Elasticsearch, Logstash and Kibana (E.L.K.) on Docker – Part 2 Elasticsearch

It’s worth reading Part 1 Logstash first.

So, today I had a chance to try out Elasticsearch on docker and it was semi easy to get it to work… the trickiest part was linking the Logstash and Kibana instances with the Elasticsearch instance. The trick is to name everything!

So here’s the command to run Elasticsearch, note I’ve given it a name of elasticsearch-node.

docker run -d --name elasticsearch-node elasticsearch

In order to then link Logstash to the Elasticsearch node, we need to change the command used to run Logstash from this…

docker run -p 13456:9999 -it --rm -v "$PWD":/config-dir logstash -f /config-dir/logstash.conf

To this…

docker run -p 13456:9999 -d -it -v "$PWD":/config-dir --link elasticsearch-node:elasticsearch-node --name logstash-node logstash -f /config-dir/logstash.conf

The differences being that the Logstash image now has a name of logstash-node when it’s run and it links to the Elasticsearch node via the name and identical alias.

The Logstash config file has also been changed to reference the Elasticsearch node as shown below.

input {
  tcp {
    port => 9999
    codec => line

filter {
  kv {
    source => "message"
    recursive => "true"

output {
  stdout {codec => rubydebug}
  elasticsearch {
    hosts => ["elasticsearch-node"]

Coming up next… Kibana on Docker!