Elasticsearch 安装
安装 JDK
这里选择 openjdk
$ yum install java-11-openjdk-devel
|
获取 elasticsearch
下载 elasticsearch
$ ELK_VERSION=7.5.0
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$ELK_VERSION-linux-x86_64.tar.gz
|
解压 elasticsearch 压缩包到 /usr/local 目录下,并创建软链接
$ tar zvxf elasticsearch-$ELK_VERSION-linux-x86_64.tar.gz -C /usr/local/
$ cd /usr/local/
$ ln -sv elasticsearch-$ELK_VERSION elasticsearch
|
创建 elastic 用户,用于运行 elasticsearch
$ groupadd -r -g 920 elastic
$ useradd -r -u 920 -g 920 -s /sbin/nologin elastic
$ chown -R elastic.root /usr/local/elasticsearch-$ELK_VERSION
|
配置 elasticsearch
修改 elasticsearch 配置文件,如下
$ grep -vE "^#|^$" /usr/local/elasticsearch/config/elasticsearch.yml
path.data: /data/elasticsearch/data
path.logs: /data/elasticsearch/logs
network.host: 127.0.0.1
http.port: 9200
discovery.type: single-node
|
创建 elasticsearch 数据和日志目录,要与上面配置文件相匹配
$ mkdir /data/elasticsearch/{data,logs} -pv
$ chown -R elastic.elastic /data/elasticsearch
|
创建 elasticsearch 启动文件
$ cat << EOF | tee /etc/systemd/system/elasticsearch.service
[Unit]
Description=Elasticsearch
After=network-online.target
[Service]
Type=simple
PrivateTmp=true
User=elastic
Group=elastic
ExecStart=/usr/local/elasticsearch/bin/elasticsearch --quiet
KillSignal=SIGTERM
KillMode=process
SendSIGKILL=no
SuccessExitStatus=143
LimitNOFILE=65536
LimitNPROC=4096
LimitAS=infinity
LimitFSIZE=infinity
[Install]
WantedBy=multi-user.target
EOF
|
启动 elasticsearch
$ systemctl daemon-reload
$ systemctl enable elasticsearch.service
$ systemctl start elasticsearch.service
|
验证结果
$ curl http://localhost:9200
{
"name" : "phpmianshi.com",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "YbZLu2ZRSmu9ROpyPQojoQ",
"version" : {
"number" : "7.5.0",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "e9ccaed468e2fac2275a3761849cbee64b39519f",
"build_date" : "2019-11-26T01:06:52.518245Z",
"build_snapshot" : false,
"lucene_version" : "8.3.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
|
Logstash 安装
获取 Logstash
下载 logstatsh
$ wget https://artifacts.elastic.co/downloads/logstash/logstash-$ELK_VERSION.tar.gz
|
解压 logstatsh 压缩包到 /usr/local 目录下,并创建软链接
$ tar zvxf logstash-$ELK_VERSION.tar.gz -C /usr/local/
$ cd /usr/local/
$ ln -sv logstash-$ELK_VERSION logstash
|
创建 logstash 用户,用于运行 logstash
$ groupadd -r -g 960 logstash
$ useradd -r -u 960 -g 960 -s /sbin/nologin logstash
|
配置 Logstash
修改 logstash 配置文件 logstash.yml(logstash 主配置文件),如下
$ grep -vE "^#|^$" /usr/local/logstash/config/logstash.yml
path.data: /data/logstash/data
http.host: "127.0.0.1"
http.port: 9600-9700
log.level: info
path.logs: /data/logstash/logs
|
创建 logstash 数据和日志目录
$ mkdir /data/logstash/{data,logs} -pv
$ chown -R logstash.logstash /data/logstash/
|
修改 logstash 的 pipeline 配置文件 pipelines.yml(logstash 任务配置文件),如下
$ grep -vE "^$|^#" /usr/local/logstash/config/pipelines.yml
- pipeline.id: main
pipeline.workers: 2
pipeline.batch.size: 125
queue.type: persisted
path.config: "/usr/local/logstash/config/pipelines"
|
创建 pipelines 目录,要与上面配置文件选项 path.config 定义的一致
$ mkdir /usr/local/logstash/config/pipelines -pv
|
修改 logstash 启动选项配置文件 startup.options(logstash 启动选项配置选项文件),如下
$ grep -vE "^$|^#" /usr/local/logstash/config/startup.options
JAVACMD=/usr/bin/java
LS_HOME=/usr/local/logstash
LS_SETTINGS_DIR=${LS_HOME}/config
LS_OPTS="--path.settings ${LS_SETTINGS_DIR}"
LS_JAVA_OPTS=""
LS_USER=logstash
LS_GROUP=logstash
LS_GC_LOG_FILE=/data/logstash/logs/gc.log
LS_OPEN_FILES=16384
LS_NICE=19
SERVICE_NAME="logstash"
SERVICE_DESCRIPTION="Logstash"
|
使用 logstash 自带的 system-install 命令生成启动文件
$ /usr/local/logstash/bin/system-install /usr/local/logstash/config/startup.options systemd
|
执行后会生成 /etc/default/logstash 文件,内容跟 /usr/local/logstash/config/startup.options 定义的选项一致
还会生成 /etc/systemd/system/logstash.service 文件。这个是 Logstash 的启动文件。
启动 Logstash
Logstash 需要有任务才能持续运行,因此创建一个简单 logstahs 的任务,用于测试 logstash 启动是否正常
$ cat << EOF | tee /usr/local/logstash/config/pipelines/test.conf
input {
beats {
port => 5044
}
}
output {
stdout {
codec => rubydebug
}
}
EOF
|
启动 Logstash
$ systemctl daemon-reload
$ systemctl enable logstash.service
$ systemctl start logstash.service
|
查看 Logstash 运行状态
$ systemctl status logstash.service
|
Kibana 安装配置
安装 Kibana
下载 kibana
$ wget https://artifacts.elastic.co/downloads/kibana/kibana-$ELK_VERSION-linux-x86_64.tar.gz
|
解压 kibana 压缩包到 /usr/local 目录下,并创建软链接
$ tar zvxf kibana-$ELK_VERSION-linux-x86_64.tar.gz -C /usr/local
$ cd /usr/local/
$ ln -sv kibana-$ELK_VERSION-linux-x86_64 kibana
|
创建 kibana 用户,用于运行 kibana
$ groupadd -r -g 560 kibana
$ useradd -r -u 560 -g 960 -s /sbin/nologin kibana
|
修改 kibana 配置文件 kibana.yml ,如下
$ grep -vE "^#|^$" /usr/local/kibana/config/kibana.yml
server.port: 5601
server.host: "localhost"
pid.file: /usr/local/kibana/run/kibana.pid
|
创建 PID 文件存放目录
$ mkdir /usr/local/kibana/run
$ chown -R kibana.root /usr/local/kibana
|
创建 kibana 启动文件
$ cat << EOF | tee /etc/systemd/system/kibana.service
[Unit]
Description=Kibana
After=network-online.target
[Service]
Type=simple
User=kibana
Group=kibana
PIDFile=/usr/local/kibana/run/kibana.pid
ExecStart=/usr/local/kibana/bin/kibana "-c /usr/local/kibana/config/kibana.yml"
Restart=always
WorkingDirectory=/usr/local/kibana
[Install]
WantedBy=multi-user.target
EOF
|
启动 kibana
$ systemctl daemon-reload
$ systemctl enable kibana.service
$ systemctl start kibana.service
|
使用 nginx 代理 kibana,并设置认证
创建密码文件,并创建一个admin用户
$ yum install httpd-tools
$ htpasswd -c -m /usr/local/openresty/nginx/conf/kiban-auth admin
New password:
Re-type new password:
Adding password for user admin
|
nginx 代理 kibana 部分配置文件如下
location / {
auth_basic "Protected Kibana Field";
auth_basic_user_file /usr/local/openresty/nginx/conf/kiban-auth;
proxy_pass http://127.0.0.1:5601;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_redirect off;
proxy_read_timeout 90;
}
|
重启 nginx 即可
版权声明:本文由PHP面试资料网发布,如需转载请注明出处。
