centos 7.5 ELK 集群部署(elasticsearch 7.4.2)

1 ELK

1.1 elasticsearch 7.4.2

1.1.1 elasticsearch 7.4.2 安装

#下载
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.4.2-linux-x86_64.tar.gz

#解压
tar -zxvf elasticsearch-7.4.2-linux-x86_64.tar.gz

# 移动解压文件 根据自己喜好自由选择
# 根据自己喜好目录
mv elasticsearch-7.4.2 /opt/elasticsearch-7.4.2
# es官方默认目录 推荐使用
mv elasticsearch-7.4.2 /usr/share/elasticsearch
# 常见opt 目录
mv elasticsearch-7.4.2 /opt/elasticsearch

#添加 work用户    
useradd work
# 为work添加密码123.abc
passwd work
123.abc

# 删除用户 work
userdel -rf work

# 密码长度
authconfig --passminlen=6 --update

#  添加权限 /opt下所有目录及文件
chown -R work:work /opt
chown -R work:work /opt/elasticsearch-7.4.2/
chown -R work:work /usr/share/elasticsearch/
chown -R work:work /opt/elasticsearch/

#编辑 sysctl.conf 文件
vi /etc/sysctl.conf 

##########添加配置############ 就一行
vm.max_map_count=655360
##########添加配置############

# 执行生效命令:
sysctl -p

# 编辑 limits.conf
vi  /etc/security/limits.conf

#########添加配置#############
work soft nofile 65536
work soft nproc 4096
work hard nofile 131072
work hard nproc 4096
soft nofile 65536
soft nproc 4096
hard nofile 131072
hard nproc 4096
#########添加配置#############

#切换 root用户
su root 
#切换 work用户
su work

#启动服务 根据安装的目录自由选择
sh /opt/elasticsearch-7.4.2/bin/elasticsearch
sh /usr/share/elasticsearch/bin/elasticsearch
sh /opt/elasticsearch/bin/elasticsearch

1.1.2 开机自动启动

1.1.2.1 elasticsearch 文件配置
vi /etc/sysconfig/elasticsearch

官方路径使用配置

注意:此版本自带java环境无需配置java_home

################################
# Elasticsearch
################################

# Elasticsearch home directory
#ES_HOME=/usr/share/elasticsearch

# Elasticsearch Java path
#JAVA_HOME=

# Elasticsearch configuration directory
#ES_PATH_CONF=${path.conf}

# Elasticsearch PID directory
#PID_DIR=/var/run/elasticsearch

# Additional Java OPTS
#ES_JAVA_OPTS=

# Configure restart on package upgrade (true, every other setting will lead to not restarting)
#RESTART_ON_UPGRADE=true

################################
# Elasticsearch service
################################

# SysV init.d
#
# The number of seconds to wait before checking if Elasticsearch started successfully as a daemon process
ES_STARTUP_SLEEP_TIME=5

################################
# System properties
################################

# Specifies the maximum file descriptor number that can be opened by this process
# When using Systemd, this setting is ignored and the LimitNOFILE defined in
# /usr/lib/systemd/system/elasticsearch.service takes precedence
#MAX_OPEN_FILES=65535

# The maximum number of bytes of memory that may be locked into RAM
# Set to "unlimited" if you use the 'bootstrap.memory_lock: true' option
# in elasticsearch.yml.
# When using systemd, LimitMEMLOCK must be set in a unit file such as
# /etc/systemd/system/elasticsearch.service.d/override.conf.
#MAX_LOCKED_MEMORY=unlimited

# Maximum number of VMA (Virtual Memory Areas) a process can own
# When using Systemd, this setting is ignored and the 'vm.max_map_count'
# property is set at boot time in /usr/lib/sysctl.d/elasticsearch.conf
#MAX_MAP_COUNT=262144

参考elasticsearch配置文件
https://github.com/elastic/elasticsearch/blob/master/distribution/packages/src/common/env/elasticsearch

1.1.2.2 elasticsearch.service 文件配置
vi /usr/lib/systemd/system/elasticsearch.service

官方路径使用配置

[Unit]
Description=Elasticsearch
Documentation=http://www.elastic.co
Wants=network-online.target
After=network-online.target

[Service]
Restart=always
Type=notify
RuntimeDirectory=elasticsearch
PrivateTmp=true
Environment=ES_HOME=/usr/share/elasticsearch
Environment=ES_PATH_CONF=/usr/share/elasticsearch/config
Environment=PID_DIR=/var/run/elasticsearch
Environment=ES_SD_NOTIFY=true
EnvironmentFile=/etc/sysconfig/elasticsearch

WorkingDirectory=/usr/share/elasticsearch

User=work
Group=work

ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet

# StandardOutput is configured to redirect to journalctl since
# some error messages may be logged in standard output before
# elasticsearch logging system is initialized. Elasticsearch
# stores its logs in /var/log/elasticsearch and does not use
# journalctl by default. If you also want to enable journalctl
# logging, you can simply remove the "quiet" option from ExecStart.
StandardOutput=journal
StandardError=inherit

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65535

# Specifies the maximum number of processes
LimitNPROC=4096

# Specifies the maximum size of virtual memory
LimitAS=infinity

# Specifies the maximum file size
LimitFSIZE=infinity

# Disable timeout logic and wait until process is stopped
TimeoutStopSec=0

# SIGTERM signal is used to stop the Java process
KillSignal=SIGTERM

# Send the signal only to the JVM rather than its control group
KillMode=process

# Java process is never killed
SendSIGKILL=no

# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143

[Install]
WantedBy=multi-user.target

# Built for ${project.name}-${project.version} (${project.name})

注意:User=work
Group=work es启动不能用root账户

参考 elasticsearch.service 文件配置
https://github.com/elastic/elasticsearch/blob/master/distribution/packages/src/common/systemd/elasticsearch.service

1.1.3 elasticsearch 集群配置

编辑 elasticsearch.yml 配置文件

1.1.3.1 节点1配置
cluster.name: cluster-es
node.name: node-1
network.host: 0.0.0.0
network.publish_host: 192.168.100.100
#是否有资格选举成master
#node.master: true
#node.data: true
discovery.seed_hosts: ["192.168.100.100:9300","192.168.100.101:9300","192.168.100.102:9300"]
#cluster.initial_master_nodes: ["node-1","node-2","node-3"]
cluster.initial_master_nodes: ["node-1","node-2","node-3"]
#discovery.zen.minimum_master_nodes: 2
#cluster.remote.connect: true
http.cors.enabled: true
http.cors.allow-origin: "*"
1.1.3.2 节点2配置
cluster.name: cluster-es
node.name: node-2
network.host: 0.0.0.0
network.publish_host: 192.168.100.101
#是否有资格选举成master
#node.master: true
#node.data: true
#transport.tcp.port: 9300
discovery.seed_hosts: ["192.168.100.100:9300","192.168.100.101:9300","192.168.100.102:9300"]
cluster.initial_master_nodes: ["node-1","node-2","node-3"]
discovery.zen.minimum_master_nodes: 2
#cluster.remote.connect: true
http.cors.enabled: true
http.cors.allow-origin: "*"
1.1.3.3 节点3配置
cluster.name: cluster-es
node.name: node-3
network.host: 0.0.0.0
network.publish_host: 192.168.100.102
#是否有资格选举成master
#node.master: true
#node.data: true
discovery.seed_hosts: ["192.168.100.100:9300","192.168.100.101:9300","192.168.100.102:9300"]
#cluster.initial_master_nodes: ["node-1","node-2","node-3"]
cluster.initial_master_nodes: ["node-1","node-2","node-3"]
discovery.zen.minimum_master_nodes: 2
#cluster.remote.connect: true
http.cors.enabled: true
http.cors.allow-origin: "*"

2 Kibana 待续

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值