generated from sherifabdlnaby/elastdocker
-
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathdocker-compose.yml
140 lines (133 loc) · 4.31 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
version: '3.5'
# To Join any other app setup using another network, change name and set external = true
networks:
default:
name: elastic
external: true
# will contain all elasticsearch data.
volumes:
elasticsearch-data:
secrets:
elasticsearch.keystore:
file: ./secrets/keystore/elasticsearch.keystore
elasticsearch.service_tokens:
file: ./secrets/service_tokens
elastic.ca:
file: ./secrets/certs/ca/ca.crt
elasticsearch.certificate:
file: ./secrets/certs/elasticsearch/elasticsearch.crt
elasticsearch.key:
file: ./secrets/certs/elasticsearch/elasticsearch.key
kibana.certificate:
file: ./secrets/certs/kibana/kibana.crt
kibana.key:
file: ./secrets/certs/kibana/kibana.key
apm-server.certificate:
file: ./secrets/certs/apm-server/apm-server.crt
apm-server.key:
file: ./secrets/certs/apm-server/apm-server.key
services:
elasticsearch:
image: elastdocker/elasticsearch:${ELK_VERSION}
build:
context: elasticsearch/
args:
ELK_VERSION: ${ELK_VERSION}
restart: unless-stopped
environment:
ELASTIC_USERNAME: ${ELASTIC_USERNAME}
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
ELASTIC_CLUSTER_NAME: ${ELASTIC_CLUSTER_NAME}
ELASTIC_NODE_NAME: ${ELASTIC_NODE_NAME}
ES_JAVA_OPTS: "-Xmx${ELASTICSEARCH_HEAP} -Xms${ELASTICSEARCH_HEAP} -Des.enforce.bootstrap.checks=true"
bootstrap.memory_lock: "true"
ingest.geoip.downloader.enabled: false
volumes:
- elasticsearch-data:/usr/share/elasticsearch/data
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
secrets:
- source: elasticsearch.keystore
target: /usr/share/elasticsearch/config/elasticsearch.keystore
- source: elasticsearch.service_tokens
target: /usr/share/elasticsearch/config/service_tokens
- source: elastic.ca
target: /usr/share/elasticsearch/config/certs/ca.crt
- source: elasticsearch.certificate
target: /usr/share/elasticsearch/config/certs/elasticsearch.crt
- source: elasticsearch.key
target: /usr/share/elasticsearch/config/certs/elasticsearch.key
ports:
- "9200:9200"
- "9300:9300"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 200000
hard: 200000
healthcheck:
test: ["CMD", "sh", "-c", "curl -sf --insecure https://$ELASTIC_USERNAME:$ELASTIC_PASSWORD@localhost:9200/_cat/health | grep -ioE 'green|yellow' || echo 'not green/yellow cluster status'"]
kibana:
image: elastdocker/kibana:${ELK_VERSION}
build:
context: kibana/
args:
ELK_VERSION: $ELK_VERSION
restart: unless-stopped
volumes:
- ./kibana/config/:/usr/share/kibana/config:ro
environment:
ELASTIC_USERNAME: ${ELASTIC_USERNAME}
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
ELASTICSEARCH_HOST_PORT: https://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}
env_file:
- ./secrets/.env.kibana.token
secrets:
- source: elastic.ca
target: /certs/ca.crt
- source: kibana.certificate
target: /certs/kibana.crt
- source: kibana.key
target: /certs/kibana.key
ports:
- "5601:5601"
apm-server:
image: elastdocker/apm-server:${ELK_VERSION}
build:
context: apm-server/
args:
ELK_VERSION: $ELK_VERSION
restart: unless-stopped
ports:
- "8200:8200"
volumes:
- ./apm-server/config/apm-server.yml:/usr/share/apm-server/apm-server.yml:ro
environment:
ELASTIC_USERNAME: ${ELASTIC_USERNAME}
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
ELASTICSEARCH_HOST_PORT: https://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}
ELASTIC_APM_SECRET_TOKEN: ${ELASTIC_APM_SECRET_TOKEN}
BEAT_STRICT_PERMS: false
secrets:
- source: elastic.ca
target: /certs/ca.crt
- source: apm-server.certificate
target: /certs/apm-server.crt
- source: apm-server.key
target: /certs/apm-server.key
depends_on:
- elasticsearch
- kibana
webapp:
build:
context: webapp/
ports:
- 3000:3000
environment:
ELASTIC_APM_SERVICE_NAME: webapp
ELASTIC_APM_SECRET_TOKEN: ${ELASTIC_APM_SECRET_TOKEN}
ELASTIC_APM_SERVER_URL: http://localhost:${APMSERVER_PORT}
depends_on:
- elasticsearch
- apm-server