elkelasticsearchlogstashkibanaloggingobservabilitysearchdevops
ELK Stack
The classic ELK (Elasticsearch, Logstash, Kibana) stack for centralized logging and observability. Elasticsearch 8.16 runs in single-node discovery mode with configurable JVM heap, file descriptor ulimits, and vm.max_map_count sysctl for production readiness. Logstash ingests logs via its pipeline configuration volume, transforms them, and indexes into Elasticsearch. Kibana provides the visualization layer with dashboards, search, and alerting capabilities connected to the Elasticsearch cluster. All three services share a dedicated elastic network and persist data through named volumes, with health checks ensuring proper startup sequencing.
Services Inclus
elasticsearch
docker.elastic.co/elasticsearch/elasticsearch:8.16.1
Ports : 9200:9200, 9300:9300
volumes: 1 mount
Env vars: 9
healthcheck
Variables d'Environnement :
discovery.type=single-node
cluster.name=${ES_CLUSTER_NAME:-elk-cluster}
node.name=${ES_NODE_NAME:-es-node-1}
ES_JAVA_OPTS=${ES_JAVA_OPTS:--Xms1g -Xmx1g}
xpack.security.enabled=${XPACK_SECURITY_ENABLED:-false}
xpack.security.enrollment.enabled=false
xpack.license.self_generated.type=${ES_LICENSE:-basic}
ELASTIC_PASSWORD=${ELASTIC_PASSWORD:-changeme}
bootstrap.memory_lock=true
logstash
docker.elastic.co/logstash/logstash:8.16.1
Ports : 5044:5044, 5000:5000/tcp, 5000:5000/udp, 9600:9600
volumes: 2 mounts
Env vars: 4
healthcheck
Variables d'Environnement :
LS_JAVA_OPTS=${LS_JAVA_OPTS:--Xms512m -Xmx512m}
ELASTICSEARCH_HOSTS=http://elasticsearch:9200
ELASTIC_PASSWORD=${ELASTIC_PASSWORD:-changeme}
MONITORING_ENABLED=${LS_MONITORING_ENABLED:-false}
kibana
docker.elastic.co/kibana/kibana:8.16.1
Ports : 5601:5601
volumes: 1 mount
Env vars: 7
healthcheck
Variables d'Environnement :
ELASTICSEARCH_HOSTS=${ELASTICSEARCH_HOSTS:-http://elasticsearch:9200}
ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME:-kibana_system}
ELASTICSEARCH_PASSWORD=${ELASTIC_PASSWORD:-changeme}
SERVER_NAME=${KIBANA_SERVER_NAME:-kibana}
SERVER_HOST=0.0.0.0
xpack.security.enabled=${XPACK_SECURITY_ENABLED:-false}
TELEMETRY_ENABLED=false
YAML Généré
# Generated by ComposeHub (composehub.dev)
name: elk-stack
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.16.1
restart: unless-stopped
ports:
- 9200:9200
- 9300:9300
volumes:
- elasticsearch_data:/usr/share/elasticsearch/data
environment:
discovery.type: single-node
cluster.name: ${ES_CLUSTER_NAME:-elk-cluster}
node.name: ${ES_NODE_NAME:-es-node-1}
ES_JAVA_OPTS: ${ES_JAVA_OPTS:--Xms1g -Xmx1g}
xpack.security.enabled: ${XPACK_SECURITY_ENABLED:-false}
xpack.security.enrollment.enabled: "false"
xpack.license.self_generated.type: ${ES_LICENSE:-basic}
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-changeme}
bootstrap.memory_lock: "true"
networks:
- elastic
healthcheck:
test:
- CMD-SHELL
- curl -f http://localhost:9200/_cluster/health?wait_for_status=yellow&timeout=5s || exit 1
interval: 30s
timeout: 10s
retries: 10
start_period: 60s
deploy:
resources:
limits:
cpus: "2.00"
memory: 2048M
reservations:
cpus: "0.50"
memory: 1024M
labels:
com.composeforge.description: Elasticsearch 8.16 search and analytics engine
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
logstash:
image: docker.elastic.co/logstash/logstash:8.16.1
restart: unless-stopped
ports:
- 5044:5044
- 5000:5000/tcp
- 5000:5000/udp
- 9600:9600
volumes:
- logstash_pipeline:/usr/share/logstash/pipeline
- logstash_config:/usr/share/logstash/config
environment:
LS_JAVA_OPTS: ${LS_JAVA_OPTS:--Xms512m -Xmx512m}
ELASTICSEARCH_HOSTS: http://elasticsearch:9200
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-changeme}
MONITORING_ENABLED: ${LS_MONITORING_ENABLED:-false}
networks:
- elastic
depends_on:
elasticsearch:
condition: service_healthy
healthcheck:
test:
- CMD-SHELL
- curl -f http://localhost:9600/_node/stats || exit 1
interval: 30s
timeout: 10s
retries: 5
start_period: 60s
deploy:
resources:
limits:
cpus: "1.00"
memory: 1024M
reservations:
cpus: "0.25"
memory: 512M
labels:
com.composeforge.description: Logstash log ingestion and transformation pipeline
kibana:
image: docker.elastic.co/kibana/kibana:8.16.1
restart: unless-stopped
ports:
- 5601:5601
volumes:
- kibana_config:/usr/share/kibana/config
environment:
ELASTICSEARCH_HOSTS: ${ELASTICSEARCH_HOSTS:-http://elasticsearch:9200}
ELASTICSEARCH_USERNAME: ${ELASTICSEARCH_USERNAME:-kibana_system}
ELASTICSEARCH_PASSWORD: ${ELASTIC_PASSWORD:-changeme}
SERVER_NAME: ${KIBANA_SERVER_NAME:-kibana}
SERVER_HOST: 0.0.0.0
xpack.security.enabled: ${XPACK_SECURITY_ENABLED:-false}
TELEMETRY_ENABLED: "false"
networks:
- elastic
depends_on:
elasticsearch:
condition: service_healthy
healthcheck:
test:
- CMD-SHELL
- curl -f http://localhost:5601/api/status || exit 1
interval: 30s
timeout: 10s
retries: 10
start_period: 90s
deploy:
resources:
limits:
cpus: "1.00"
memory: 1024M
reservations:
cpus: "0.25"
memory: 512M
labels:
com.composeforge.description: Kibana visualization and dashboarding for Elasticsearch
networks:
elastic:
driver: bridge
volumes:
elasticsearch_data:
driver: local
logstash_pipeline:
driver: local
logstash_config:
driver: local
kibana_config:
driver: local
Informations Rapides
- Services
- 3
- Réseaux
- 1
- Volumes
- 4
Quand l'Utiliser
Ce modèle est idéal pour mettre en place un environnement elk stack Tous les services sont préconfigurés avec des healthchecks, des limites de ressources et des valeurs par défaut raisonnables. Personnalisez les variables d'environnement avant de déployer en production.
Conseils
- Changez tous les mots de passe par défaut avant le déploiement
- Vérifiez les limites de ressources pour votre matériel
- Ajoutez un reverse proxy pour le HTTPS en production
- Configurez des stratégies de sauvegarde pour les volumes de données