elk7.6集群安装并设置密码

于 2021-03-23 16:51:05 发布
阅读量331 收藏
点赞数
分类专栏: elk linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_38082819/article/details/115130019
版权
linux 同时被 2 个专栏收录
7 篇文章 0 订阅
订阅专栏
elk
1 篇文章 0 订阅
订阅专栏 
下载链接https://elasticsearch.cn/download/
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.9.2-x86_64.rpm
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.9.2-x86_64.rpm
wget https://artifacts.elastic.co/downloads/logstash/logstash-7.9.2.rpm
使用jdk11
rpm -ivh jdk-11.0.9_linux-x64_bin.rpm
rpm -ivh elasticsearch-7.9.2-x86_64.rpm
rpm -ivh kibana-7.9.2-x86_64.rpm
rpm -ivh logstash-7.9.2.rpm

elk7.6集群 ip 角色
 172.21.210.48 kibana/logstash/RabbitMQ
 172.21.210.49 es主节点/es数据节点
 172.21.210.50 es主节点/es数据节点
 172.21.210.51 es主节点/es数据节点

全部配置系统环境:
# vi /etc/security/limits.conf
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096

# vim /etc/sysctl.conf
vm.max_map_count=655360

# sysctl -p

1、elasticsearch安装

yum -y install elasticsearch-7.9.2-x86_64.rpm
mkdir /data1/es-data
chown -R elasticsearch:elasticsearch  /data1/es-data
hostnamectl set-hostname node-1
cat /etc/hosts
172.21.210.49 node-1
172.21.210.50 node-2
172.21.210.51 node-3

#配置jvm内存
cat /etc/elasticsearch/jvm.options
-Xms10g
-Xmx10g

配置elasticsearch参数
[root@node-1 ~]# cat /etc/elasticsearch/elasticsearch.yml|grep -v '#'
cluster.name: my-elk
node.name: node-1
node.master: true
node.data: true
path.data: /data1/es-data
path.logs: /var/log/elasticsearch
bootstrap.memory_lock: true
network.host: 172.21.210.49
http.port: 9200
discovery.seed_hosts: ["172.21.210.49", "172.21.210.50", "172.21.210.51"]
discovery.zen.minimum_master_nodes: 2
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"]

启动并验证服务
systemctl enable elasticsearch.service && \
systemctl start elasticsearch.service && \
systemctl status elasticsearch.service 

查看集群
[root@node-2 ~]# curl http://172.21.210.49:9200/_cat/nodes
172.21.210.51 1 70 1 0.02 0.14 0.18 dilmrt * node-3
172.21.210.49 1 90 1 0.01 0.14 0.12 dilmrt - node-1
172.21.210.50 3 70 1 0.07 0.19 0.13 dilmrt - node-2

#开启权限(密码认证)

#切换到elastsearch的目录下,使用下列命令生成证书
mkdir /etc/elasticsearch/certs
chown -R elasticsearch:elasticsearch /etc/elasticsearch/certs
cd /etc/elasticsearch/certs
/usr/share/elasticsearch/bin/elasticsearch-certutil cert -out  /etc/elasticsearch/certs/elastic-certificates.p12 -pass ""

#将证书拷贝到elasticsearch的每个节点下面certs目录下
mkdir /etc/elasticsearch/certs
chown -R elasticsearch:elasticsearch /etc/elasticsearch/certs
scp /etc/elasticsearch/certs/elastic-certificates.p12 root@172.21.210.50:/etc/elasticsearch/certs/
scp /etc/elasticsearch/certs/elastic-certificates.p12 root@172.21.210.51:/etc/elasticsearch/certs/

#vi /etc/elasticsearch/elasticsearch.yml  ,在尾部添加下面的配置代码:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/elastic-certificates.p12
 
#重启elasticsearch
systemctl restart elasticsearch

#访问提示用户密码
在这里插入图片描述

#生成用户密码(123456)
#/usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
#/usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto
两者的区别是,前者是自己来指定每个用户的密码,而后者auto是自动生成随机的密码。
[root@node-1 certs]# /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]: 
Reenter password for [elastic]: 
Enter password for [apm_system]: 
Reenter password for [apm_system]: 
Enter password for [kibana_system]: 
Reenter password for [kibana_system]: 
Enter password for [logstash_system]: 
Reenter password for [logstash_system]: 
Enter password for [beats_system]: 
Reenter password for [beats_system]: 
Enter password for [remote_monitoring_user]: 
Reenter password for [remote_monitoring_user]: 
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
#账号说明
elastic 账号:拥有 superuser 角色,是内置的超级用户。
kibana 账号:拥有 kibana_system 角色,用户 kibana 用来连接 elasticsearch 并与之通信。Kibana 服务器以该用户身份提交请求以访问集群监视 API 和 .kibana 索引。不能访问 index。
logstash_system 账号:拥有 logstash_system 角色。用户 Logstash 在 Elasticsearch 中存储监控信息时使用。
beats_system账号:拥有 beats_system 角色。用户 Beats 在 Elasticsearch 中存储监控信息时使用。
    elastic是超级用户,它可以做任何事情

2、kibana安装

yum -y install kibana-7.9.2-x86_64.rpm
#修改参数
[root@host-172-21-210-48 kibana]# cat /etc/kibana/kibana.yml |grep -v '#'|grep -v '^$'
server.port: 5601
server.host: "172.21.210.48"
server.name: "host-es-48"
elasticsearch.hosts: ["http://172.21.210.49:9200"]
kibana.index: ".kibana"
i18n.locale: "zh-CN"
启动并验证服务
systemctl enable kibana.service && \
systemctl start kibana.service && \
systemctl status kibana.service 

#修改配置
cat /etc/kibana/kibana.yml
elasticsearch.username: "elastic"
elasticsearch.password: "123456"
#重启服务
systemctl restart kibana.service
查看登陆,使用上面的用户密码:elastic/123456
curl http://172.21.210.48:5601/app/home

#如果使用nginx代理配置内网直接ip就访问不到,具体配置
#修改配置 cat /etc/kibana/kibana.yml
server.basePath: "/kibana"
#nginx配置
        location /kibana {
          rewrite /kibana/(.*) /$1 break;
          proxy_pass http://172.21.210.48:5601/;
        }
#访问地址:https://域名/kibana  用户密码: elastic/123456

3、logstash安装

yum -y install logstash-7.9.2.rpm 
#修改参数
cat /etc/logstash/jvm.options
-Xms3g
-Xmx3g

4、RabbitMQ安装

yum -y install rabbitmq-server
#启动rabbitmq
systemctl enable rabbitmq-server && \
systemctl start rabbitmq-server && \
systemctl status rabbitmq-server 
#使用web管理(默认用户 guest/guest)
[root@host-es-48 rabbitmq]# rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
  mochiweb
  webmachine
  rabbitmq_web_dispatch
  amqp_client
  rabbitmq_management_agent
  rabbitmq_management
Plugin configuration has changed. Restart RabbitMQ for changes to take effect.
#添加用户
[root@host-es-48 rabbitmq]# rabbitmqctl add_user admin 123456
Creating user "admin" ...
...done.
#设置用户组并赋予权限
[root@host-es-48 rabbitmq]# rabbitmqctl set_user_tags admin administrator
Setting tags for user "admin" to [administraor] ...
...done.
[root@host-es-48 rabbitmq]# rabbitmqctl set_permissions -p / admin ".*" ".*" ".*"
Setting permissions for user "admin" in vhost "/" ...
...done.
#验证
curl http://172.21.210.48:15672
用户:admin
密码:123456
m0_38082819
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值