Graylog install on docker

http://docs.graylog.org/en/2.2/pages/installation/docker.html
http://dongss.cn/posts/11.html

---------------

1. docker image download, this step can skip.
# docker pull mongo:3
# docker pull elasticsearch:2
# docker pull graylog2/server:2.2.3-1

2. create yml for compose.
---The docker-compose.yml file looks like this:

version: '2'
services:
  mongo:
    image: "mongo:3"
    volumes:
      - /data/mongo:/data/db
  elasticsearch:
    image: "elasticsearch:2"
    command: "elasticsearch -Des.cluster.name='graylog'"
    volumes:
      - /data/elasticsearch:/usr/share/elasticsearch/data
  graylog:
    image: graylog2/server:2.2.3-1
    volumes:
      - /data/graylog/data/journal:/usr/share/graylog/data/journal
      - /data/graylog/config:/usr/share/graylog/data/config
    environment:
      GRAYLOG_WEB_ENDPOINT_URI: http://10.x.x.x:9000/api/
    depends_on:
      - mongo
      - elasticsearch
    ports:
      - "9000:9000"
      - "5044:5044"
      - "1514/udp:1514/udp"

3. download config file for graylog, can modify to youself module.

In order to make the log data and configuration of Graylog persistent, you can use external volumes to store all data. In case of a container restart simply re-use the existing data from the former instances. Create the configuration directory and copy the default files:

# mkdir /data/graylog/config
# cd /data/graylog/config
# wget https://raw.githubusercontent.com/Graylog2/graylog2-images/2.2/docker/config/graylog.conf
# wget https://raw.githubusercontent.com/Graylog2/graylog2-images/2.2/docker/config/log4j2.xml

4. docker compose install
https://docs.docker.com/compose/install
http://www.widuu.com/docker/compose/install.html

curl -L https://github.com/docker/compose/releases/download/1.13.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

 

5. start container
# docker-compose -f docker-compose.yml up -d

6. use Chrome access http://10.x.x.x:9000, default user&passwd is "admin" .