elk7.6版本集群搭建（一）

环境准备

1.创建用户组和用户

       groupadd elastic

       useradd elastic -g elastic

       visudo

       在root ALL=(ALL)ALL 一行下面添加elastic 用户 

       elastic ALL=(ALL)ALL       

2.防火墙关闭

       systemctl status firewalld

       systemctl disable firewalld

3.主机映射

         vim /etc/hosts

         172.16.93.192 bi-elk1

         172.16.93.193  bi-elk2

         172.16.93.194  bi-elk3

4.修改/etc/sysctl.conf

         vim /etc/sysctl.conf

         写入：vm.max_map_count=655360

         保存退出后,使用sysctl -p 刷新生效

5.修改文件/etc/security/limits.conf

          vim /etc/security/limits.conf

          root soft nofile 65535

          root hard nofile 65535

         * soft nofile 65535

         * hard nofile 65535

          保存 退出

---

es集群搭建（切换用户）

下载： wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.1-linux-x86_64.tar.gz

解压：tar -zxvf elasticsearch-7.6.1-linux-x86_64.tar.gz

配置：

vim /data/elasticsearch/elasticsearch-7.6.1/config/elasticsearch.yml

master：

cluster.name: bi-elk

node.name: elk1

node.master: true

node.data: true

path.data: /data/elasticsearch/data

path.logs: /data/elasticsearch/logs

http.port: 9200

network.host: 0.0.0.0

network.publish_host: 172.16.93.192

discovery.seed_hosts: ["172.16.93.192:9300"]

cluster.initial_master_nodes: ["172.16.93.192"]

discovery.zen.minimum_master_nodes: 2

discovery.zen.ping_timeout: 60s # 心跳超时时间

discovery.zen.fd.ping_interval: 120s    # 节点检测时间

discovery.zen.fd.ping_timeout: 120s    #ping 超时时间

discovery.zen.fd.ping_retries: 5    # 心跳重试次数

gateway.recover_after_nodes: 2

gateway.recover_after_time: 30m

gateway.expected_nodes: 3

bootstrap.system_call_filter: false

http.cors.enabled: true

http.cors.allow-origin: "*"

data:

cluster.name: bi-elk

node.name: elk3

node.master: false

node.data: true

path.data: /data/elasticsearch/data

path.logs: /data/elasticsearch/logs

http.port: 9200

network.host: 0.0.0.0

network.publish_host: 172.16.93.194

discovery.seed_hosts: ["172.16.93.192:9300"]

cluster.initial_master_nodes: ["172.16.93.192"]

discovery.zen.minimum_master_nodes: 2

discovery.zen.ping_timeout: 60s # 心跳超时时间

discovery.zen.fd.ping_interval: 120s    # 节点检测时间

discovery.zen.fd.ping_timeout: 120s    #ping 超时时间

discovery.zen.fd.ping_retries: 5    # 心跳重试次数

gateway.recover_after_nodes: 2

gateway.recover_after_time: 30m

gateway.expected_nodes: 3

bootstrap.system_call_filter: false

http.cors.enabled: true

http.cors.allow-origin: "*"

修改jvm.options

-Xms8g

-Xmx8g

es启动

./elasticsearch -d

查看：curl 172.16.93.192:9200/_cat/nodes

结果：

172.16.93.192 8 43 0 0.00 0.01 0.05 dilm * elk1

172.16.93.193  8 41 0 0.00 0.01 0.05 dil  - elk2

172.16.93.194 11 48 0 0.00 0.01 0.05 dil  - elk3

kibana搭建

下载：wget https://artifacts.elastic.co/downloads/kibana/kibana-7.6.1-linux-x86_64.tar.gz

解压:  tar -zxvf   kibana-7.6.1-linux-x86_64.tar.gz

配置：vim /data/kibana/kibana-7.6.1/config/kibana.yml 

server.port: 5601

server.host: "0.0.0.0"

elasticsearch.hosts: ["http://172.16.93.192:9200","http://172.16.93.193:9200","http://172.16.93.194:9200"]

elasticsearch.username: "kibana"

elasticsearch.password: "kibana"

logging.dest: /data/kibana/kibana-7.6.1/logs/kibana.log

elasticsearch.ssl.verificationMode: none

elasticsearch.requestTimeout: 90000

i18n.locale: "zh-CN"

退出 保存

启动：

./bin/kibana

浏览：

http:172.16.93.194:5601/(开内网白名单)