配置域名解析
(1)node1节点的设置
[root@localhost ~]# hostname node1
[root@localhost ~]# bash
[root@node1 ~]# vi /etc/hosts
192.168.10.106 node1
192.168.10.107 node2
(2)node2节点的设置
[root@localhost ~]# hostname node1
[root@localhost ~]# bash
[root@node1 ~]# vi /etc/hosts
192.168.10.106 node1
192.168.10.107 node2
2:检查java环境
(1)node1的java环境
[root@node1 ~]# java -version
openjdk version "1.8.0_102"
OpenJDK Runtime Environment (build 1.8.0_102-b14)
OpenJDK 64-Bit Server VM (build 25.102-b14, mixed mode)
(2)node2的java环境
[root@node2 ~]# java -version
openjdk version "1.8.0_102"
OpenJDK Runtime Environment (build 1.8.0_102-b14)
OpenJDK 64-Bit Server VM (build 25.102-b14, mixed mode)
部署Elasticsearch软件(在两个node节点上都部署)
1:在node1节点上安装Elasticsearch软件
(1)安装Elasticsearch软件 #首先把对应的软件包复制到两台虚拟机
[root@node1 ~]# systemctl stop firewalld
[root@node1 ~]# setenforce 0
[root@node1 ~]# yum -y install elasticsearch-7.2.0-x86_64.rpm
(2)加载系统服务
[root@node1 ~]# systemctl daemon-reload
[root@node1 ~]# systemctl enable elasticsearch.service
(3)更改Elasticsearch主配置文件
[root@node1 ~]# vi /etc/elasticsearch/elasticsearch.yml
17行 cluster.name: my-application
23 行 node.name: node-1 #第二台 修改为node-2
33 行path.data: /data/elk_data
37 行path.logs: /var/log/elasticsearch
43 行bootstrap.memory_lock: false
55 行network.host: 0.0.0.0
59 行http.port: 9200
69 行discovery.zen.ping.unicast.hosts: ["node1","node2"] #添加这一行
73 行cluster.initial_master_nodes: ["node-1" ] #node2 修改为 node-2
(4)创建数据存放路径并授权
[root@node1 ~]# mkdir -p /data/elk_data
[root@node1 ~]# chown elasticsearch:elasticsearch /data/elk_data/
[root@node2 ~]# mkdir -p /data/elk_data
[root@node2 ~]# chown elasticsearch:elasticsearch /data/elk_data/
2:在node2节点上安装Elasticsearch软件步骤 相同
启动Elasticsearch并查看是否开启成功
(1)在node1上启动
[root@node1 ~]# systemctl start elasticsearch
[root@node1 ~]# netstat -anpt | grep 9200
tcp6 0 0 :::9200 :::* LISTEN 6987/java
(2)在node2上启动
[root@node2 ~]# systemctl start elasticsearch
[root@node2 ~]# netstat -anpt | grep 9200
tcp6 0 0 :::9200 :::* LISTEN 5991/java
查看节点信息
(1)查看节点1
打开浏览器
(2)查看节点2
打开浏览器
3)查看群集健康情况 node1
[root@node1 ~]# curl http://node1:9200/_cluster/health?pretty
4)查看群集的状态信息
[root@node1 ~]# curl http://node1:9200/_cluster/state?pretty #有很多
查看群集健康情况 node2
[root@node2 elasticsearch]# curl http://node2:9200/_cluster/health?pretty
查看群集的状态信息
[root@node2~]# curl http://node2:9200/_cluster/state?pretty #有很多
logstash安装配置
[root@node1 ~]# yum -y install logstash-7.2.0.rpm
systemctl start logstash.service
systemctl logstash.service
[root@node1 ~]# ln -s /usr/share/logstash/bin/logstash /usr/local/bin/
[root@node1 ]# vim /etc/logstash/conf.d/http-g.conf
input {
file{
path =>"/var/log/httpd/access_log"
type =>"httpd"
start_position =>"beginning"
}
}
output {
elasticsearch {
hosts => ["192.168.10.107:9200"]
index =>"gyh-http-%{+YYYY.MM.dd}"
}
}
[root@node1 src]# systemctl restart logstash
logstash -t -f /etc/logstash/conf.d/http-g.conf 检查配置文件
logstash -f /etc/logstash/conf.d/http-g.conf 需要等待
安装 HTTP
[root@node1 ~]# yum -y install httpd
[root@node1 ~]# systemctl start httpd;
[root@node1 ~]# systemctl enable httpd;
[root@node1 ~]# echo “it’s ok” >/var/www/html/index.html
安装kibana
[root@node1 ~]# yum -y install kibana-7.2.0-x86_64.rpm
[root@node1 ~]#systemctl enable kibana.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kibana.service to
/etc/systemd/system/kibana.service.
设置 Kibana 的主配置文件/etc/kibana/kibana.yml。
[root@node1 ]# vim /etc/kibana/kibana.yml
2行 server.port: 5601
7行 server.host: "0.0.0.0"
25行 server.name: "node2"
28行 elasticsearch.hosts: ["http://192.168.10.106:9200"]
37行 kibana.index: ".kibana"
启动 Kibana 服务
[root@node1 ]# systemctl start kibana.service
验证 Kibana。 Node1