ELK-6.4.2 单机多实例部署实战

最新推荐文章于 2024-04-24 23:07:39 发布
最新推荐文章于 2024-04-24 23:07:39 发布
阅读量2.2k 收藏 1
点赞数
分类专栏: 数据库 文章标签: ELK6.x 单机多实例安装部署 elasticsearch安装
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_16038125/article/details/82953556
版权

版本环境
Linux version 3.10.0-327.el7.x86_64 (gcc version 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC) ) #1 SMP Thu Nov 19 22:10:57 UTC 2015
java version “1.8.0_172”
ElasticSearch 6.4.2
Kibana 6.4.2
Logstash 6.4.2
(注意:安装ELK6.4.2需要jdk1.8以上的环境)

下载(这里使用tar包安装)
在这里选择ElasticSearch、Kibana、Logstash 版本 然后下载,
这里选择当前最新版本 6.4.2
https://www.elastic.co/downloads/past-releases/

安装
因服务器资源有限,采用单机多实例的方式部署,即在一台服务器上部署两个es节点(开两个进程端口)。

新建es所属用户

groupadd es 
 adduser -g es es 
 passwd es

更改安装包存放的目录的用户和用户组

chown -R es:es /opt/elk

安装ElasticSearch

 tar -zxf logstash-6.4.2.tar.gz 
 cp -r  elasticsearch-6.4.2  elasticsearch-6.4.2-01
 cp -r  elasticsearch-6.4.2  elasticsearch-6.4.2-02

配置节点1

 cd  ./elasticsearch-6.4.2-01/config
 vi   elasticsearch.yml

我的配置如下

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-application-xyz #集群名称
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1 #当前节点名称
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
#path.data: /path/to/data
#
# Path to log files:
#
#path.logs: /path/to/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0 #允许外部所有IP访问
#
# Set a custom port for HTTP:
#
http.port: 9201 #端口号
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.zen.ping.unicast.hosts: ["host1", "host2"]
#
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
#
#discovery.zen.minimum_master_nodes: 
#
# For more information, consult the zen discovery module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
gateway.recover_after_nodes: 2 #recover时需要达到的节点数
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

启动node-1

./bin/elasticsearch -d

-d表示后台启动
启动日志在这里
在这里插入图片描述

配置节点2

类似节点1,只是elasticsearch.yml需要做相应的修改

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-application-xyz
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-2
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
#path.data: /path/to/data
#
# Path to log files:
#
#path.logs: /path/to/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9202
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.zen.ping.unicast.hosts: ["host1", "host2"]
#
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
#
#discovery.zen.minimum_master_nodes: 
#
# For more information, consult the zen discovery module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
gateway.recover_after_nodes: 2
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

启动node-2

./bin/elasticsearch -d

-d表示后台启动

启动日志在这里
在这里插入图片描述

检查状态
通过浏览器访问http://ip:9201 http://ip:9202

{
  "name" : "node-1",
  "cluster_name" : "my-application-xyz",
  "cluster_uuid" : "lKZUDtRtR86VYfKfWjN9EA",
  "version" : {
    "number" : "6.4.2",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "04711c2",
    "build_date" : "2018-09-26T13:34:09.098244Z",
    "build_snapshot" : false,
    "lucene_version" : "7.4.0",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}

{
  "name" : "node-2",
  "cluster_name" : "my-application-xyz",
  "cluster_uuid" : "lKZUDtRtR86VYfKfWjN9EA",
  "version" : {
    "number" : "6.4.2",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "04711c2",
    "build_date" : "2018-09-26T13:34:09.098244Z",
    "build_snapshot" : false,
    "lucene_version" : "7.4.0",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}

或者访问 http://ip:9201/_cat/health?v
在这里插入图片描述

到这里,elasticsearch 就安装成功了

安装Kibana

tar -zxf  kibana-6.4.2-linux-x86_64.tar.gz 
cd kibana-6.4.2-linux-x86_64/config/
vi kibana.yml

我的配置如下

# Kibana is served by a back end server. This setting specifies the port to use.
#server.port: 5601 #默认端口

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0" #允许外部所有IP访问

# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""

# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# This setting was effectively always `false` before Kibana 6.3 and will
# default to `true` starting in Kibana 7.0.
#server.rewriteBasePath: false

# The maximum payload size in bytes for incoming server requests.
#server.maxPayloadBytes: 1048576

# The Kibana server's name.  This is used for display purposes.
#server.name: "your-hostname"

# The URL of the Elasticsearch instance to use for all your queries.
elasticsearch.url: "http://localhost:9201" #ES服务IP和端口

# When this setting's value is true Kibana uses the hostname specified in the server.host
# setting. When the value of this setting is false, Kibana uses the hostname of the host
# that connects to this Kibana instance.
#elasticsearch.preserveHost: true

# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"

# The default application to load.
#kibana.defaultAppId: "home"

# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "user" 
#elasticsearch.password: "pass"

# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
# These files validate that your Elasticsearch backend uses the same key files.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full

# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500

# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000

# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]

# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
#elasticsearch.customHeaders: {}

# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
#elasticsearch.shardTimeout: 30000

# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.
#elasticsearch.startupTimeout: 5000

# Logs queries sent to Elasticsearch. Requires logging.verbose set to true.
#elasticsearch.logQueries: false

# Specifies the path where Kibana creates the process ID file.
#pid.file: /var/run/kibana.pid

# Enables you specify a file where Kibana stores log output.
#logging.dest: stdout

# Set the value of this setting to true to suppress all logging output.
#logging.silent: false

# Set the value of this setting to true to suppress all logging output other than error messages.
#logging.quiet: false

# Set the value of this setting to true to log all events, including system usage information
# and all requests.
#logging.verbose: false

# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000.
#ops.interval: 5000

# The default locale. This locale can be used in certain circumstances to substitute any missing
# translations.
#i18n.defaultLocale: "en" #如需改成中文需要自己配置ch.json 到src/core_plugins/kibana/translations

启动

nohup ./bin/kibana > /dev/null 2>&1 &

在这里插入图片描述

通过浏览器访问
http://ip:5601

在这里插入图片描述

停止

#查询后台进程
ps -aux | grep node 
#手动杀掉
kill -9 499

安装Logstash


tar -zxf   logstash-6.4.2.tar.gz 
cd logstash-6.4.2/config/

新建配置
vi test.conf
我的配置如下

input {
  stdin {

  }
}

output {
  elasticsearch {
    hosts => ["http://localhost:9201","http://localhost:9202"]
    index => "test-%{+YYYY.MM.dd}"
    #user => "elastic"
    #password => "changeme"
  }

 stdout {

  codec =>rubydebug

 }

}

启动

 ./bin/logstash -f ./config/test.conf

在这里插入图片描述

根据我的配置 可以在控制台输入message内容 写入到elasticsearch中
在这里插入图片描述

在kibana中也可以看到
在这里插入图片描述

FAQ
启动报错:
max virtual memory areas vm.max_map_count [65530] likely too low, increase to at least [262144]
解决:
切换到root用户
执行命令:
sysctl -w vm.max_map_count=262144
查看结果:
sysctl -a|grep vm.max_map_count
显示:
vm.max_map_count = 262144
上述方法修改之后,如果重启虚拟机将失效,所以:
解决办法:
在 /etc/sysctl.conf文件最后添加一行
vm.max_map_count=262144
即可永久修改

启动报错:
max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
解决方法:
vim /etc/security/limits.conf
追加内容:
es hard nofile 65536
es soft nofile 65536
其中es是Elasticsearch专门的用户

如果服务器内存紧张,可以根据情况修改jvm.options配置文件中

-Xms512m
-Xmx512m

参考资料:
https://www.jianshu.com/p/80a84b5c8bba

更多内容,请参考官方文档:
elasticsearch
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/index.html

kibana
https://www.elastic.co/guide/en/kibana/current/index.html

logstash
https://www.elastic.co/guide/en/logstash/current/index.html

猿与禅
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 2
    评论
专栏目录
elasticsearch-6.4.2.tar.gz
12-19
elk基础组件,用于收集日志用的。 用法:文件上传到服务器,解压修改配置文件即可elasticsearch-6.4.2.tar.gz
搭建ELK 6.4.2
飞鱼丶灬的博客
07-27 203
搭建ElasticSearch6.4.2 [root@test home]# cat /etc/centos-release CentOS Linux release 7.5.1804 (Core) 建用户 adduser elastic -m -U -p elastic 其中 -m 表示建用户的主目录,在/home/username,-U 表示建同名的组,-p表示密码 增加 sudoers 文件的写的权限,默认为只读 chmod -v u+w /etc/sudoers 赋予elas
ELK单机环境搭建
wwwwww12432的博客
11-30 2305
linux下ELK环境搭建
ELK日志收集系统部署单机版)
最新发布
qq_42690568的博客
04-24 488
利用filebeat udp协议采集日志的 EFK部署
contos7下ELK单机版搭建-干货满满
qq_36249132的博客
01-17 1057
contos7下elk单机版傻瓜式搭建
单机ELK环境搭建
肯特技术宅的博客
03-08 2457
公司新上线了ELK分布式日志系统,本着好奇的心态自己动手搭建一套单机系统,特此记录。本文主要参考了ELK实践(一):基础入门,有些小坑做了改动。 整体架构 Step 1 准备一台干净的虚拟机 准备一台干净的虚拟机接入本地局域网,可参考本人文章Ubuntu 16虚拟机原型建,之后ELK所有的软件都在这一台服务器上安装并运行。 Step 2 安装JDK1.8环境 这个就不再赘述,网上有很多教程,后面有时间会整理一期。 Step 3 安装ELK和Filebeat 总共安装四个软件:ElasticSearch
单机部署ELK
qq_42890862的博客
01-11 2875
一、流程表: 二、配置表: 三、部署步骤: 1、在179上操作,关闭SElinux 因为是nginx代理上网,所以下面的域名是nginx的域名,还要加入到hosts里 [root@elk-01 ~]# hostnamectl set-hostname lasha-elk-01 --static (设置主机名) [root@elk-01 ~]# vim /etc/yum.repos.d/CentOS-Base.repo (配置yum源) [base] name=CentOS-releasever
docker-elk-main.rar
05-20
docker-compose 方式部署ELK方案
docker-elk-tutorial:docker-elk-tutorial + Django +日志记录
02-04
docker-elk-教程docker-elk-教程 :memo:进阶 简介码头工人麋鹿 :red_question_mark:这是什么 :red_question_mark:他可以吃吗 :confused_face:重点在ELK ,他是由三个东西所组成的。 (E) (L) (K)基本上,整个...
Elk-Stack:麋鹿堆栈部署,Ansible自动化,Filebeat,Metricbeat
04-14
自动化ELK堆栈和Beats部署 该存储库中的文件用于配置以下所示的网络。 The files/playbooks listed below have been tested and used to generate a live ELK deployment on Azure. They can be used to either ...
ELK-04型SF6气体绝缘金属封闭开关设备
11-26
摘要: 介绍了ELK-04型SF6气体绝缘金属封闭开关设备在珠海市PTA 110 kV变电站工程应用中设计、安装及调试等过程中的经验,以及实践中应该注意的一些问题。 关键词: SF6气体绝缘金属封闭开关;积木式结构;模块设计...
kibana-6.4.2-linux-x86_64
10-22
Kibana使得理解大量数据变得很容易。它简单的、基于浏览器的界面使你能够快速建和共享动态仪表板,实时显示Elasticsearch查询的变化。
centos7 elk 部署全过程
03-25
elasticsearch6.5.4+logstash6.5.4+kibana6.5.4+log4j2 在sentos7上部署的全过程,包括过程中会遇到的问题及详解
kibana-6.4.2-darwin-x86_64.tar
11-13
kibana-6.4.2版本 适用于搭建ELK使用
ELK 5.5 环境搭建
12-20
实时日志分析系统ELK5.5搭建,配置参数经过实际调优、验证。
kibana-6.4.2-x86_64
10-22
Kibana使得理解大量数据变得很容易。它简单的、基于浏览器的界面使你能够快速建和共享动态仪表板,实时显示Elasticsearch查询的变化。
Centos7 ELKB 7.2.0版本单机部署
主要分享大数据相关的知识,如Spark、Hudi
01-08 1138
前言 本人新手,本文记录简单的ELKB单机部署ELKB分别指elasticsearch、logstash、kibana、filebeat,用的当前官网最新版本7.2.0,日志用的Nginx产生的日志。 Nginx可以参考我这篇:Nginx 安装配置,我本次用的Nginx和这篇文章是一样的,包括前端。 环境:Centos7 先将常用环境配置好(CentOS 初始环境配置),jdk版本为1.8...
ELK多个日志文件多个项目索引
朦胧的旋律
10-12 5276
一、背景 我的elk架构是filebeat--redis--logstash--elasticsearch--kibana,我的想法是:我一台服务器多个程序有多个日志文件,在kibana里面想建不通项目索引,指定不同日志文件 二、问题及解决思路 因为filebeat在6.0之后配置文件只能写一个output,因此多个日志文件都会传到redis的同一个库,同时key只能写一个。 但这样会有...
漫谈ELK在大数据运维中的应用
happytofly的博客
02-05 2069
圈子里关于大数据、云计算相关文章和讨论是越来越多,愈演愈烈。行业内企业也争前恐后,群雄逐鹿。而在大数据时代的运维挑站问题也就日渐突出,任重而道远了。本文旨在针对复杂的大数据运维系统推荐一把利器,达到抛砖引玉的效果,如果文中出现任何纰漏和错误的地方,恳请指正,欢迎讨论,希望大家不吝赐教。众所周知,大数据平台组件是很复杂的。笔者之前接触的一个大数据平台解决方案,仅平台组件就达20多个,这还没有加上物联...
elk-site.xml文件用途
01-24
elk-site.xml文件是用于配置Elasticsearch、Logstash和Kibana(ELK)软件套件的配置文件。ELK套件用于实时日志分析和可视化,其中Elasticsearch用于存储和索引日志数据,Logstash用于收集、处理和转发日志数据,...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

猿与禅

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值