Docker Graylog (ELK & MongoDB) Installation Fails in Centos 8 Server

Dear all,

My name is Dimitrios and I try to install Graylog , Elasticsearch and MongoDB from the official manual page in CentOS 8 using Docker (https://docs.graylog.org/en/3.3/pages/installation/docker.html#persisting-data). I have the docker-compose.yml like the attached page but I face the below problem.

Has anybody face the problem? I am a newbie and I really want to understand what is the problem.

Regards,

Dimitrios

I thought it was Graylog the problem. The problem is VM’s OS. CentOS 8 does not support interconnection between containers.

Hi Dimitrios,

I use podman-compose on CentOS 8 and graylog 3 works ok.

Here is a docker-compose.yml file that works, you just need to change the values of the GRAYLOG environment variables and ensure firewalld has all ports open ( firewall-cmd --permanent --add-port=9000/tcp --add-port=1761/tcp --add-port=5044/tcp --add-port=9100/tcp --add-port=1514/tcp --add-port=1514/udp --add-port=12201/tcp --add-port=12201/udp && firewall-cmd --reload ).

Hope that helps.

docker-compose.yml

version: '3.8'
services:
  # MongoDB: https://hub.docker.com/_/mongo/
  mongo:
    image: mongo:4
    volumes:
      - mongo_data:/data/db
    networks:
      - graylog
  # Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/6.x/docker.html
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.13
    volumes:
      - es_data:/usr/share/elasticsearch/data
    environment:
      - http.host=0.0.0.0
      - transport.host=localhost
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    deploy:
      resources:
        limits:
          memory: 1g
    networks:
      - graylog
  # Graylog: https://hub.docker.com/r/graylog/graylog/
  graylog:
    image: graylog/graylog:3.3
    volumes:
      - grafana_data:/usr/share/graylog/data
    environment:
      # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_PASSWORD_SECRET=dEwWursQdtQGgDsLeEWF5doMDlbWfJVWjpKfIBdBh2N5zjoPn7BZsOxWwztpaYu885QAz3PWC6PuP0FBhZNRvsRnvgdpHY7W
      # Password: admin
      - GRAYLOG_ROOT_PASSWORD_SHA2=5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
      - GRAYLOG_HTTP_EXTERNAL_URI=http://192.168.0.166:9000/
    networks:
      - graylog
    depends_on:
      - mongo
      - elasticsearch
    ports:
      # Graylog web interface and REST API
      - 9000:9000
      # tcpTransportPort
      - 1761:1761
      #beatsManagementPort
      - 5044:5044
      # httpElasticSearchPort
      - 9100:9100
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp
networks:
  graylog:
    driver: bridge

# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/
volumes:
  mongo_data:
    driver: local
  es_data:
    driver: local
  graylog_data:

Thank you for your response! Just a quick question: Is it possible to install logstash with docker and configure it properly? Have you ever tried it?

Sorry I have never tried it. I’m not sure what you would need to do if using it with graylog but the logstash docker image can be found at https://www.docker.elastic.co/r/logstash

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.