.yml: | |
# file: ./config/kibana/kibana.yml | |
# kibana.keystore: | |
# file: ./config/kibana/kibana.keystore | |
# kibana.key: | |
# file: ./config/kibana/kibana.key | |
# kibana.crt: | |
# file: ./config/kibana/kibana.crt | |
# auditbeat.yml: | |
# file: ./config/auditbeat/auditbeat.yml | |
# auditbeat.keystore: | |
# file: ./config/auditbeat/auditbeat.keystore | |
# filebeat.yml: | |
# file: ./config/filebeat/filebeat.yml | |
# filebeat.keystore: | |
# file: ./config/filebeat/filebeat.keystore | |
# heartbeat.yml: | |
# file: ./config/heartbeat/heartbeat.yml | |
# heartbeat.keystore: | |
# file: ./config/heartbeat/heartbeat.keystore | |
# metricbeat.yml: | |
# file: ./config/metricbeat/metricbeat.yml | |
# metricbeat.keystore: | |
# file: ./config/metricbeat/metricbeat.keystore | |
# packetbeat.yml: | |
# file: ./config/packetbeat/packetbeat.yml | |
# packetbeat.keystore: | |
# file: ./config/packetbeat/packetbeat.keystore | |
# apm-server.yml: | |
# file: ./config/apm-server/apm-server.yml | |
# apm-server.keystore: | |
# file: ./config/apm-server/apm-server.keystore |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment