elkelasticsearchlogstashkibanaloggingobservabilitysearchdevops
ELK Stack
The classic ELK (Elasticsearch, Logstash, Kibana) stack for centralized logging and observability. Elasticsearch 8.16 runs in single-node discovery mode with configurable JVM heap, file descriptor ulimits, and vm.max_map_count sysctl for production readiness. Logstash ingests logs via its pipeline configuration volume, transforms them, and indexes into Elasticsearch. Kibana provides the visualization layer with dashboards, search, and alerting capabilities connected to the Elasticsearch cluster. All three services share a dedicated elastic network and persist data through named volumes, with health checks ensuring proper startup sequencing.
Enthaltene Services
elasticsearch
docker.elastic.co/elasticsearch/elasticsearch:8.16.1
Ports: 9200:9200, 9300:9300
Volumes: 1 mount
Env vars: 9
healthcheck
Umgebungsvariablen:
discovery.type=single-node
cluster.name=${ES_CLUSTER_NAME:-elk-cluster}
node.name=${ES_NODE_NAME:-es-node-1}
ES_JAVA_OPTS=${ES_JAVA_OPTS:--Xms1g -Xmx1g}
xpack.security.enabled=${XPACK_SECURITY_ENABLED:-false}
xpack.security.enrollment.enabled=false
xpack.license.self_generated.type=${ES_LICENSE:-basic}
ELASTIC_PASSWORD=${ELASTIC_PASSWORD:-changeme}
bootstrap.memory_lock=true
logstash
docker.elastic.co/logstash/logstash:8.16.1
Ports: 5044:5044, 5000:5000/tcp, 5000:5000/udp, 9600:9600
Volumes: 2 mounts
Env vars: 4
healthcheck
Umgebungsvariablen:
LS_JAVA_OPTS=${LS_JAVA_OPTS:--Xms512m -Xmx512m}
ELASTICSEARCH_HOSTS=http://elasticsearch:9200
ELASTIC_PASSWORD=${ELASTIC_PASSWORD:-changeme}
MONITORING_ENABLED=${LS_MONITORING_ENABLED:-false}
kibana
docker.elastic.co/kibana/kibana:8.16.1
Ports: 5601:5601
Volumes: 1 mount
Env vars: 7
healthcheck
Umgebungsvariablen:
ELASTICSEARCH_HOSTS=${ELASTICSEARCH_HOSTS:-http://elasticsearch:9200}
ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME:-kibana_system}
ELASTICSEARCH_PASSWORD=${ELASTIC_PASSWORD:-changeme}
SERVER_NAME=${KIBANA_SERVER_NAME:-kibana}
SERVER_HOST=0.0.0.0
xpack.security.enabled=${XPACK_SECURITY_ENABLED:-false}
TELEMETRY_ENABLED=false
Generiertes YAML
# Generated by ComposeHub (composehub.dev)
name: elk-stack
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.16.1
restart: unless-stopped
ports:
- 9200:9200
- 9300:9300
volumes:
- elasticsearch_data:/usr/share/elasticsearch/data
environment:
discovery.type: single-node
cluster.name: ${ES_CLUSTER_NAME:-elk-cluster}
node.name: ${ES_NODE_NAME:-es-node-1}
ES_JAVA_OPTS: ${ES_JAVA_OPTS:--Xms1g -Xmx1g}
xpack.security.enabled: ${XPACK_SECURITY_ENABLED:-false}
xpack.security.enrollment.enabled: "false"
xpack.license.self_generated.type: ${ES_LICENSE:-basic}
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-changeme}
bootstrap.memory_lock: "true"
networks:
- elastic
healthcheck:
test:
- CMD-SHELL
- curl -f http://localhost:9200/_cluster/health?wait_for_status=yellow&timeout=5s || exit 1
interval: 30s
timeout: 10s
retries: 10
start_period: 60s
deploy:
resources:
limits:
cpus: "2.00"
memory: 2048M
reservations:
cpus: "0.50"
memory: 1024M
labels:
com.composeforge.description: Elasticsearch 8.16 search and analytics engine
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
logstash:
image: docker.elastic.co/logstash/logstash:8.16.1
restart: unless-stopped
ports:
- 5044:5044
- 5000:5000/tcp
- 5000:5000/udp
- 9600:9600
volumes:
- logstash_pipeline:/usr/share/logstash/pipeline
- logstash_config:/usr/share/logstash/config
environment:
LS_JAVA_OPTS: ${LS_JAVA_OPTS:--Xms512m -Xmx512m}
ELASTICSEARCH_HOSTS: http://elasticsearch:9200
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-changeme}
MONITORING_ENABLED: ${LS_MONITORING_ENABLED:-false}
networks:
- elastic
depends_on:
elasticsearch:
condition: service_healthy
healthcheck:
test:
- CMD-SHELL
- curl -f http://localhost:9600/_node/stats || exit 1
interval: 30s
timeout: 10s
retries: 5
start_period: 60s
deploy:
resources:
limits:
cpus: "1.00"
memory: 1024M
reservations:
cpus: "0.25"
memory: 512M
labels:
com.composeforge.description: Logstash log ingestion and transformation pipeline
kibana:
image: docker.elastic.co/kibana/kibana:8.16.1
restart: unless-stopped
ports:
- 5601:5601
volumes:
- kibana_config:/usr/share/kibana/config
environment:
ELASTICSEARCH_HOSTS: ${ELASTICSEARCH_HOSTS:-http://elasticsearch:9200}
ELASTICSEARCH_USERNAME: ${ELASTICSEARCH_USERNAME:-kibana_system}
ELASTICSEARCH_PASSWORD: ${ELASTIC_PASSWORD:-changeme}
SERVER_NAME: ${KIBANA_SERVER_NAME:-kibana}
SERVER_HOST: 0.0.0.0
xpack.security.enabled: ${XPACK_SECURITY_ENABLED:-false}
TELEMETRY_ENABLED: "false"
networks:
- elastic
depends_on:
elasticsearch:
condition: service_healthy
healthcheck:
test:
- CMD-SHELL
- curl -f http://localhost:5601/api/status || exit 1
interval: 30s
timeout: 10s
retries: 10
start_period: 90s
deploy:
resources:
limits:
cpus: "1.00"
memory: 1024M
reservations:
cpus: "0.25"
memory: 512M
labels:
com.composeforge.description: Kibana visualization and dashboarding for Elasticsearch
networks:
elastic:
driver: bridge
volumes:
elasticsearch_data:
driver: local
logstash_pipeline:
driver: local
logstash_config:
driver: local
kibana_config:
driver: local
Kurzinfo
- Services
- 3
- Netzwerke
- 1
- Volumes
- 4
Wann verwenden
Dieses Template ist ideal für die Einrichtung einer elk stack Umgebung. Alle Services sind mit Healthchecks, Ressourcenlimits und sinnvollen Standardwerten vorkonfiguriert. Passen Sie die Umgebungsvariablen an, bevor Sie in Produktion gehen.
Tipps
- Ändern Sie alle Standardpasswörter vor dem Deployment
- Überprüfen Sie die Ressourcenlimits für Ihre Hardware
- Fügen Sie einen Reverse Proxy für HTTPS in Produktion hinzu
- Konfigurieren Sie Backup-Strategien für Daten-Volumes