From be0c40b24e10793e81c68b28f3d3ebbbead80750 Mon Sep 17 00:00:00 2001 From: Nicolas Potier Date: Wed, 26 Oct 2016 22:49:11 +0200 Subject: [PATCH] ELK Version 5. - Updating default file to get Version 5 of ElasticSearch / Logstash / Kibana - Add kibana.yml and set default bind address to 0.0.0.0 instead of localhost --- Dockerfile | 17 ++++---- kibana-init | 14 +++---- kibana-logrotate | 2 +- kibana.yml | 101 +++++++++++++++++++++++++++++++++++++++++++++++ start.sh | 6 +-- 5 files changed, 122 insertions(+), 18 deletions(-) create mode 100644 kibana.yml diff --git a/Dockerfile b/Dockerfile index 5711d230..52372616 100644 --- a/Dockerfile +++ b/Dockerfile @@ -38,12 +38,13 @@ RUN set -x \ ### install Elasticsearch -ENV ES_VERSION 2.4.1 +ENV ES_VERSION 5.0.0 ENV ES_GID 991 ENV ES_UID 991 -RUN curl http://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add - -RUN echo deb http://packages.elasticsearch.org/elasticsearch/2.x/debian stable main > /etc/apt/sources.list.d/elasticsearch-2.x.list +RUN curl https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - +RUN apt-get install apt-transport-https +RUN echo deb https://artifacts.elastic.co/packages/5.x/apt stable main > /etc/apt/sources.list.d/elasticsearch-5.x.list RUN groupadd -r elasticsearch -g ${ES_GID} \ && useradd -r -s /usr/sbin/nologin -M -c "Elasticsearch service user" -u ${ES_UID} -g elasticsearch elasticsearch \ @@ -56,14 +57,14 @@ RUN groupadd -r elasticsearch -g ${ES_GID} \ ### install Logstash -ENV LOGSTASH_VERSION 2.4.0 +ENV LOGSTASH_VERSION 5.0.0 ENV LOGSTASH_HOME /opt/logstash ENV LOGSTASH_PACKAGE logstash-${LOGSTASH_VERSION}.tar.gz ENV LOGSTASH_GID 992 ENV LOGSTASH_UID 992 RUN mkdir ${LOGSTASH_HOME} \ - && curl -O https://download.elasticsearch.org/logstash/logstash/${LOGSTASH_PACKAGE} \ + && curl -O https://artifacts.elastic.co/downloads/logstash/${LOGSTASH_PACKAGE} \ && tar xzf ${LOGSTASH_PACKAGE} -C ${LOGSTASH_HOME} --strip-components=1 \ && rm -f ${LOGSTASH_PACKAGE} \ && groupadd -r logstash -g ${LOGSTASH_GID} \ @@ -78,14 +79,14 @@ RUN sed -i -e 's#^LS_HOME=$#LS_HOME='$LOGSTASH_HOME'#' /etc/init.d/logstash \ ### install Kibana -ENV KIBANA_VERSION 4.6.1 +ENV KIBANA_VERSION 5.0.0 ENV KIBANA_HOME /opt/kibana ENV KIBANA_PACKAGE kibana-${KIBANA_VERSION}-linux-x86_64.tar.gz ENV KIBANA_GID 993 ENV KIBANA_UID 993 RUN mkdir ${KIBANA_HOME} \ - && curl -O https://download.elasticsearch.org/kibana/kibana/${KIBANA_PACKAGE} \ + && curl -O https://artifacts.elastic.co/downloads/kibana/${KIBANA_PACKAGE} \ && tar xzf ${KIBANA_PACKAGE} -C ${KIBANA_HOME} --strip-components=1 \ && rm -f ${KIBANA_PACKAGE} \ && groupadd -r kibana -g ${KIBANA_GID} \ @@ -94,6 +95,8 @@ RUN mkdir ${KIBANA_HOME} \ && chown -R kibana:kibana ${KIBANA_HOME} /var/log/kibana ADD ./kibana-init /etc/init.d/kibana +ADD ./kibana.yml ${KIBANA_HOME}/config/kibana.yml + RUN sed -i -e 's#^KIBANA_HOME=$#KIBANA_HOME='$KIBANA_HOME'#' /etc/init.d/kibana \ && chmod +x /etc/init.d/kibana diff --git a/kibana-init b/kibana-init index 2a9bcb17..b94fc154 100644 --- a/kibana-init +++ b/kibana-init @@ -1,24 +1,24 @@ #!/bin/sh # -# /etc/init.d/kibana4_init -- startup script for kibana4 +# /etc/init.d/kibana5_init -- startup script for kibana5 # bsmith@the408.com 2015-02-20; used elasticsearch init script as template # https://github.com/akabdog/scripts/edit/master/kibana4_init # spujadas 2015-04-09; updated to run as non-root user # ### BEGIN INIT INFO -# Provides: kibana4_init +# Provides: kibana5_init # Required-Start: $network $remote_fs $named # Required-Stop: $network $remote_fs $named # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 -# Short-Description: Starts kibana4_init -# Description: Starts kibana4_init using start-stop-daemon +# Short-Description: Starts kibana5_init +# Description: Starts kibana5_init using start-stop-daemon ### END INIT INFO KIBANA_HOME= KIBANA_BIN=${KIBANA_HOME}/bin -NAME=kibana4 +NAME=kibana5 PID_FILE=/var/run/$NAME.pid PATH=/bin:/usr/bin:/sbin:/usr/sbin:$KIBANA_BIN DAEMON=$KIBANA_BIN/kibana @@ -27,8 +27,8 @@ KIBANA_GROUP=kibana KIBANA_LOG_DIR=/var/log/kibana KIBANA_LOG_FILE="${KIBANA_LOG_DIR}/$NAME.log" DAEMON_OPTS="-l ${KIBANA_LOG_FILE}" -DESC="Kibana4" -NODE_OPTIONS="--max-old-space-size=250" +DESC="Kibana5" +NODE_OPTIONS="--max-old-space-size=250" if [ $(id -u) -ne 0 ]; then echo "You need root privileges to run this script" diff --git a/kibana-logrotate b/kibana-logrotate index f398d7cc..23a9f9b1 100644 --- a/kibana-logrotate +++ b/kibana-logrotate @@ -1,4 +1,4 @@ -/var/log/kibana/kibana4.log { +/var/log/kibana/kibana5.log { daily rotate 7 copytruncate diff --git a/kibana.yml b/kibana.yml new file mode 100644 index 00000000..327f6e57 --- /dev/null +++ b/kibana.yml @@ -0,0 +1,101 @@ +# Default Kibana 5 file from https://github.com/elastic/kibana/blob/master/config/kibana.yml +# +# Kibana is served by a back end server. This setting specifies the port to use. +#server.port: 5601 + +# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. +# The default is 'localhost', which usually means remote machines will not be able to connect. +# To allow connections from remote users, set this parameter to a non-loopback address. +server.host: "0.0.0.0" + +# Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects +# the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests +# to Kibana. This setting cannot end in a slash. +#server.basePath: "" + +# The maximum payload size in bytes for incoming server requests. +#server.maxPayloadBytes: 1048576 + +# The Kibana server's name. This is used for display purposes. +#server.name: "your-hostname" + +# The URL of the Elasticsearch instance to use for all your queries. +#elasticsearch.url: "http://localhost:9200" + +# When this setting’s value is true Kibana uses the hostname specified in the server.host +# setting. When the value of this setting is false, Kibana uses the hostname of the host +# that connects to this Kibana instance. +#elasticsearch.preserveHost: true + +# Kibana uses an index in Elasticsearch to store saved searches, visualizations and +# dashboards. Kibana creates a new index if the index doesn’t already exist. +#kibana.index: ".kibana" + +# The default application to load. +#kibana.defaultAppId: "discover" + +# If your Elasticsearch is protected with basic authentication, these settings provide +# the username and password that the Kibana server uses to perform maintenance on the Kibana +# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which +# is proxied through the Kibana server. +#elasticsearch.username: "user" +#elasticsearch.password: "pass" + +# Paths to the PEM-format SSL certificate and SSL key files, respectively. These +# files enable SSL for outgoing requests from the Kibana server to the browser. +#server.ssl.cert: /path/to/your/server.crt +#server.ssl.key: /path/to/your/server.key + +# Optional settings that provide the paths to the PEM-format SSL certificate and key files. +# These files validate that your Elasticsearch backend uses the same key files. +#elasticsearch.ssl.cert: /path/to/your/client.crt +#elasticsearch.ssl.key: /path/to/your/client.key + +# Optional setting that enables you to specify a path to the PEM file for the certificate +# authority for your Elasticsearch instance. +#elasticsearch.ssl.ca: /path/to/your/CA.pem + +# To disregard the validity of SSL certificates, change this setting’s value to false. +#elasticsearch.ssl.verify: true + +# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of +# the elasticsearch.requestTimeout setting. +#elasticsearch.pingTimeout: 1500 + +# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value +# must be a positive integer. +#elasticsearch.requestTimeout: 30000 + +# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side +# headers, set this value to [] (an empty list). +#elasticsearch.requestHeadersWhitelist: [ authorization ] + +# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten +# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. +#elasticsearch.customHeaders: {} + +# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. +#elasticsearch.shardTimeout: 0 + +# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying. +#elasticsearch.startupTimeout: 5000 + +# Specifies the path where Kibana creates the process ID file. +#pid.file: /var/run/kibana.pid + +# Enables you specify a file where Kibana stores log output. +#logging.dest: stdout + +# Set the value of this setting to true to suppress all logging output. +#logging.silent: false + +# Set the value of this setting to true to suppress all logging output other than error messages. +#logging.quiet: false + +# Set the value of this setting to true to log all events, including system usage information +# and all requests. +#logging.verbose: false + +# Set the interval in milliseconds to sample system and process performance +# metrics. Minimum is 100ms. Defaults to 5000. +#ops.interval: 5000 diff --git a/start.sh b/start.sh index a0f66f4a..17273ba9 100644 --- a/start.sh +++ b/start.sh @@ -29,12 +29,12 @@ service cron start ## remove pidfiles in case previous graceful termination failed -# NOTE - This is the reason for the WARNING at the top - it's a bit hackish, +# NOTE - This is the reason for the WARNING at the top - it's a bit hackish, # but if it's good enough for Fedora (https://goo.gl/88eyXJ), it's good # enough for me :) rm -f /var/run/elasticsearch/elasticsearch.pid /var/run/logstash.pid \ - /var/run/kibana4.pid + /var/run/kibana5.pid ## initialise list of log files to stream in console (initially empty) OUTPUT_LOGFILES="" @@ -109,7 +109,7 @@ if [ "$KIBANA_START" -ne "1" ]; then echo "KIBANA_START is set to something different from 1, not starting..." else service kibana start - OUTPUT_LOGFILES+="/var/log/kibana/kibana4.log " + OUTPUT_LOGFILES+="/var/log/kibana/kibana5.log " fi # Exit if nothing has been started