ELK操作手册----安装elasticssearch

基础架构测试
kibana1.244----elasticsearch1.21和1.22----logstash(tomcat)1.23

将软件上传到服务器192.168.1.21上
$ cd /usr/local/src/
$ ls
elasticsearch-6.5.1.rpm jdk-8u191-linux-x64.rpm
准备硬盘用于存储日志数据
$ fdisk -l
$ fdisk /dev/sdb
$ fdisk -l
$ blkid /dev/sdb1
$ mkfs.xfs /dev/sdb1
$ blkid /dev/sdb1
$ vim /etc/fstab
UUID="15210161-83f7-48eb-8b79-40e94911a31b" /data xfs defaults 0 0
$ ount -a
$ reboot
安装配置elasticssearch
$ cd /usr/local/src/
$ yum -y install jdk-8u191-linux-x64.rpm
$ yum -y install elasticsearch-6.5.1.rpm
$ java -version
$ vim /etc/elasticsearch/elasticsearch.yml
cluster.name: elk-cluster
node.name: server21
path.data: /data/elasticsearch
path.logs: /data/log/elasticsearch
#bootstrap.memorylock: true #打开内存锁定后,服务可能无法启动
network.host: 192.168.1.21
http.port: 9200
discovery.zen.ping.unicast.hosts: ["192.168.1.21", "192.168.1.22"]

$ grep "^[a-Z]" /etc/elasticsearch/elasticsearch.yml
$ vim /usr/lib/systemd/system/elasticsearch.service
LimitMEMLOCK=infinity
$ vim /etc/elasticsearch/jvm.options
-Xms3g #设置为内存的一半,都不要超过32G
-Xmx3g

$ mkdir -p /data/elasticsearch
$ mkdir -p /data/log/elasticsearch
$ chown elasticsearch.elasticsearch /data/elasticsearch/ /data/log/elasticsearch/
$ systemctl enable elasticsearch.service
$ systemctl start elasticsearch.service
$ ss -tnl #必须有9200和9300端口才表示启动成功
LISTEN 0 128 ::ffff:192.168.1.21:9200 :::
LISTEN 0 128 ::ffff:192.168.1.21:9300 :::

$ curl http://192.168.1.21:9200

安装head插件
$ yum -y install git
$ yum -y install npm
$ git clone git://github.com/mobz/elasticsearch-head.git
$ cd elasticsearch-head/
$ npm install grunt -save
$ npm install
$ npm run start &
$ vim /etc/elasticsearch/elasticsearch.yml
#在最下方添加
http.cors.enabled: true
http.cors.allow-origin: ""

$ systemctl restart elasticsearch
访问带插件的es
http://192.168.1.21:9100 (http://192.168.1.21:9200/---连接)

在tomcat上安装logstash
删除自带的java环境
rpm -qa|grep java
rpm -e java-1.7.0-openjdk-headless-1.7.0.191-2.6.15.4.el7_5.x86_64
rpm -e java-1.8.0-openjdk-headless-1.8.0.191.b12-0.el7_5.x86_64
cd /usr/local/src
ls
jdk-8u191-linux-x64.rpm
logstash-6.5.1.rpm

你可能感兴趣的:(ELK操作手册----安装elasticssearch)