🗒️
LogStashをDockerでインストールする
前提
- WSL(ディストリビューションはUbuntu)上にDockerがインストールされている状態です
- Elasticのバージョンは8.13.2です
ゴール
Logstashコンテナを稼働させて設定ファイルの所在を確認するまでとします
公式ドキュメント
Dockerイメージのプル
docker pull docker.elastic.co/logstash/logstash:8.13.2
実行結果
$ docker pull docker.elastic.co/logstash/logstash:8.13.2
8.13.2: Pulling from logstash/logstash
632255af43b7: Already exists
6e1bc55e6f7d: Pull complete
e61975f228dd: Pull complete
0d1032b69ec5: Pull complete
4ca545ee6d5d: Pull complete
78c9a34a17a8: Pull complete
590564ac0813: Pull complete
56c58eb0be53: Pull complete
7d6af852ebe4: Pull complete
94d7e185a4c2: Pull complete
1cd0e96cd380: Pull complete
ae8e7d8e4643: Pull complete
cf858f7ddefd: Pull complete
310997d8a8b5: Pull complete
0f122f1ee96f: Pull complete
Digest: sha256:87f9f68803852af257e1a1d1bff960375b862d96e27133a825f8c0e4cb44dd64
Status: Downloaded newer image for docker.elastic.co/logstash/logstash:8.13.2
docker.elastic.co/logstash/logstash:8.13.2
コンテナの起動
docker run --rm -it docker.elastic.co/logstash/logstash:8.13.2
実行結果
$ docker run --rm -it docker.elastic.co/logstash/logstash:8.13.2
Using bundled JDK: /usr/share/logstash/jdk
/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/concurrent-ruby-
略
[2024-04-30T02:30:57,064][INFO ][logstash.javapipeline ][main] Pipeline started {"pipeline.id"=>"main"}
[2024-04-30T02:30:57,078][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
[2024-04-30T02:30:57,099][INFO ][org.logstash.beats.Server][main][0710cad67e8f47667bc7612580d5b91f691dd8262a4187d9eca8cf87229d04aa] Starting server on port: 5044
設定情報を確認
コンテナの状態を確認
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
41dbe36911e1 docker.elastic.co/logstash/logstash:8.13.2 "/usr/local/bin/dock…" About a minute ago Up About a minute 5044/tcp, 9600/tcp nostalgic_joliot
cb5a2b583e59 docker.elastic.co/kibana/kibana:8.13.2 "/bin/tini -- /usr/l…" 21 hours ago Up 21 hours 0.0.0.0:5601->5601/tcp, :::5601->5601/tcp kib01
121cb192b9b9 docker.elastic.co/elasticsearch/elasticsearch:8.13.2 "/bin/tini -- /usr/l…" 23 hours ago Up 23 hours 9200/tcp, 9300/tcp es02
86e1e9162f3f docker.elastic.co/elasticsearch/elasticsearch:8.13.2 "/bin/tini -- /usr/l…" 44 hours ago Up 44 hours 0.0.0.0:9200->9200/tcp, :::9200->9200/tcp, 9300/tcp es01
コンテナ内の設定ファイルの内容を確認
$ docker exec -it nostalgic_joliot bash
pipeline/logstash.conf
logstash@41dbe36911e1:~$
logstash@41dbe36911e1:~$
logstash@41dbe36911e1:~$ ls
bin CONTRIBUTORS Gemfile jdk lib logstash-core-plugin-api pipeline vendor
config data Gemfile.lock JDK_VERSION logstash-core modules tools x-pack
logstash@41dbe36911e1:~$ cd pipeline/
logstash@41dbe36911e1:~/pipeline$
logstash@41dbe36911e1:~/pipeline$ cat logstash.conf
input {
beats {
port => 5044
}
}
output {
stdout {
codec => rubydebug
}
}
config
logstash@41dbe36911e1:~/pipeline$ cd ../config/
logstash@41dbe36911e1:~/config$
logstash@41dbe36911e1:~/config$ ls
jvm.options log4j2.properties logstash.yml startup.options
log4j2.file.properties logstash-sample.conf pipelines.yml
logstash@41dbe36911e1:~/config$ cat pipelines.yml
# This file is where you define your pipelines. You can define multiple.
# For more information on multiple pipelines, see the documentation:
# https://www.elastic.co/guide/en/logstash/current/multiple-pipelines.html
- pipeline.id: main
path.config: "/usr/share/logstash/pipeline"
Discussion