侧边栏壁纸
博主头像
程彬彬博主等级

业精于勤 荒于嬉 行成于思 毁于随

  • 累计撰写 101 篇文章
  • 累计创建 26 个标签
  • 累计收到 20 条评论
标签搜索

目 录CONTENT

文章目录
ELK

ELK7.5部署

程彬彬
程彬彬
2019-12-17 / 0 评论 / 0 点赞 / 2,111 阅读 / 0 字 / 正在检测是否收录...
温馨提示:
本文最后更新于 2019-12-20,若内容或图片失效,请留言反馈。部分素材来自网络,若不小心影响到您的利益,请联系我们删除。
广告 广告

之前部署7.4.2不到一周就发布先的版本,学习时间都没有他发布的快,刚好最近项目没有重大修改,比较有时间,接着学习ELK.

一.环境修改

1.修改文件限制 vi /etc/security/limits.conf

增加的内容

  • hard nofile 65536
  • soft nproc 2048
  • hard nproc 4096
  • soft memlock unlimited
  • hard memlock unlimited

2.调整进程数

vi /etc/security/limits.d/20-nproc.conf

调整成以下配置

  • soft nproc 4096 root soft nproc unlimited

3.调整虚拟内存&最大并发连接

vi /etc/sysctl.conf

增加的内容

vm.max_map_count=655360

fs.file-max=655360

4.执行以下命令生效

sysctl -p

二.JDK部署

创建文件 mkdir -p /opt/java

解压文件 sudo tar zvxf jdk-11.0.4_linux-x64_bin.tar.gz -C /opt/java

编辑配置文件 vi /etc/profile

配置环境变量

export JAVA_HOME=/opt/java/jdk-11.0.4

export PATH=$JAVA_HOME/bin:$PATH

export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

环境立即生效

source /etc/profile

查看当前版本 java -version

三.elasticsearch部署

1.创建文件夹

mkdir /opt/elastic

mkdir -p /datas/elastic/elasticsearch/data

mkdir -p /datas/elastic/elasticsearch/logs

2.下载

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.0-linux-x86_64.tar.gz

3.解压

sudo tar zvxf elasticsearch-7.5.0-linux-x86_64.tar.gz -C /opt/elastic

4.编辑配置文件

vi config/elasticsearch.yml

cluster.name: my-elastic

node.name: elasticsearch-1

path.data: /datas/elastic/elasticsearch/data

path.logs: /datas/elastic/elasticsearch/logs

bootstrap.memory_lock: true

network.host: 0.0.0.0

http.port: 9200

transport.tcp.port: 9300

cluster.initial_master_nodes: [elasticsearch-1]

xpack.security.enabled: true

xpack.license.self_generated.type: basic

xpack.security.transport.ssl.enabled:true

5.创建用户

useradd elastic

6.赋权

chown -R elastic:elastic /opt/elastic/*

chown -R elastic:elastic /datas/elastic/*

7.开放端口

firewall-cmd --add-port=9200/tcp --permanent

firewall-cmd --add-port=9300/tcp --permanent

firewall-cmd --reload

8.指定jdk

vi bin/elasticsearch

export JAVA_HOME=/opt/java/jdk-11.0.4/

export PATH=$JAVA_HOME/bin:$PATH

if [ -x "$JAVA_HOME/bin/java" ]; then

JAVA="/opt/java/jdk-11.0.4/bin/java"

else

JAVA=`which java`

fi

9.切换用户elastic用户

su elastic

10.Elasticsearch启动

./bin/elasticsearch

./bin/elasticsearch -d 后台启动

11.配置密码权限

执行设置用户名和密码的命令

bin/elasticsearch-setup-passwords interactive

需要分别设置密码有这些 elastic apm_system kibana logstash_system beats_system remote_monitoring_user

12.开机自启 编辑elasticsearch脚本

vi /etc/init.d/elasticsearch

#!/bin/sh
#chkconfig: 2345 80 05
#description: elasticsearch
export JAVA_HOME=/opt/java/jdk-11.0.4
export JAVA_BIN=/opt/java/jdk-11.0.4/bin
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JAVA_HOME JAVA_BIN PATH CLASSPATH


case "$1" in
start)
    su elastic<<!
    cd /opt/elastic/elasticsearch-7.5.0
    ./bin/elasticsearch -d
!
    echo "elasticsearch startup"
    ;;  
stop)
    es_pid=`ps aux|grep elasticsearch | grep -v 'grep elasticsearch' | awk '{print $2}'`
    kill -9 $es_pid
    echo "elasticsearch stopped"
    ;;  
restart)
    es_pid=`ps aux|grep elasticsearch | grep -v 'grep elasticsearch' | awk '{print $2}'`
    kill -9 $es_pid
    echo "elasticsearch stopped"
    su elastic<<!
    cd /opt/elastic/elasticsearch-7.5.0
    ./bin/elasticsearch -d
!
    echo "elasticsearch startup"
    ;;  
*)
    echo "start|stop|restart"
    ;;  
esac


exit $?

脚本授权

chmod +x /etc/init.d/elasticsearch

配置开启自启

chkconfig --add elasticsearch

四.logstash部署

1.下载

wget https://artifacts.elastic.co/downloads/logstash/logstash-7.5.0.tar.gz

2.创建文件夹

mkdir -p /datas/elastic/logstash/data

mkdir -p /datas/elastic/logstash/data

3.解压

sudo tar zvxf logstash-7.5.0.tar.gz -C /opt/elastic

4.修改logstash.yml配置

vi config/logstash.yml

增加以下内容

path.data: /datas/elastic/logstash/data

path.logs: /datas/elastic/logstash/logs

赋权 chown -R elastic:elastic /datas/elastic/logstash/data chown -R elastic:elastic /datas/elastic/logstash/logs

5.修改logstash-sample.conf配置

编辑配置文件

vi config/logstash-sample.conf

增加以下内容

input {
tcp{
  mode => "server"
  host => "192.168.33.88"
  port => "7788"
}
stdin{}
}

filter{}

output {
  elasticsearch {
    action => "index"
    hosts => ["192.168.33.88:9200"]
    index => "logs-%{+YYYY-MM.dd}"
    user => "elastic"
    password => "elk123"
  }
  stdout{
    codec => rubydebug
  }
}

6.开放端口

firewall-cmd --add-port=7788/tcp --permanent

firewall-cmd --reload

7.启动

./bin/logstash -f config/logstash-sample.conf

后台启动

nohup ./bin/logstash -f config/logstash-sample.conf &

tail -f nohup.out 可查看启动日志

8.开机自启

编辑logstash脚本

vi /etc/init.d/logstash

#!/bin/sh
#chkconfig: 2345 80 05
#description: logstash
export JAVA_HOME=/opt/java/jdk-11.0.4
export JAVA_BIN=/opt/java/jdk-11.0.4/bin
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JAVA_HOME JAVA_BIN PATH CLASSPATH


case "$1" in
start)
    cd /opt/elastic/logstash-7.5.0
    nohup ./bin/logstash -f config/logstash-sample.conf &
!
    echo "logstash startup"
    ;;  
stop)
    es_pid=`ps aux|grep logstash | grep -v 'grep logstash' | awk '{print $2}'`
    kill -9 $es_pid
    echo "logstash stopped"
    ;;  
restart)
    es_pid=`ps aux|grep logstash | grep -v 'grep logstash' | awk '{print $2}'`
    kill -9 $es_pid
    echo "logstash stopped"
    cd /opt/elastic/logstash-7.5.0
    nohup ./bin/logstash -f config/logstash-sample.conf &
!
    echo "logstash startup"
    ;;  
*)
    echo "start|stop|restart"
    ;;  
esac

exit $?

脚本授权

chmod +x /etc/init.d/logstash

配置开启自启

chkconfig --add logstash

五.kibana部署

1.下载 wget https://artifacts.elastic.co/downloads/kibana/kibana-7.5.0-linux-x86_64.tar.gz

2.解压

sudo tar zvxf kibana-7.5.0-linux-x86_64.tar.gz -C /opt/elastic

3.重命名

mv /opt/elastic/kibana-7.5.0-linux-x86_64 /opt/elastic/kibana-7.5.0

4.开放端口

firewall-cmd --add-port=5601/tcp --permanent

firewall-cmd --reload

5.修改kibana.yml配置

vi config/kibana.yml

i18n.locale: "zh-CN"

server.port: 5601

server.host: "0.0.0.0"

elasticsearch.hosts: ["http://192.168.33.88:9200"]

elasticsearch.username: "elastic"

elasticsearch.password: "elk123"

xpack.security.enabled: true

这里要先设置 xpack.security.enabled: true

可以访问页面出现403 在改为xpack.security.enabled: false

6.赋权

chown -R elastic:elastic /opt/elastic/kibana-7.5.0/

7.切换用户

su elastic

8.启动

./bin/kibana

后台启动

nohup kibnan $

9.开机自启

编辑kibana脚本

vi /etc/init.d/kibana

#!/bin/sh
#chkconfig: 2345 80 05
#description: kibana
export JAVA_HOME=/opt/java/jdk-11.0.4
export JAVA_BIN=/opt/java/jdk-11.0.4/bin
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JAVA_HOME JAVA_BIN PATH CLASSPATH


case "$1" in
start)
    su elastic<<!
    cd /opt/elastic/kibana-7.5.0
    nohup ./bin/kibana &
!
    echo "kibana startup"
    ;;  
stop)
    es_pid=`ps aux|grep kibana | grep -v 'grep kibana' | awk '{print $2}'`
    kill -9 $es_pid
    echo "kibana stopped"
    ;;  
restart)
    es_pid=`ps aux|grep kibana | grep -v 'grep kibana' | awk '{print $2}'`
    kill -9 $es_pid
    echo "kibana stopped"
    su elastic<<!
    cd /opt/elastic/kibana-7.5.0
    nohup ./bin/kibana &
!
    echo "kibana startup"
    ;;  
*)
    echo "start|stop|restart"
    ;;  
esac

exit $?

脚本授权

chmod +x /etc/init.d/kibana

配置开启自启

chkconfig --add kibana

0
ELK
  1. qrcode alipay
  2. qrcode weixin
版权归属: 程彬彬
本文链接: https://www.chengbinbin.cn/archives/ELK750
许可协议: 本文使用《署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0)》协议授权
广告 广告

评论区