Graylog 6.3.6 Docker 部署
Docker Compose 配置
docker-compose.yml
version: '3.8'
services:
# ==================================================
# MongoDB 6.0.20 - Graylog 元数据存储(用户、流、仪表盘等)
# ==================================================
mongodb:
image: mongo:6.0.20
container_name: graylog-mongodb
restart: unless-stopped
networks:
- graylog-net
volumes:
- mongodb_data:/data/db
environment:
- MONGO_INITDB_ROOT_USERNAME=${MONGO_ROOT_USERNAME}
- MONGO_INITDB_ROOT_PASSWORD=${MONGO_ROOT_PASSWORD}
command: ["--bind_ip_all"]
deploy:
resources:
limits:
memory: 1g
# ==================================================
# OpenSearch 2.15.0 - 日志索引与搜索(强制启用安全插件)
# ==================================================
opensearch:
image: opensearchproject/opensearch:2.15.0
container_name: graylog-opensearch
restart: unless-stopped
networks:
- graylog-net
volumes:
- opensearch_data:/usr/share/opensearch/data
environment:
- cluster.name=graylog-cluster
- node.name=opensearch-node
- discovery.type=single-node
- bootstrap.memory_lock=true
- "OPENSEARCH_JAVA_OPTS=-Xms384m -Xmx384m"
- plugins.security.disabled=true #禁用安全插件
- OPENSEARCH_INITIAL_ADMIN_PASSWORD=${OPENSEARCH_ADMIN_PASSWORD}
ulimits:
memlock:
soft: -1
hard: -1
ports:
- "9200:9200" # REST API (HTTPS)
- "9600:9600" # Performance Analyzer
deploy:
resources:
limits:
memory: 1g
# ==================================================
# Graylog 6.3.6 - 核心服务 + Web UI
# ==================================================
graylog:
image: graylog/graylog:6.3.6
container_name: graylog-server
restart: unless-stopped
networks:
- graylog-net
ports:
- "9000:9000" # Web UI
- "12201:12201/udp" # GELF UDP
- "1514:1514" # Syslog TCP
- "1515:1515/udp" # Syslog UDP
volumes:
- graylog_data:/usr/share/graylog/data
environment:
# 基础安全配置
GRAYLOG_PASSWORD_SECRET: "${GRAYLOG_PASSWORD_SECRET}"
GRAYLOG_ROOT_PASSWORD_SHA2: "${GRAYLOG_ROOT_PASSWORD_SHA2}"
GRAYLOG_HTTP_EXTERNAL_URI: "${GRAYLOG_HTTP_EXTERNAL_URI}"
# MongoDB 连接
GRAYLOG_MONGODB_URI: "mongodb://${MONGO_ROOT_USERNAME}:${MONGO_ROOT_PASSWORD}@mongodb:27017/graylog?authSource=admin"
# OpenSearch 连接(注意:协议为 HTTPS!)
GRAYLOG_ELASTICSEARCH_HOSTS: "http://opensearch:9200"
GRAYLOG_ELASTICSEARCH_USERNAME: "admin"
GRAYLOG_ELASTICSEARCH_PASSWORD: "${OPENSEARCH_ADMIN_PASSWORD}"
# JVM 调优(根据机器资源调整)
GRAYLOG_SERVER_JAVA_OPTS: "-Xms384m -Xmx384m -XX:+UseG1GC -Djdk.tls.client.protocols=TLSv1.2,TLSv1.3"
depends_on:
- mongodb
- opensearch
deploy:
resources:
limits:
memory: 1g
volumes:
mongodb_data:
opensearch_data:
graylog_data:
networks:
graylog-net:
driver: bridge提示:以上内存等配置可根据实际情况配置。
环境配置
.env
# ==================================================
# MongoDB 6.0.20 - 配置
# ==================================================
# Mongo 超管账号名称
MONGO_ROOT_USERNAME=graylog
# Mongo 超管账号密码
MONGO_ROOT_PASSWORD=graylog_secure_password_2025
# ==================================================
# OpenSearch 2.15.0 - 配置
# ==================================================
# OpenSearch 内置 admin 密码(默认用户名为 admin)
OPENSEARCH_ADMIN_PASSWORD="osA^123|45{2025!"
# ==================================================
# Graylog 6.3.6 - 配置
# ==================================================
# Graylog root 用户密码(明文用于生成 SHA256)
# 实际使用时,请先运行:echo -n "admin" | shasum -a 256
GRAYLOG_ROOT_PASSWORD_SHA2="8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918"
# 至少 16 字符的加密盐(用于 JWT、会话等)
GRAYLOG_PASSWORD_SECRET="GraylogSecretPepper2025!SecureIt!"
# 外部访问地址(必须与浏览器访问 URL 一致)
GRAYLOG_HTTP_EXTERNAL_URI="http://localhost:9000/"
搭配docker-compose.yml配置文件使用,名命为.env
版权所有 © 【代码谷】 欢迎非商用转载,转载请按下面格式注明出处,商业转载请联系授权,违者必究。(提示:点击下方内容复制出处)
源文: Graylog 6.3.6 Docker 部署 ,链接:https://www.daimagu.com/article/2512221657262287.html,来源:代码谷
评论