1. ElasticSearch集群搭建
1.1下载
1.2 启动
下载解压完成后
- 修改elasticsearch.yml配置文件
cluster.name: bigdata-cluster
node.name: node2
path.data: /usr/data/es/data
path.logs: /usr/data/es/logs
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["192.168.152.6","192.168.152.7","192.168.152.8"]
node.master: false
node.data: true
discovery.zen.minimum_master_nodes: 2
cluster.initial_master_nodes: ["192.168.152.6:9300"]
- 新建用户组和用户
es不允许以root账号启动
修改文件所属用户组
chown -R william:william /usr/data/es
3. 启动es集群问题
vim /etc/security/limits.conf
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096
vim /etc/sysctl.conf
增加配置
vm.max_map_count=262144
然后执行命令: sysctl -p 即可立刻生效
错误:
错误:system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
常见错误:org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to obtain node locks, tried [[/home/elasticsearch-6.3.0/data/elasticsearch]] with lock id [0]; maybe these locations are not writable or multiple nodes were started without increasing [node.max_local_storage_nodes] (was [1])?
错误原因是:后台已经有一个elasticsearch进程了
ps -ef|grep elastic
kill -9 XX
2. 集群监控Cerebro
下载地址:传送门
然后解压
修改配置文件 conf/application.conf
### 3. 可视化工具Kibana
下载解压
cd config
vim kibana.yml
hosts = [
{
host = “http://192.168.0.63:9200”
name = “es-cluster”
headers-whitelist = [ “x-proxy-user”, “x-proxy-roles”, “X-Forwarded-For” ]
}
}
启动 ./bin/cerebro &
#访问的默认端口
server.port: 5601
#本机ip
server.host: “192.168.152.6”
#es的ip和port
elasticsearch.hosts: [“http://192.168.152.6:9200”]
kibana.index: “.kibana”
在浏览器输入:http://192.168.152.6:5601/
如果无法访问,查看防火墙是否关闭。
查看运行状态:firewall-cmd --state
关闭防火墙: systemctl stop firewalld
开机禁用 : systemctl disable firewalld
### 3. Logstash日志收集
使用JRuby语言编写。
启动:
bin>./logstash -e 'input{ stdin{} } output{ stdout{}} ’
然后就可以输入内容,logstash会打印出来。
http://www.linuxe.cn/post-309.html