Add ELK stack to the lab (#9)

README.md

@@ -2,6 +2,15 @@
 
 Container Labs is a project to set up and manage multiple server environments using Docker containers and networks, along with monitoring using Prometheus, Grafana, and Alertmanager.
 
+## Labs stack
+
+- ubuntu-vm1: An Ubuntu VM running in a Docker container.
+- ubuntu-vm2: An Ubuntu VM running in a Docker container.
+- prometheus: A Prometheus server for monitoring.
+- grafana: A Grafana server for visualization.
+- alertmanager: An Alertmanager server for alerting
+- elk: An ELK server for logging
+
 ## Getting Started
 
 ### Prerequisites
@@ -92,16 +101,13 @@ ssh-copy-id root@ubuntu-vm1 # root@ubuntu-vm2
 systemctl status node_exporter
 ```
 
-### Monitoring
+### Access services
+
+<!-- Monitoring -->
 
 - Access Prometheus at http://localhost:9090
 - Access Grafana at http://localhost:3000 (default login: admin/admin)
 - Access Alertmanager at http://localhost:9093
-
-### Services
-
-- ubuntu-vm1: An Ubuntu VM running in a Docker container.
-- ubuntu-vm2: An Ubuntu VM running in a Docker container.
-- prometheus: A Prometheus server for monitoring.
-- grafana: A Grafana server for visualization.
-- alertmanager: An Alertmanager server for alerting
+<!-- Logging -->
+- Access Elasticsearch at http://localhost:9200
+- Access Kibana at http://localhost:5061

docker-compose.yml

@@ -7,27 +7,18 @@ services:
     privileged: true
     networks:
       - lab-network
+
   ubuntu-vm2:
     build: ./ubuntu-vm
     container_name: ubuntu-vm2
     privileged: true
     networks:
       - lab-network
+
+  # To run ansible and other tools
   toolbox-vm:
     build: ./toolbox-vm
 
-  # TODO: Add later
-  # ansible-vm:
-  #   build: ./ansible-vm
-  #   container_name: ansible-vm
-  #   volumes:
-  #     - ./ansible:/etc/ansible
-  #   networks:
-  #     - lab-network
-  #   depends_on:
-  #     - ubuntu-vm1
-  #     - ubuntu-vm2
-
   prometheus:
     image: prom/prometheus:latest
     volumes:
@@ -56,6 +47,40 @@ services:
     networks:
       - lab-network
 
+  # Elasticsearch Service
+  elasticsearch:
+    build:
+      context: ./elk/elasticsearch
+    container_name: elasticsearch
+    environment:
+      - discovery.type=single-node
+    ports:
+      - "9200:9200"
+      - "9300:9300"
+    networks:
+      - lab-network
+
+  # Logstash Service
+  logstash:
+    build:
+      context: ./elk/logstash
+    container_name: logstash
+    ports:
+      - "5044:5044"
+    networks:
+      - lab-network
+
+  # Kibana Service
+  kibana:
+    build:
+      context: ./elk/kibana
+    container_name: kibana
+    ports:
+      - "5601:5601"
+    networks:
+      - lab-network
+
+# Network definition
 networks:
   lab-network:
     driver: bridge

elk/elasticsearch/Dockerfile

@@ -0,0 +1,5 @@
+# Use the official Elasticsearch image from Docker Hub
+FROM elasticsearch:7.17.9
+
+# Expose the default Elasticsearch port
+EXPOSE 9200 9300

elk/kibana/Dockerfile

@@ -0,0 +1,5 @@
+# Use the official Kibana image from Docker Hub
+FROM kibana:7.17.9
+
+# Expose the default Kibana port
+EXPOSE 5601

elk/logstash/Dockerfile

@@ -0,0 +1,8 @@
+# Use the official Logstash image from Docker Hub
+FROM logstash:7.17.9
+
+# Copy your Logstash pipeline configuration
+COPY logstash.conf /usr/share/logstash/pipeline/logstash.conf
+
+# Expose the default Logstash port
+EXPOSE 5044

elk/logstash/logstash.conf

@@ -0,0 +1,12 @@
+input {
+  beats {
+    port => 5044
+  }
+}
+
+output {
+  elasticsearch {
+    hosts => ["http://elasticsearch:9200"]
+    index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
+  }
+}