SkyWalking + Elasticsearch8 容器化部署指南:国内镜像加速与生产级调优
SkyWalking + Elasticsearch8 Docker 部署文档
本文提供在 Ubuntu 服务器上,使用 Docker Compose 部署 SkyWalking(OAP+UI)与 Elasticsearch 8 的完整步骤,数据/日志落地到 /media/disk2
前置条件
- Ubuntu,已具备 sudo 权限与公网下载能力
- 端口:9200(ES)、11800(OAP gRPC)、12800(OAP REST/GraphQL)、8080(UI)
- 内存建议:ES 堆 2–4G,OAP 堆 1–2G;SSD/NVMe 磁盘,预留 ≥20% 空间
1. 安装 Docker/Compose 与内核参数
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo tee /etc/apt/keyrings/docker.asc >/dev/null
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo $VERSION_CODENAME) stable" | sudo tee /etc/apt/sources.list.d/docker.list >/dev/null
sudo apt-get update && sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin# ES 必需内核参数
echo "vm.max_map_count=262144" | sudo tee /etc/sysctl.d/99-elasticsearch.conf
sudo sysctl --system
2. 创建目录与权限
sudo mkdir -p /media/disk2/{elasticsearch/{data,logs},skywalking/{oap-logs,ui-logs},skywalking-docker}
# 赋权给 ES 容器内用户(uid 1000)以避免写权限问题
sudo chown -R 1000:0 /media/disk2/elasticsearch/{data,logs}
sudo chown -R $USER:$USER /media/disk2/skywalking
3. docker-compose.yml
将以下内容保存为 /media/disk2/skywalking-docker/docker-compose.yml(采用镜像:阿里云仓库示例,可换为官方镜像):
version: "3.8"services:elasticsearch:image: registry.cn-hangzhou.aliyuncs.com/docker_image-ljx/elasticsearch:8.14.3container_name: elasticsearchrestart: unless-stoppedenvironment:discovery.type: "single-node"xpack.security.enabled: "true"xpack.security.http.ssl.enabled: "false"xpack.security.transport.ssl.enabled: "false"ELASTIC_PASSWORD: "ChangeMe_Elastic!" # 请改强密码ES_JAVA_OPTS: "-Xms3g -Xmx3g"TZ: "Asia/Shanghai"ulimits:memlock: { soft: -1, hard: -1 }nofile: { soft: 65536, hard: 65536 }volumes:- /media/disk2/elasticsearch/data:/usr/share/elasticsearch/data- /media/disk2/elasticsearch/logs:/usr/share/elasticsearch/logs# 注意:如果没有复制镜像默认配置且修正权限,则挂载 config 目录会报错- /media/disk2/elasticsearch/config:/usr/share/elasticsearch/configports:- "9200:9200"healthcheck:test: ["CMD-SHELL","curl -s -u elastic:ChangeMe_Elastic! http://127.0.0.1:9200 >/dev/null || exit 1"]interval: 10stimeout: 5sretries: 30oap:image: registry.cn-hangzhou.aliyuncs.com/docker_image-ljx/skywalking-oap-server:10.2.0container_name: skywalking-oaprestart: unless-stoppeddepends_on:elasticsearch:condition: service_healthyenvironment:SW_STORAGE: elasticsearchSW_STORAGE_ES_CLUSTER_NODES: elasticsearch:9200SW_STORAGE_ES_HTTP_PROTOCOL: httpSW_ES_USER: elasticSW_ES_PASSWORD: "ChangeMe_Elastic!"JAVA_OPTS: "-Xms2g -Xmx2g"TZ: "Asia/Shanghai"# 单机/小中规模索引建议SW_STORAGE_ES_INDEX_SHARDS_NUMBER: "1"SW_STORAGE_ES_INDEX_REPLICAS_NUMBER: "0"SW_STORAGE_ES_SUPER_DATASET_INDEX_SHARDS_FACTOR: "3"SW_STORAGE_ES_SUPER_DATASET_INDEX_REPLICAS_NUMBER: "0"volumes:- /media/disk2/skywalking/oap-logs:/skywalking/logsports:- "11800:11800"- "12800:12800"healthcheck:test: ["CMD-SHELL", "curl -s http://127.0.0.1:12800/graphql -X POST -H 'Content-Type: application/json' -d '{\"query\":\"{ version }\"}' | grep -q data || exit 1"]interval: 15stimeout: 5sretries: 20ui:image: registry.cn-hangzhou.aliyuncs.com/docker_image-ljx/skywalking-ui:10.2.0container_name: skywalking-uirestart: unless-stoppeddepends_on:- oapenvironment:SW_OAP_ADDRESS: "http://oap:12800"TZ: "Asia/Shanghai"volumes:- /media/disk2/skywalking/ui-logs:/skywalking/logsports:- "8080:8080"networks:default:name: skywalking-net
可选:不硬编码密码的启动方式(不使用 .env)
- 将 compose 中的
ELASTIC_PASSWORD: ${ES_PASSWORD}、SW_ES_PASSWORD: ${ES_PASSWORD} - 启动时传入:
ES_PASSWORD='强密码' docker compose up -d - 若密码含
$,需写成$$或用上述传参方式避免转义
4. 启动与验证
cd /media/disk2/skywalking-docker# 预检查渲染
docker compose config | cat# 启动
docker compose up -d
docker compose ps# 验证 ES
curl -s -u elastic:ChangeMe_Elastic! http://127.0.0.1:9200 | jq .# 验证 OAP
curl -s http://127.0.0.1:12800/graphql -X POST -H 'Content-Type: application/json' -d '{"query":"{ version }"}'# 访问 UI
# http://<服务器IP>:8080
5. Java Agent 接入(示例)
-javaagent:/path/to/skywalking-agent.jar \
-Dskywalking.agent.service_name=my-service \
-Dskywalking.collector.backend_service=<服务器IP>:11800 \
-Dskywalking.agent.instance_name=$(hostname -s)
- 容器与 OAP 在同一网络可用
oap:11800
6. 资源与参数建议(约 30+ 微服务)
- ES 堆内存:
-Xms2g -Xmx2g起步,内存充裕可 3–4g;保持 Xms=Xmx - OAP 堆内存:
-Xms1g -Xmx2g起步 - 单机分片与副本:
indexShardsNumber=1、indexReplicasNumber=0 - 超级数据集(trace/log)分片因子:
superDatasetIndexShardsFactor=3 - TTL/采样:根据磁盘与吞吐设置 OAP
recordDataTTL/metricsDataTTL,高流量建议下调采样比例至 20%–50%
7. 常见问题与修复
问题:启动报错 “Missing logging config file at /usr/share/elasticsearch/config/log4j2.properties”
原因:挂载空宿主机目录到 /usr/share/elasticsearch/config 覆盖了镜像默认配置
解决方案:
-
推荐方案:不挂载 config 目录
编辑docker-compose.yml,删除以下行:- /media/disk2/elasticsearch/config:/usr/share/elasticsearch/config然后重启:
docker compose down && docker compose up -d -
保留挂载:复制默认配置并赋权
执行以下命令:# 使用与 compose 文件中相同的镜像 IMG=registry.cn-hangzhou.aliyuncs.com/docker_image-ljx/elasticsearch:8.14.3# 创建宿主机配置目录(若不存在) sudo mkdir -p /media/disk2/elasticsearch/config# 从镜像中复制默认配置 docker create --name es-tmp $IMG >/dev/null docker cp es-tmp:/usr/share/elasticsearch/config/. /media/disk2/elasticsearch/config/ docker rm -f es-tmp# 设置权限(容器内 ES 用户 uid 为 1000) sudo chown -R 1000:0 /media/disk2/elasticsearch/config完成后重启:
docker compose down && docker compose up -d
简要总结:此问题由空 config 挂载覆盖镜像默认配置引起,解决方法是移除挂载或复制镜像配置到宿主机并设置权限(uid 1000)
// … 文件其余部分保持不变 …