From 0097dfc0b607e026962a5b3c63de53b99c9deccb Mon Sep 17 00:00:00 2001
From: kumashun8 <tiwo3wa4@gmail.com>
Date: Wed, 18 Jan 2023 22:50:23 +0900
Subject: [PATCH] =?UTF-8?q?docker-compose=E3=81=A7EFK=E3=82=92=E5=8B=95?=
 =?UTF-8?q?=E4=BD=9C=E3=81=95=E3=81=9B=E3=82=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 efk/docker-compose.yml       | 41 ++++++++++++++++++++++++++++++++++++
 efk/fluentd/Dockerfile       |  6 ++++++
 efk/fluentd/conf/fluent.conf | 28 ++++++++++++++++++++++++
 3 files changed, 75 insertions(+)
 create mode 100644 efk/docker-compose.yml
 create mode 100644 efk/fluentd/Dockerfile
 create mode 100644 efk/fluentd/conf/fluent.conf

diff --git a/efk/docker-compose.yml b/efk/docker-compose.yml
new file mode 100644
index 0000000..2dc4835
--- /dev/null
+++ b/efk/docker-compose.yml
@@ -0,0 +1,41 @@
+version: "3"
+services:
+  web:
+    image: httpd
+    ports:
+      - "80:80"
+    links:
+      - fluentd
+    logging:
+      driver: "fluentd"
+      options:
+        fluentd-address: localhost:24224
+        tag: httpd.access
+
+  fluentd:
+    build: ./fluentd
+    volumes:
+      - ./fluentd/conf:/fluentd/etc
+    links:
+      - "elasticsearch"
+    ports:
+      - "24224:24224"
+      - "24224:24224/udp"
+
+  elasticsearch:
+    image: docker.elastic.co/elasticsearch/elasticsearch:8.1.2
+    container_name: elasticsearch
+    environment:
+      - "discovery.type=single-node"
+      - xpack.security.enabled=false
+    expose:
+      - "9200"
+    ports:
+      - "9200:9200"
+
+  kibana:
+    image: docker.elastic.co/kibana/kibana:8.1.2
+    links:
+      - "elasticsearch"
+    ports:
+      - "5601:5601"
diff --git a/efk/fluentd/Dockerfile b/efk/fluentd/Dockerfile
new file mode 100644
index 0000000..bd32e7c
--- /dev/null
+++ b/efk/fluentd/Dockerfile
@@ -0,0 +1,6 @@
+# fluentd/Dockerfile
+
+FROM fluent/fluentd:v1.12.0-debian-1.0
+USER root
+RUN ["gem", "install", "fluent-plugin-elasticsearch", "--no-document", "--version", "5.2.4"]
+USER fluent
diff --git a/efk/fluentd/conf/fluent.conf b/efk/fluentd/conf/fluent.conf
new file mode 100644
index 0000000..bab3894
--- /dev/null
+++ b/efk/fluentd/conf/fluent.conf
@@ -0,0 +1,28 @@
+# fluentd/conf/fluent.conf
+
+<source>
+  @type forward
+  port 24224
+  bind 0.0.0.0
+</source>
+
+<match *.**>
+  @type copy
+
+  <store>
+    @type elasticsearch
+    host elasticsearch
+    port 9200
+    logstash_format true
+    logstash_prefix fluentd
+    logstash_dateformat %Y%m%d
+    include_tag_key true
+    type_name access_log
+    tag_key @log_name
+    flush_interval 1s
+  </store>
+
+  <store>
+    @type stdout
+  </store>
+</match>