ELFK日志平台入门3---Kibana搭建

ELFK日志平台入门1---架构设计

ELFK日志平台入门2---Elasticseach集群搭建   

ELFK日志平台入门3---Kibana搭建

ELFK日志平台入门4---Kafka集群搭建

ELFK日志平台入门5---Logstash+Filebeat集群搭建

这个章节我们介绍下Kibana搭建。

 1、Kibana部署

• 解压Kibana安装包：

# tar zxf kibana-6.2.4-linux-x86_64.tar.gz && mv kibana-6.2.4-linux-x86_64 /usr/local/kibana

•  修改配置：

# vim /usr/local/kibana/config/kibana.yml

server.port: 5601               #监听端口
server.host: "0.0.0.0"              #监听IP
elasticsearch.hosts: ["http://192.168.0.0:9200","http://192.168.0.1:9200","http://192.168.0.2:9200"]                #集群es地址
logging.dest: /usr/local/kibana/logs/kibana.log                 #日志路径
kibana.index: ".kibana"                 #默认索引

# mkdir /usr/local/kibana/logs && touch /usr/local/kibana/logs/kibana.log

• 启动kibana：

# /usr/local/kibana/bin/kibana &

• 配置成kibana服务：

# vim /etc/default/kibana

user="elk"
group="elk"
chroot="/"
chdir="/"
nice=""


# If this is set to 1, then when `stop` is called, if the process has
# not exited within a reasonable time, SIGKILL will be sent next.
# The default behavior is to simply log a message "program stop failed; still running"
KILL_ON_STOP_TIMEOUT=0

       新增服务文件：

# vim /etc/systemd/system/kibana.service

# vim /etc/sysconfig/elasticsearch
 
################################
# Elasticsearch
################################
 
# Elasticsearch home directory
#ES_HOME=/usr/share/elasticsearch
ES_HOME=/usr/local/elasticsearch
 
# Elasticsearch Java path
#JAVA_HOME=
JAVA_HOME=/usr/local/jdk
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JAVA_HOME/jre/lib
 
# Elasticsearch configuration directory
#ES_PATH_CONF=/etc/elasticsearch
ES_PATH_CONF=/usr/local/elasticsearch/config
 
# Elasticsearch PID directory
#PID_DIR=/var/run/elasticsearch
PID_DIR=/usr/local/elasticsearch/run
 
# Additional Java OPTS
#ES_JAVA_OPTS=
 
# Configure restart on package upgrade (true, every other setting will lead to not restarting)
#RESTART_ON_UPGRADE=true
 
################################
# Elasticsearch service
################################
 
# SysV init.d
#
# The number of seconds to wait before checking if Elasticsearch started successfully as a daemon process
ES_STARTUP_SLEEP_TIME=5
 
################################
# System properties
################################
 
# Specifies the maximum file descriptor number that can be opened by this process
# When using Systemd, this setting is ignored and the LimitNOFILE defined in
# /usr/lib/systemd/system/elasticsearch.service takes precedence
#MAX_OPEN_FILES=65535
 
# The maximum number of bytes of memory that may be locked into RAM
# Set to "unlimited" if you use the 'bootstrap.memory_lock: true' option
# in elasticsearch.yml.
# When using systemd, LimitMEMLOCK must be set in a unit file such as
# /etc/systemd/system/elasticsearch.service.d/override.conf.
#MAX_LOCKED_MEMORY=unlimited
 
# Maximum number of VMA (Virtual Memory Areas) a process can own
# When using Systemd, this setting is ignored and the 'vm.max_map_count'
# property is set at boot time in /usr/lib/sysctl.d/elasticsearch.conf
#MAX_MAP_COUNT=262144

       管理服务：

# chown -R elk:elk /usr/local/kibana

# systemctl daemon-reload

# systemctl enable kibana

# systemctl start kibana                #先kill之前的kibana进程

•  浏览器访问（Kibana默认端口5601）

 2、Kibana开启密码登录

   因为Kibana部署好后，不需要账号密码可以直接登录访问界面，这样对于生产环境而言，安全性较差，那如何提供设置Kibana账号密码登录呢？这里提供一种方案：

   nginx提供ngx_http_auth_basic_module模块，实现代理之后权限控制。那下面看下如何配置（默认已安装好nginx，这里不做介绍）：

• 创建用户名密码文件：

# htpasswd -b -c /usr/local/nginx/conf/passwd.db user 123456

• nginx增加auth_basic和auth_basic_user_file两项配置： 

# vi nginx.conf

server {
        listen       5601;
        server_name  127.0.0.1;

        location / {
            auth_basic "secret";
            auth_basic_user_file /usr/local/nginx/db/passwd.db;
            proxy_pass  http://*.*.*.*:5601;                           #kibana访问地址
            proxy_set_header Host $host:5601;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Via "nginx";
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         }

    }

• 重新加载nginx配置：

# ./nginx -s reload

• 浏览器访问 ：

至此，Kibana已部署完成，如果需要集群，可以自己在nginx配置。