1.下载资源
下载界面https://www.elastic.co/cn/downloads/,点击下载,进去选择对应操作系统版本即可。
ElasticSearch下载地址:
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.1.0-windows-x86_64.zip
Kibana下载地址:
https://artifacts.elastic.co/downloads/kibana/kibana-8.1.0-windows-x86_64.zip
下载完成后,解压到磁盘空间:
ElasticSearch:
Kibana:
特别注意:早期版本的ElasticSearch需在环境变量中定义JAVA_HOME并将bin加入Path变量。8.1版本内置了JDK,在安装目录下的jdk文件夹里面,对应jdk17
ElasticSearch和Kibana的bin目录对应各自的命令,可加入环境变量,方便在命令行中使用。
2.说明文档
ElasticSearch文档地址:
https://www.elastic.co/guide/en/elasticsearch/reference/current/getting-started.html
Kibana文档地址:
https://www.elastic.co/guide/en/kibana/current/get-started.html
新版本的上述文档只有英文,
最新版本(6.x)的Kibana中文文档在此:
https://www.elastic.co/guide/cn/kibana/current/index.html
配置大同小异,可对照起来看。
3.ElasticSearch重要配置
A)设置ElasticSearch运行内存
tips:如果不设置内存,Es将吃掉大量内存,对于开发测试环境来说没有必要。
在ES安装目录下,修改jvm.options文件(或者在jvm.options.d子目录下创建jvm.options文件),添加内容如下:
-Xms512m
-Xmx512m
同时打开elasticsearch.yml,修改配置bootstrap.memory_lock为true,即可完成对堆内存的大小限制为512M
bootstrap.memory_lock: true
B)ElasticSearch设置集群安全认证
默认情况下,ES8.1版本自动启动了安全认证以及SSL加密传输,如果需要关闭,elasticsearch.yml中设置为false即可。对应配置如下:
#Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
在这里我们选择把它开启,否则会让kibana的security模块不可用(对开发控制台无影响),无法加载一些插件,请求403。
C)设置ElasticSearch对外访问的IP和端口
默认情况下,安装完成后可以支持本地9200端口Web访问,对应的地址是https://localhost:9200
如果需要支持对外服务,elasticsearch.yml中设置一下network.host和http.port属性即可。
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: localhost
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
D)设置用户名和密码
初次启动ES时,会默认生成用户名和密码(后续启动时不会有的,一定要注意),内置的超级用户是elastic,密码随机,见以下控制台信息。
-> Elasticsearch security features have been automatically configured! -> Authentication is enabled and cluster connections are encrypted.
-> Password for the elastic user (reset with bin/elasticsearch-reset-password -u elastic): XXXXXXXXXXXXXX
-> HTTP CA certificate SHA-256 fingerprint: XXXXXXXXXXXXXX
-> Configure Kibana to use this cluster:
Run Kibana and click the configuration link in the terminal when Kibana starts.
Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
如果没有注意,或者忘记了elastic密码,可以使用elasticsearch-reset-password -u elastic命令重置成你想要的密码。
在这里,我们使用如下命令额外创建一个用户给kibana,因为在8.1版本中kibana的用户是无法设置为elastic的:
elasticsearch-users useradd demo_kibana -p xxxxxx -r kibana_system
//elasticsearch-users命令使用方法:
bin/elasticsearch-users
([useradd ] [-p ] [-r ]) |
([list] ) |
([passwd ] [-p ]) |
([roles ] [-a ] [-r ]) |
([userdel ])
内置的角色常见的有以下几个(需要记一下),其他内置角色可以在后续的Kibana管理界面中查看。
菜单路径:StackManageMent->角色
URL路径:/app/management/security/roles
superuser -- 超级用户 elastic就是默认的超级用户,如果密码搞忘了可以重设,也可以新增一个超级用户来修改elastic的密码。
kibana_system -- 用于对kibana的访问控制
logstash_system --用于对logstash的访问控制
E)启动ElasticSearch
在命令行中运行elasticsearch即可;
如需安装成windows服务,请执行命令elasticsearch-service.bat install
F)客户端浏览器安装head插件,进行查看验证
如果集群没有安全认证,访问https://xxx:9200,直接会出现一个json,(如果有安全认证,会让你输入用户名密码),表明安装成功。
谷歌插件商店中搜索elasticsearch head,(此步骤需科学上网,没条件的在github以及百度中寻找安装资源)安装完成后,点开插件,在最上面的地址中填上ES集群地址https://xxx:9200,点连接即可,会出现用户验证,填上elastic对应的用户名密码,或者自定义的超级用户,验证成功就会出现以下界面:
head插件提供了一个可视化的索引查看界面,相较于原始的json,更加美观。
4.Kibana重要配置
Kibana的配置在安装目录下的config文件夹中的kibana.yml里。
A)设置对外访问的web服务
Kibana默认端口5601,将server.host改成外网ip,如果本地访问,则无需修改保持localhost即可
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "xx.xx.xx.xx"
同时修改server.publicBaseUrl 改为http://xx.xx.xx.xx:5601
# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
server.publicBaseUrl: "http://xx.xx.xx.xx:5601"
这样就能够支持对外提供kibana的web服务了。
B)关闭https访问
默认情况下kibana8.1是开启了https的,修改server.ssl.enabled: false,即可关闭https
C)写入ES配置
elasticsearch.hosts 指向es示例,可以有多个节点
elasticsearch.username和elasticsearch.password对应之前在es中配置的kibana用户
把elasticsearch.ssl.verificationMode设置为none
# =================== System: Elasticsearch ===================
# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["https://localhost:9200"]
# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
elasticsearch.username: "demo_kibana"
elasticsearch.password: "xxxxxxxx"
elasticsearch.ssl.verificationMode: none
D)启用汉化
Kibana同时支持英文/中文,英文代码为en,中文代码为zh-CN
修改i18n.locale为zh-CN
# Supported languages are the following: English - en , by default , Chinese - zh-CN .
i18n.locale: "zh-CN"
E)Kibana密钥
在kinbana的bin目录下有几个内置的命令脚本,运行cmd,执行kibana-encryption-keys generate则会生成三个key,
把这三个key复制粘贴到kibana.yml末尾
xpack.encryptedSavedObjects.encryptionKey: xxxxxxxxxxxxxxxxxxxxxx
xpack.reporting.encryptionKey: xxxxxxxxxxxxxxxxxxxxxx
xpack.security.encryptionKey: xxxxxxxxxxxxxxxxxxxxxx
F)启动kibana
打开命令行,执行bin目录下kibana命令。
命令行显示kibana准备完成后,输入用户名,密码,即可展示到主页,效果如下:
在开发工具里面,可以使用类似restful风格的命令,对es进行操作,赶紧试试看吧!