This repository contains a Dockerfile of the Elastic Stack.
$ docker images
REPOSITORY TAG VIRTUAL SIZE
blacktop/elastic-stack latest 504.2 MB
blacktop/elastic-stack 5.1 504.2 MB
blacktop/elastic-stack geoip 535.1 MB
blacktop/elastic-stack 4.6 450.9 MB
blacktop/elastic-stack 3.1 363.3 MBNOTE: tag geoip is the same as tag latest, but includes the ingest-geoip and the ingest-user-agent plugins.
$ docker run -d --name elstack -p 80:80 -p 9200:9200 blacktop/elastic-stack- With Docker for Mac :
http://localhost - With docker-machine :
http://$(docker-machine ip) - With docker-engine :
$(docker inspect -f '{{ .NetworkSettings.IPAddress }}' elstack)
I have noticed when running the new 5.0 version on a linux host you need to increase the memory map areas with the following command
echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
sudo sysctl -w vm.max_map_count=262144Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue
Heavily (if not entirely) influenced by all the elastic official docker images
- Install/Run Elastic Stack
- Start Daemon and watch folder with supervisord
- Expose Logstash config folder as well as Nginx sites folder as Volumes
- Build ES test data docker image
- Add Nginx entrypoint to pass USER/PASS in as env vars
- Add SSL (auto-create certs if not found)
- Add back a 3.0 version of the stack (elk stack)
- Integrate with Bro-IDS
MIT Copyright (c) 2015-2017 blacktop