search

Graylog2 / docker-compose

A set of Docker Compose files that allow you to quickly spin up a Graylog instance for testing or demo purposes.
Apache License 2.0
357 stars 134 forks source link

Add support for Graylog 5.x, MongoDB 6.x and OpenSearch 2.x #19

Closed AnonymousWP closed 1 year ago

AnonymousWP commented 1 year ago

The current Docker Compose files are outdated, I'd like to use these Docker Compose files in a development environment (before I push stuff to AWS - which is a test environment).

Here's a start (which currently doesn't work yet, see https://github.com/Graylog2/graylog2-server/issues/14174)

# Image versions of the containers have to be manually edited once a new version is available

version: '3.7'
services:

  mongo:
    image: mongo:6.0.3
    volumes:
      - mongo_data:/data/db
    networks:
      - graylog
    restart: always

  opensearch:
    image: opensearchproject/opensearch:2.3.0

     # Stores OpenSearch data in this directory/path. Comes in handy when updating OpenSearch, so that data is retained.
    volumes:
      - es_data:/usr/share/opensearch/data
    environment:
      - "ES_JAVA_OPTS=-Xms512m -Xmx1g" # `Xms` specifies the initial memory allocation pool. `Xmx` specifies the maximum allocation pool for the Java Virtual Machine (JVM). "m" and "g" obviously stand for MB and GB.
      - "plugins.security.ssl.http.enabled=false"
      - "plugins.security.disabled=true"
      - "hostname:opensearch"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    networks:
      - graylog
    restart: always

  graylog:
    image: graylog/graylog:5.0.0
    volumes:
      - graylog_data:/usr/share/graylog/data # Stores Graylog data in this directory/path. Comes in handy when updating Graylog, so that data is retained.
    environment:
      - GRAYLOG_PASSWORD_SECRET=<bla>

      - GRAYLOG_ROOT_PASSWORD_SHA2=<bla> # You can generate the SHA256-hash of your password with `echo -n <password> | sha256sum`

      - GRAYLOG_HTTP_EXTERNAL_URI=<bla> # You can change the IP-address to 127.0.0.1 if you want to run it locally, and any external IP-address if you want to run it on a server.

      - GRAYLOG_ELASTICSEARCH_HOSTS=http://opensearch:9200
    # Sets the correct timezone within Graylog
      - TZ=Europe/Amsterdam
      - GRAYLOG_TIMEZONE=Europe/Amsterdam
      - GRAYLOG_ROOT_TIMEZONE=Europe/Amsterdam
    entrypoint: /usr/bin/tini -- wait-for-it opensearch:9200 --  /docker-entrypoint.sh
    networks:
      - graylog
    ports:
    - 9200:9200/tcp

    # Links MongoDB with OpenSearch.
    links:
      - mongo:mongodb
      - opensearch
    restart: always

    #Doesn't work without MongoDB and OpenSearch.
    depends_on:
      - mongo
      - opensearch
    ports:
      - 5044:5044/udp       # Beats UDP
      - 5044:5044/tcp       # Beats TCP
      - 9000:9000           # Graylog web interface and REST API
      - 1514:1514/udp       # Syslog UDP
      - 5555:5555/tcp       # Raw/Plaintext TCP input
networks:
    graylog:
      driver: bridge

# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/
volumes:
  mongo_data:
    driver: local
  es_data:
    driver: local
  graylog_data:
    driver: local