-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
executable file
·119 lines (110 loc) · 4.63 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
version: '3'
services:
elasticsearch_docker1:
image: docker.elastic.co/elasticsearch/elasticsearch:7.13.1
container_name: elasticsearch_docker1
environment:
- node.name=elasticsearch_docker1
- cluster.name=es-docker-cluster
- discovery.seed_hosts=elasticsearch_docker2
- cluster.initial_master_nodes=elasticsearch_docker1,elasticsearch_docker2
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- xpack.security.enabled=true
- ELASTIC_PASSWORD=$ELASTIC_PASSWORD
- xpack.license.self_generated.type=trial
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=${ESCERTSDIR}/elasticsearch_docker1.key
- xpack.security.http.ssl.certificate_authorities=${ESCERTSDIR}/rootCA.pem
- xpack.security.http.ssl.certificate=${ESCERTSDIR}/elasticsearch_docker1.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.certificate_authorities=${ESCERTSDIR}/rootCA.pem
- xpack.security.transport.ssl.certificate=${ESCERTSDIR}/elasticsearch_docker1.crt
- xpack.security.transport.ssl.key=${ESCERTSDIR}/elasticsearch_docker1.key
ulimits:
nofile:
soft: 65536
hard: 65536
memlock:
soft: -1
hard: -1
volumes:
- elasticdata1:/usr/share/elasticsearch_docker1/data
- ${PWD}/certs/elasticsearch_docker1.crt:${ESCERTSDIR}/elasticsearch_docker1.crt
- ${PWD}/certs/elasticsearch_docker1.key:${ESCERTSDIR}/elasticsearch_docker1.key
- ${PWD}/certs/rootCA.pem:${ESCERTSDIR}/rootCA.pem
ports:
- 9200:9200
networks:
- elasticnetwork
healthcheck:
test: curl --cacert ${ESCERTSDIR}/rootCA.pem -u ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -s https://elasticsearch_docker1:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
interval: 30s
timeout: 10s
retries: 5
elasticsearch_docker2:
image: docker.elastic.co/elasticsearch/elasticsearch:7.13.1
container_name: elasticsearch_docker2
environment:
- node.name=elasticsearch_docker2
- cluster.name=es-docker-cluster
- discovery.seed_hosts=elasticsearch_docker1
- cluster.initial_master_nodes=elasticsearch_docker1,elasticsearch_docker2
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- xpack.security.enabled=true
- ELASTIC_PASSWORD=$ELASTIC_PASSWORD
- xpack.license.self_generated.type=trial
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=${ESCERTSDIR}/elasticsearch_docker2.key
- xpack.security.http.ssl.certificate_authorities=${ESCERTSDIR}/rootCA.pem
- xpack.security.http.ssl.certificate=${ESCERTSDIR}/elasticsearch_docker2.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.certificate_authorities=${ESCERTSDIR}/rootCA.pem
- xpack.security.transport.ssl.certificate=${ESCERTSDIR}/elasticsearch_docker2.crt
- xpack.security.transport.ssl.key=${ESCERTSDIR}/elasticsearch_docker2.key
ulimits:
nofile:
soft: 65536
hard: 65536
memlock:
soft: -1
hard: -1
volumes:
- elasticdata2:/usr/share/elasticsearch_docker2/data
- ${PWD}/certs/elasticsearch_docker2.crt:${ESCERTSDIR}/elasticsearch_docker2.crt
- ${PWD}/certs/elasticsearch_docker2.key:${ESCERTSDIR}/elasticsearch_docker2.key
- ${PWD}/certs/rootCA.pem:${ESCERTSDIR}/rootCA.pem
networks:
- elasticnetwork
kibana_docker:
image: docker.elastic.co/kibana/kibana:7.13.4
container_name: kibana_docker
depends_on: { "elasticsearch_docker1": { "condition": "service_healthy" } }
environment:
ELASTICSEARCH_URL: https://elasticsearch_docker1:9200
ELASTICSEARCH_HOSTS: '["https://elasticsearch_docker1:9200"]'
ELASTICSEARCH_USERNAME: $ELASTIC_USERNAME
ELASTICSEARCH_PASSWORD: $ELASTIC_PASSWORD
ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES: ${KIBCERTSDIR}/rootCA.pem
SERVER_SSL_ENABLED: "true"
SERVER_SSL_KEY: ${KIBCERTSDIR}/kibana_docker.key
SERVER_SSL_CERTIFICATE: ${KIBCERTSDIR}/kibana_docker.crt
volumes:
- ${PWD}/certs/kibana_docker.crt:${KIBCERTSDIR}/kibana_docker.crt
- ${PWD}/certs/kibana_docker.key:${KIBCERTSDIR}/kibana_docker.key
- ${PWD}/certs/rootCA.pem:${KIBCERTSDIR}/rootCA.pem
ports:
- 5601:5601
networks:
- elasticnetwork
networks:
elasticnetwork:
driver: bridge
volumes:
elasticdata1:
driver: local
elasticdata2:
driver: local