Index: web-module/script/yml/monitoring/server/allinone.yml =================================================================== diff -u -r69f65a3cab4869c45e0cdf692df7b03645271630 -r45a6c6259c7f4eb24aee2bbe6c37b8ae4300114c --- web-module/script/yml/monitoring/server/allinone.yml (.../allinone.yml) (revision 69f65a3cab4869c45e0cdf692df7b03645271630) +++ web-module/script/yml/monitoring/server/allinone.yml (.../allinone.yml) (revision 45a6c6259c7f4eb24aee2bbe6c37b8ae4300114c) @@ -57,7 +57,9 @@ mode: replicated replicas: 1 placement: - constraints: [node.role!=manager] + constraints: + - node.role!=manager + - node.hostname == sub-slave1node logging: driver: "json-file" options: @@ -99,7 +101,9 @@ mode: replicated replicas: 1 placement: - constraints: [node.role!=manager] + constraints: + - node.role!=manager + - node.hostname == sub-slave2node logging: driver: "json-file" options: @@ -140,7 +144,9 @@ mode: replicated replicas: 1 placement: - constraints: [node.role!=manager] + constraints: + - node.role!=manager + - node.hostname == sub-slave3node logging: driver: "json-file" options: @@ -179,7 +185,9 @@ mode: replicated replicas: 1 placement: - constraints: [node.role!=manager] + constraints: + - node.role!=manager + - node.hostname == sub-slave1node logging: driver: "json-file" options: @@ -224,7 +232,7 @@ mode: replicated replicas: 1 placement: - constraints: [node.role!=manager] + constraints: [node.role==manager] logging: driver: "json-file" options: @@ -251,7 +259,7 @@ mode: replicated replicas: 1 placement: - constraints: [node.role!=manager] + constraints: [node.role==manager] logging: driver: "json-file" options: Index: web-module/script/yml/monitoring/server/allinone/allinone.yml =================================================================== diff -u --- web-module/script/yml/monitoring/server/allinone/allinone.yml (revision 0) +++ web-module/script/yml/monitoring/server/allinone/allinone.yml (revision 45a6c6259c7f4eb24aee2bbe6c37b8ae4300114c) @@ -0,0 +1,659 @@ +version: '3.6' + +services: + + #https://github.com/jakubhajek/elasticsearch-docker-swarm/blob/master/stack-elastic.yml + # elasticsearch coordinating node + # /etc/security/limits.conf + # * hard memlock unlimited + # * soft memlock unlimited + # * hard nofile 65536 + # * soft nofile 65536 + # * hard nproc 65536 + # * soft nproc 65536 + + # sysctl -w vm.max_map_count=262144 + # /etc/sysctl.conf + # vm.max_map_count=262144 + + # /lib/systemd/system/docker.service + # LimitMEMLOCK=infinity + + # elasticsearch master node + es-master-01: + image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3 + hostname: es-master-01 + volumes: + #- es-master-01-data:/usr/share/elasticsearch/data + - type: volume + source: es-master-01-data + target: /usr/share/elasticsearch/data + volume: + nocopy: true + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + environment: &es-master-env + cluster.name: es-swarm-cluster + node.name: "es-master-01" + discovery.seed_hosts: "es-master-01,es-master-02,es-master-03" + cluster.initial_master_nodes: "es-master-01,es-master-02,es-master-03" + node.master: "true" + node.voting_only: "false" + node.data: "true" + node.ingest: "false" + node.ml: "false" + xpack.ml.enabled: "true" + cluster.remote.connect: "false" + MAX_LOCKED_MEMORY: unlimited + bootstrap.memory_lock: "true" + ES_JAVA_OPTS: "-Xms1g -Xmx1g" + configs: &es-limits-conf + - source: es-limits.conf + target: /etc/security/limits.conf + networks: &efk-network + - efk + deploy: + endpoint_mode: dnsrr + mode: replicated + replicas: 1 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + # elasticsearch master node + es-master-02: + image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3 + hostname: es-master-02 + volumes: + #- es-master-02-data:/usr/share/elasticsearch/data + - type: volume + source: es-master-02-data + target: /usr/share/elasticsearch/data + volume: + nocopy: true + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + environment: + cluster.name: es-swarm-cluster + node.name: "es-master-02" + discovery.seed_hosts: "es-master-01,es-master-02,es-master-03" + cluster.initial_master_nodes: "es-master-01,es-master-02,es-master-03" + node.master: "true" + node.voting_only: "false" + node.data: "true" + node.ingest: "false" + node.ml: "false" + xpack.ml.enabled: "true" + cluster.remote.connect: "false" + MAX_LOCKED_MEMORY: unlimited + bootstrap.memory_lock: "true" + ES_JAVA_OPTS: "-Xms1g -Xmx1g" + configs: *es-limits-conf + networks: *efk-network + deploy: + endpoint_mode: dnsrr + mode: replicated + replicas: 1 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + es-master-03: + image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3 + hostname: es-master-03 + volumes: + #- es-master-03-data:/usr/share/elasticsearch/data + - type: volume + source: es-master-03-data + target: /usr/share/elasticsearch/data + volume: + nocopy: true + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + environment: &es-master-env + cluster.name: es-swarm-cluster + node.name: "es-master-03" + discovery.seed_hosts: "es-master-01,es-master-02,es-master-03" + cluster.initial_master_nodes: "es-master-01,es-master-02,es-master-03" + node.master: "true" + node.voting_only: "false" + node.data: "true" + node.ingest: "false" + node.ml: "false" + xpack.ml.enabled: "true" + cluster.remote.connect: "false" + MAX_LOCKED_MEMORY: unlimited + bootstrap.memory_lock: "true" + ES_JAVA_OPTS: "-Xms1g -Xmx1g" + configs: *es-limits-conf + networks: *efk-network + deploy: + endpoint_mode: dnsrr + mode: replicated + replicas: 1 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + es-coordinating: + image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3 + hostname: es-coordinating + ports: + - 9200:9200 + volumes: + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + environment: + ES_JAVA_OPTS: "-Xms2g -Xmx2g" + cluster.name: es-swarm-cluster + discovery.seed_hosts: "es-master-01,es-master-02,es-master-03" + node.name: "es-coordinating" + node.master: "false" + node.voting_only: "false" + node.data: "false" + node.ingest: "false" + node.ml: "false" + cluster.remote.connect: "false" + MAX_LOCKED_MEMORY: unlimited + bootstrap.memory_lock: "true" + xpack.monitoring.collection.enabled: "false" + configs: *es-limits-conf + networks: *efk-network + depends_on: + - es-master-01 + - es-master-02 + - es-master-03 + deploy: + mode: replicated + replicas: 1 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + #logging: + # driver: "fluentd" + # options: + # fluentd-address: fluentd-ui:24224 + # fluentd-async-connect: "true" + # fluentd-retry-wait: "1s" + # fluentd-max-retries: "30" + + elastichq: + image: elastichq/elasticsearch-hq + environment: + - HQ_DEFAULT_URL=http://es-coordinating:9200 + - HQ_DEBUG=True + - HQ_ENABLE_SSL=False + - HQ_VERIFY_CERTS=False + ports: + - 5050:5000 + networks: *efk-network + + kibana: + image: docker.elastic.co/kibana/kibana:7.9.3 + hostname: kibana + ports: + - 5601:5601 + volumes: + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + environment: + ELASTICSEARCH_HOSTS: "http://es-coordinating:9200" + networks: *efk-network + depends_on: + - es-coordinating + deploy: + mode: replicated + replicas: 1 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + logstash: + image: docker.elastic.co/logstash/logstash:7.9.3 + ports: + - "5000:5000" + - "9600:9600" + - "5044:5044" + configs: + - source: logstash_config + target: /usr/share/logstash/config/logstash.yml + - source: logstash_pipeline + target: /usr/share/logstash/pipeline/logstash.conf + environment: + LS_JAVA_OPTS: "-Xmx2g -Xms2g" + networks: *efk-network + depends_on: + - kibana + deploy: + mode: replicated + replicas: 1 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + #https://gist.github.com/dkurzaj/2a899de8cb5ae698919f0a9bbf7685f0 + zookeeper1: + image: wurstmeister/zookeeper:3.4.6 + volumes: + - zookeeper1-data:/data + - zookeeper1-logs:/datalog + ports: + - "2181:2181" + networks: *efk-network + environment: + - ZOO_SERVER_ID=1 + - ALLOW_ANONYMOUS_LOGIN=yes + - ZOO_SERVERS=zookeeper1:2888:3888,zookeeper2:2888:3888,zookeeper3:2888:3888 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + zookeeper2: + image: wurstmeister/zookeeper:3.4.6 + volumes: + - zookeeper2-data:/data + - zookeeper2-logs:/datalog + ports: + - "2182:2181" + networks: *efk-network + environment: + - ZOO_SERVER_ID=2 + - ALLOW_ANONYMOUS_LOGIN=yes + - ZOO_SERVERS=zookeeper1:2888:3888,zookeeper2:2888:3888,zookeeper3:2888:3888 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + zookeeper3: + image: wurstmeister/zookeeper:3.4.6 + volumes: + - zookeeper3-data:/data + - zookeeper3-logs:/datalog + ports: + - "2183:2181" + networks: *efk-network + environment: + - ZOO_SERVER_ID=3 + - ALLOW_ANONYMOUS_LOGIN=yes + - ZOO_SERVERS=zookeeper1:2888:3888,zookeeper2:2888:3888,zookeeper3:2888:3888 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + kafka1: + image: wurstmeister/kafka:2.12-2.3.0 + ports: + - "9095:9092" + volumes: + - kafka1-data:/kafka + - /var/run/docker.sock:/var/run/docker.sock + environment: + KAFKA_BROKER_ID: 1 + KAFKA_ZOOKEEPER_CONNECT: zookeeper1:2181,zookeeper2:2182,zookeeper3:2183 + JMX_PORT: 9093 + KAFKA_JMX_OPTS: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=kafka1 -Dcom.sun.management.jmxremote.rmi.port=9093 + KAFKA_ADVERTISED_HOST_NAME: kafka1 + KAFKA_ADVERTISED_PORT: 9092 + KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka1:9092 + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 2 + networks: *efk-network + depends_on: + - zookeeper1 + - zookeeper2 + - zookeeper3 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + kafka2: + image: wurstmeister/kafka:2.12-2.3.0 + ports: + - "9096:9092" + volumes: + - kafka2-data:/kafka + - /var/run/docker.sock:/var/run/docker.sock + environment: + KAFKA_BROKER_ID: 2 + KAFKA_ZOOKEEPER_CONNECT: zookeeper1:2181,zookeeper2:2182,zookeeper3:2183 + JMX_PORT: 9093 + KAFKA_JMX_OPTS: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=kafka2 -Dcom.sun.management.jmxremote.rmi.port=9093 + KAFKA_ADVERTISED_HOST_NAME: kafka2 + KAFKA_ADVERTISED_PORT: 9092 + KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka2:9092 + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 2 + networks: *efk-network + depends_on: + - zookeeper1 + - zookeeper2 + - zookeeper3 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + kafka3: + image: wurstmeister/kafka:2.12-2.3.0 + ports: + - "9097:9092" + volumes: + - kafka3-data:/kafka + - /var/run/docker.sock:/var/run/docker.sock + environment: + KAFKA_BROKER_ID: 3 + KAFKA_ZOOKEEPER_CONNECT: zookeeper1:2181,zookeeper2:2182,zookeeper3:2183 + JMX_PORT: 9093 + KAFKA_JMX_OPTS: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=kafka3 -Dcom.sun.management.jmxremote.rmi.port=9093 + KAFKA_ADVERTISED_HOST_NAME: kafka3 + KAFKA_ADVERTISED_PORT: 9092 + KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka3:9092 + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 2 + networks: *efk-network + depends_on: + - zookeeper1 + - zookeeper2 + - zookeeper3 + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + # https://github.com/hleb-albau/kafka-manager-docker + kafka-manager: + image: hlebalbau/kafka-manager:2.0.0.2 + depends_on: + - kafka1 + - kafka2 + - kafka3 + environment: + ZK_HOSTS: zookeeper1:2181,zookeeper2:2182,zookeeper3:2183 + APPLICATION_SECRET: "random-secret" + KM_ARGS: -Djava.net.preferIPv4Stack=true + networks: *efk-network + ports: + - "8282:9000" + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + apm-server: + image: docker.elastic.co/apm/apm-server:7.9.3 + ports: + - "8200:8200" + networks: *efk-network + depends_on: + - kafka-manager + configs: + - source: apmserver.conf + target: /usr/share/apm-server/apm-server.yml + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + influxdb: + image: influxdb:1.7.10 + ports: + - 8086:8086 + - 8083:8083 + - 8089:8089/udp + networks: *efk-network + configs: + - source: influxdb.conf + target: /etc/influxdb/influxdb.conf + volumes: + - influxdb-data:/var/lib/influxdb + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + chronograf: + image: chronograf:1.7.17 + ports: + - 8888:8888 + volumes: + - chronograf:/var/lib/chronograf + depends_on: + - influxdb + environment: + INFLUXDB_URL: http://influxdb:8086 + networks: *efk-network + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + grafana: + image: grafana/grafana:6.7.4 + networks: *efk-network + user: "$UID:$GID" + ports: + - 3000:3000 + environment: + - GF_AUTH_ANONYMOUS_ENABLED=true + - GF_SECURITY_ALLOW_EMBEDDING=true + depends_on: + - chronograf + volumes: + - grafana:/var/lib/grafana + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + + scouter: + image : scouterapm/scouter-server:2.7.0 + environment: + - SC_SERVER_ID=SCCOUTER-COLLECTOR + - NET_HTTP_SERVER_ENABLED=true + - NET_HTTP_API_SWAGGER_ENABLED=true + - NET_HTTP_API_ENABLED=true + - MGR_PURGE_PROFILE_KEEP_DAYS=2 + - MGR_PURGE_XLOG_KEEP_DAYS=5 + - MGR_PURGE_COUNTER_KEEP_DAYS=15 + - JAVA_OPT=-Xms1024m -Xmx1024m + volumes: + - sc-logs:/home/scouter-server/logs + - sc-data:/home/scouter-server/database + - sc-libs:/home/scouter-server/lib + - sc-conf:/home/scouter-server/conf + - sc-extweb:/home/scouter-server/extweb + networks: *efk-network + depends_on: + - influxdb + ports: + - 6180:6180 + - 6100:6100 + - 6100:6100/udp + logging: + driver: "json-file" + options: + max-file: "5" + max-size: "100m" + +configs: + fluent_conf: + file: ./allinone/fluentd/conf/fluent.conf + apmserver.conf: + file: ./allinone/apm-server.yml + influxdb.conf: + file: ./allinone/influxdb.conf + es-limits.conf: + file: ./allinone/es-limits.conf + logstash_config: + file: ./allinone/logstash.yml + logstash_pipeline: + file: ./allinone/logstash.conf + +volumes: + kafka3-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/kafka3" + + kafka2-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/kafka2" + + kafka1-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/kafka1" + + chronograf: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/chronograf" + + grafana: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/grafana" + + sc-extweb: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/scouter/sc-extweb" + + sc-conf: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/scouter/sc-conf" + + sc-libs: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/scouter/sc-libs" + + sc-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/scouter/sc-data" + + sc-logs: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/scouter/sc-logs" + + zookeeper3-logs: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/zookeeper3/logs" + + zookeeper3-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/zookeeper3/data" + + zookeeper2-logs: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/zookeeper2/logs" + + zookeeper2-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/zookeeper2/data" + + zookeeper1-logs: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/zookeeper1/logs" + + zookeeper1-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/zookeeper1/data" + + influxdb-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/influxdb/data" + + es-master-01-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/es-master-01/data" + + es-master-02-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/es-master-02/data" + + es-master-03-data: + driver: local + driver_opts: + type: "nfs" + o: "addr=${NFSSERVER:-1.2.3.4},nolock,soft,rw,sync" + device: ":${NFSPATH:-/nfspath}/allinone/es-master-03/data" + +networks: + efk: + attachable: true Index: web-module/script/yml/monitoring/server/guacd.yml =================================================================== diff -u --- web-module/script/yml/monitoring/server/guacd.yml (revision 0) +++ web-module/script/yml/monitoring/server/guacd.yml (revision 45a6c6259c7f4eb24aee2bbe6c37b8ae4300114c) @@ -0,0 +1,44 @@ +version: '3.6' + +services: + + guacd: + image: guacamole/guacd:1.3.0 + hostname: guacd + ports: + - "4822:4822" + environment: + - GUACD_LOG_LEVEL=debug + networks: &guacamole-guacd-network + - guacamole_network + deploy: + mode: replicated + replicas: 1 + placement: + constraints: [node.role==manager] + + guacamole: + image: guacamole/guacamole:1.3.0 + ports: + - "8080:8080" + environment: + - MYSQL_HOSTNAME=192.168.25.40 + - MYSQL_DATABASE=guacamole130 + - MYSQL_USER=root + - MYSQL_PASSWORD=love0618 + - GUACD_HOSTNAME=guacd + networks: *guacamole-guacd-network + depends_on: + - guacd + deploy: + mode: replicated + replicas: 1 + placement: + constraints: [node.role==manager] + +networks: + guacamole_network: + attachable: true +#networks: +# guacamole_network: +# driver: overlay