下载安装包
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.13.3-linux-x86_64.tar.gz
wget https://artifacts.elastic.co/downloads/kibana/kibana-8.13.3-linux-x86_64.tar.gz
解压至 /data/server
tar -zvxf elasticsearch-8.13.3-linux-x86_64.tar.gz -C /data/server
tar -zvxf kibana-8.13.3-linux-x86_64.tar.gz -C /data/server
修改目录为 elasticsearch
,kibana
配置 elasticsearch.yml
cluster.name: syg
node.name: node-1
path.data: /data/server/elasticsearch/data
path.logs: /data/server/elasticsearch/logs
network.host: 0.0.0.0
http.port: 9292
bootstrap.memory_lock: true
修改 sysctl.conf
vim /etc/sysctl.conf
添加
vm.max_map_count=262144
修改 limits.conf
vim /etc/security/limits.conf
添加
syg soft memlock unlimited
syg hard memlock unlimited
重启服务器:
reboot
启动 elasticsearch
bin/elasticsearch
启动成功后在控制会出现
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✅ Elasticsearch security features have been automatically configured!
✅ Authentication is enabled and cluster connections are encrypted.
ℹ️ Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
kkl8bMy8Vj5v3rfmr7YvW
ℹ️ HTTP CA certificate SHA-256 fingerprint:
e9b9c73d2618dfca5a414a479ecb6b749eda7f5c2d1a0913880f3dbfa7537c11
ℹ️ Configure Kibana to use this cluster:
• Run Kibana and click the configuration link in the terminal when Kibana starts.
• Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
eyJ2ZXIiOiI4LjEzLjMiLCJhZHIiOlsiMTkyLjE2OC4xLjQ6OTI5MiJdLCJmZ3IiOiJlOWI5YzczZDI2MThkZmNhNWE0MTRhNDc5ZWNiNmI3NDllZGE3ZjVjMmQxYTA5MTM4ODBmM2RiZmE3NTM3YzExIiwia2V5IjoiYXFqcVRZOEJEeEgxMHMwUDR1UDM6Z1VUb2pEaEtTTktsUHJNLWxFZkt0ZyJ9
ℹ️ Configure other nodes to join this cluster:
• Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):
eyJ2ZXIiOiI4LjEzLjMiLCJhZHIiOlsiMTkyLjE2OC4xLjQ6OTI5MiJdLCJmZ3IiOiJlOWI5YzczZDI2MThkZmNhNWE0MTRhNDc5ZWNiNmI3NDllZGE3ZjVjMmQxYTA5MTM4ODBmM2RiZmE3NTM3YzExIiwia2V5IjoiYktqcVRZOEJEeEgxMHMwUDQtTUo6MEpBRjlkdWpUQjZOZGZCN25ZOHBuUSJ9
If you're running in Docker, copy the enrollment token and run:
`docker run -e "ENROLLMENT_TOKEN=<token>" docker.elastic.co/elasticsearch/elasticsearch:8.13.3`
其中 elastic的密码是:kkl8bMy8Vj5v3rfmr7YvW
配置kibana的token是:eyJ2ZXIiOiI4LjEzLjMiLCJhZHIiOlsiMTkyLjE2OC4xLjQ6OTI5MiJdLCJmZ3IiOiJlOWI5YzczZDI2MThkZmNhNWE0MTRhNDc5ZWNiNmI3NDllZGE3ZjVjMmQxYTA5MTM4ODBmM2RiZmE3NTM3YzExIiwia2V5IjoiYXFqcVRZOEJEeEgxMHMwUDR1UDM6Z1VUb2pEaEtTTktsUHJNLWxFZkt0ZyJ9
停止后重启elasticsearch
启动kibana
bin/kibana -H 192.168.1.4
控制台会输出校验码
Your verification code is: \u001b[30m\u001b[106m 183 364 \u001b[49m\u001b[39m
其中183 364
就是kibana的校验码。
浏览器打开kibana,输入上面的token,再输入校验码,最后输入elastic
账号的密码,完成登陆。
这一步操作会在kibana配置文件中生成以下配置:
elasticsearch.hosts: ['https://192.168.1.4:9292']
elasticsearch.serviceAccountToken: AAEAAWVsYXN0aWMva2liYW5hL2Vucm9sbC1wcm9jZXNzLXRva2VuLTE3MTUwMDAxODgxODE6azBBMnktNGxSV2kwRlJ5R2dyblh2Zw
elasticsearch.ssl.certificateAuthorities: [/data/server/kibana/data/ca_1715000188482.crt]
xpack.fleet.outputs: [{id: fleet-default-output, name: default, is_default: true, is_default_monitoring: true, type: elasticsearch, hosts: ['https://192.168.1.4:9292'], ca_trusted_fingerprint: e9b9c73d2618dfca5a414a479ecb6b749eda7f5c2d1a0913880f3dbfa7537c11}]
配置 i18n.locale: "zh-CN"
汉化kibana。
完成后重启 kibana。
修改elasticsearch
密码:
elasticsearch-reset-password -u elastic