Elasticsearch 6.5.4 集群部署记录及监控

最新推荐文章于 2024-08-08 07:38:20 发布
最新推荐文章于 2024-08-08 07:38:20 发布
阅读量1.3k 收藏
点赞数 1
分类专栏: Elasticsearch
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/vkingnew/article/details/93850376
版权 
Elasticsearch stack 6.5.4版本:

IP地址         主机名     Elasticsearch角色   ELasticsearch 冷热   安装组件
10.19.145.159  datanode3  master,data       hot                  Elasticsearch
10.19.162.134  datanode3  master,data       hot                  Elasticsearch 
10.19.94.155   datanode3  data               hot                  Elasticsearch
10.19.102.65   namenode2  data               cold                 Elasticsearch,kibana
10.19.18.192   namenode1  data               cold                 Elasticsearch,logstash

datanode3 配置:

[root@datanode3 ~]# cat /etc/elasticsearch/elasticsearch.yml | grep -v ^#
cluster.name: es_pro_cluster
node.name: datanode3
node.master: true
node.data: true
node.attr.box_type: hot
path.data: /data5/elasticsearch/data/
path.logs: /data5/elasticsearch/log/
bootstrap.memory_lock: false
network.host: 0.0.0.0
http.port: 9200
transport.tcp.port: 9300
transport.tcp.compress: true
cluster.routing.allocation.disk.watermark.low: 85%
cluster.routing.allocation.disk.watermark.high: 90%
indices.fielddata.cache.size: 10%
indices.breaker.fielddata.limit: 30%

discovery.zen.ping.unicast.hosts: ["10.19.145.159", "10.19.162.134","10.19.94.155","10.19.18.192","10.19.102.65"]
discovery.zen.minimum_master_nodes: 2
gateway.recover_after_nodes: 4
xpack.security.enabled: false
action.auto_create_index: true

-- 附加的配置:
#xpack.security.transport.ssl.enabled: true
#action.auto_create_index: .security,.monitoring*,.watches,.triggered_watches,.watcher-history*
action.auto_create_index: true
#x-pack设置完毕后,elastic head无法登陆的问题 需要设置参数:
#http.cors.enabled: true
#http.cors.allow-origin: '*'
#http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type

datanode2 的配置:
[root@datanode2 ~]# cat /etc/elasticsearch/elasticsearch.yml | grep -v ^#
cluster.name: es_pro_cluster
node.name: datanode2
node.master: true
node.data: true
node.attr.box_type: hot
path.data: /data5/elasticsearch/data/
path.logs: /data5/elasticsearch/log/
bootstrap.memory_lock: false
network.host: 0.0.0.0
http.port: 9200
transport.tcp.port: 9300
transport.tcp.compress: true
cluster.routing.allocation.disk.watermark.low: 85%
cluster.routing.allocation.disk.watermark.high: 90%
indices.fielddata.cache.size: 10%
indices.breaker.fielddata.limit: 30%
discovery.zen.ping.unicast.hosts: ["10.19.145.159", "10.19.162.134","10.19.94.155","10.19.18.192","10.19.102.65"]
discovery.zen.minimum_master_nodes: 2
gateway.recover_after_nodes: 3
xpack.security.enabled: false
action.auto_create_index: true

datanode1的配置:
[root@datanode1 ~]# cat /etc/elasticsearch/elasticsearch.yml | grep -v ^#
cluster.name: es_pro_cluster
node.name: datanode1
node.data: true
node.attr.box_type: hot
path.data: /data5/elasticsearch/data/
path.logs: /data5/elasticsearch/log/
bootstrap.memory_lock: false
network.host: 0.0.0.0
http.port: 9200
transport.tcp.port: 9300
transport.tcp.compress: true
cluster.routing.allocation.disk.watermark.low: 85%
cluster.routing.allocation.disk.watermark.high: 90%
indices.fielddata.cache.size: 10%
indices.breaker.fielddata.limit: 30%
discovery.zen.ping.unicast.hosts: ["10.19.145.159", "10.19.162.134","10.19.94.155","10.19.18.192","10.19.102.65"]
discovery.zen.minimum_master_nodes: 2
gateway.recover_after_nodes: 3
xpack.security.enabled: false
action.auto_create_index: true

namenode2和namenode1的配置:
#  cat /etc/elasticsearch/elasticsearch.yml | grep -v ^#
cluster.name: es_pro_cluster
node.name: namenode2
node.data: true
node.attr.box_type: cold
path.data: /data5/elasticsearch/data/
path.logs: /data5/elasticsearch/log/
bootstrap.memory_lock: false
network.host: 0.0.0.0
http.port: 9200
transport.tcp.port: 9300
transport.tcp.compress: true
cluster.routing.allocation.disk.watermark.low: 85%
cluster.routing.allocation.disk.watermark.high: 90%
indices.fielddata.cache.size: 10%
indices.breaker.fielddata.limit: 30%
discovery.zen.ping.unicast.hosts: ["10.19.145.159", "10.19.162.134","10.19.94.155","10.19.18.192","10.19.102.65"]
gateway.recover_after_nodes: 3
xpack.security.enabled: false
action.auto_create_index: true


所有的JVM设置:
# cat /etc/elasticsearch/jvm.options

--logstash的配置:
# cat logstash.yml  | grep -v ^#
path.data: /data5/logstash/data

pipeline.workers: 10
pipeline.batch.size: 1000
pipeline.batch.delay: 10


http.host: "10.19.67.225"
path.logs: /data5/logstash/log

xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.url: ["http://10.19.145.159:9200", "http://10.19.162.134:9200","http://10.19.94.155:9200","http://10.19.18.192:9200","http://10.19.102.65:9200"]

xpack.monitoring.collection.interval: 5s
xpack.monitoring.collection.pipeline.details.enabled: true

--logstash 的解析内容:
# cd /etc/logstash/conf.d
# cat logstash.conf 
input {
    beats {
        port => 5044
        codec => "json"
    }
}
filter {

    ruby {
        path => "/etc/logstash/conf.d/test.rb"
    }

    json {
        source => "business"
        remove_field => ["@version","path","host","tags","header","body","business"]
    }

}
output {
    # stdout {}
    webhdfs {
        host => "master1"              # (required)
        port => 14000                      # (optional, default: 50070)
        path => "/user/hive/warehouse/yjp_trace.db/yjp_ods_trace/day=%{op_day}/logstash-%{op_hour}.log"  # (required)
        user => "hdfs"                       # (required)
        # compression => "snappy"
        # snappy_format => "stream"
        codec => line {
                     format => "%{message}"
                 }
    }
    elasticsearch {
        hosts => ["datanode1:9200","datanode2:9200","datanode3:9200"]
        index => "trace_%{op_day}"
        #template => "/data1/cloud/logstash-5.5.1/filebeat-template.json"
        #template_name => "my_index"
        #template_overwrite => true
    }

}

# cat test.rb 
# the value of `params` is the value of the hash passed to `script_params`
# in the logstash configuration
def register(params)
    # 这里通过params获取的参数是在logstash文件中通过script_params传入的
    @message = params["message"]
end

# the filter method receives an event and must return a list of events.
# Dropping an event means not including it in the return array,
# while creating new ones only requires you to add a new instance of
# LogStash::Event to the returned array
# 这里通过参数event可以获取到所有input中的属性
def filter(event)
    application_id = event.get('[header][meta][applicationId]')
    ip = event.get('[header][runtime][ip]')
    os_ver = event.get('[header][runtime][osVer]')
    device_id = event.get('[header][runtime][deviceID]')
    app_type =  event.get('[header][runtime][appType]') 
    browser_ver =  event.get('[header][runtime][browserVer]')
    browser_type =  event.get('[header][runtime][browserType]') 
    device_type =  event.get('[header][runtime][deviceType]') 
    os =  event.get('[header][runtime][os]') 
    device_brand =  event.get('[header][runtime][deviceBrand]') 
    app_ver =  event.get('[header][runtime][appVer]')
    page_id =  event.get('[body][meta][pageID]') 
    event_id =  event.get('[body][meta][eventID]') 
    business =  event.get('[body][business]')
    city_id =  event.get('[body][runtime][cityID]') 
    url_request_Seq_num =  event.get('[body][runtime][urlRequestSeqNum]')     
    session_id =  event.get('[body][runtime][sessionID]') 
    event_time =  event.get('[body][runtime][eventTime]')    
    log_type =  event.get('[body][runtime][logType]')    
    page_url =  event.get('[body][runtime][pageUrl]')  
        ref_page_id =  event.get('[body][runtime][refPageID]')    
    uuid =  event.get('[body][runtime][uuid]')       
    first_request_flag =  event.get('[body][runtime][firstRequestFlag]')   
    last_request_flag =  event.get('[body][runtime][lastRequestFlag]')   
    uid =  event.get('[body][runtime][uid]')  
    page_duration =  event.get('[body][runtime][pageDuration]')      
    request_time =  event.get('[body][runtime][requestTime]') 

    if application_id.nil?
        application_id = ""
    end
    if ip.nil?
        ip = ""
    end
    if os_ver.nil?
        os_ver = ""
    end
    if device_id.nil?
        device_id = ""
    end
    if app_type.nil?
        app_type = ""
    end
    if browser_ver.nil?
        browser_ver = ""
    end
    if browser_type.nil?
        browser_type = ""
    end
   if device_type.nil?
        device_type = ""
    end
    if os.nil?
        os = "null"
    end
    if device_brand.nil?
        device_brand = ""
    end
    if app_ver.nil?
        app_ver = ""
    end
    if page_id.nil?
        page_id = ""
    end
    if event_id.nil?
        event_id = ""
    end
    if business.nil?
        business = "{}"
    else
        business=business.to_json
    end
    if city_id.nil?
        city_id = "-1"
    end
    if url_request_Seq_num.nil?
        url_request_Seq_num = 0
    end
    if session_id.nil?
        session_id = ""
    end
    if event_time.nil?
        event_time = ""
    end
    if log_type.nil?
        log_type = ""
    end
    if page_url.nil?
        page_url = ""
    end
    if ref_page_id.nil?
        ref_page_id = ""
    end
    if uuid.nil?
        uuid = ""
    end
    if first_request_flag.nil?
        first_request_flag = false
    end
    if first_request_flag==""
        first_request_flag = false
    end

    if last_request_flag.nil?
        last_request_flag = false
    end
    if last_request_flag==""
        last_request_flag = false
    end
    if uid.nil?
        uid = uuid
    end
    if page_duration.nil?
        page_duration = 0
    end

    begin
        Integer(page_duration)
    rescue
        page_duration = 0
    end

    if request_time.nil?
        request_time = 0
    end
    begin
        Integer(request_time)
    rescue
        request_time = 0
    end
    message = application_id + "\001" + ip + "\001" + os_ver + "\001" + device_id + "\001" + app_type + "\001"  + browser_ver + "\001"  + \
        browser_type.to_s + "\001"  + device_type.to_s + "\001"  + os.to_s + "\001"  + device_brand.to_s+ "\001"  + app_ver.to_s+ "\001"  +  \
        page_id.to_s + "\001"  + event_id.to_s + "\001" +  \
        business.to_s + "\001" + city_id.to_s + "\001" + url_request_Seq_num.to_s + "\001"  + session_id.to_s+ "\001"  + event_time.to_s + "\001"  + \
        log_type.to_s + "\001"  + page_url.to_s+ "\001"  + ref_page_id.to_s + "\001"  + uuid.to_s + "\001"  + first_request_flag.to_s + "\001" +  \
        last_request_flag.to_s + "\001" + uid.to_s + "\001" + page_duration.to_s + "\001" + request_time.to_s
    event.set('message',message)
    event.set('business',business)
    
event.set('application_id',application_id)
    event.set('ip',ip)
    event.set('os_ver',os_ver)
    event.set('device_id',device_id)
    event.set('app_type',app_type)
    event.set('browser_ver',browser_ver)
    event.set('browser_type',browser_type)
    event.set('device_type',device_type)
    event.set('os',os)
    event.set('device_brand',device_brand)
    event.set('app_ver',app_ver)
    event.set('page_code',page_id)
    event.set('event_code',event_id)
    event.set('city_id',city_id)
    event.set('url_request_Seq_num',url_request_Seq_num)
    event.set('session_id',session_id)
    event.set('event_time',event_time)
    event.set('log_type',log_type)
    event.set('page_url',page_url)
    event.set('ref_page_id',ref_page_id)
    event.set('uuid',uuid)
    event.set('first_request_flag',first_request_flag)
    event.set('last_request_flag',last_request_flag)
    event.set('uid',uid)
    event.set('page_duration',Integer(page_duration))
    event.set('request_time',Integer(request_time))
    # 增加当前系统时间
    today = Time.new
    op_day = today.strftime("%Y%m%d")
    op_hour = today.strftime("%H")
    event.set("op_day",op_day)
    event.set("op_hour",op_hour)
    return [event]

-- 启动和查看logstash:
# systemctl status logstash
# systemctl start logstash


--kibana的配置:
# cat /etc/kibana/kibana.yml | grep -v ^#
server.port: 5601
server.host: "10.19.145.159"
elasticsearch.url: "http://10.19.145.159:9200"
kibana.index: ".kibana"

--filebeat+logstash的配置:
-- filebeat:
## cat /etc/filebeat/filebeat.yml
###################### Filebeat Configuration Example #########################

# This file is an example configuration file highlighting only the most common
# options. The filebeat.reference.yml file from the same directory contains all the
# supported options with more comments. You can use it as a reference.
#
# You can find the full configuration reference here:
# https://www.elastic.co/guide/en/beats/filebeat/index.html

# For more available modules and options, please see the filebeat.reference.yml sample
# configuration file.

#=========================== Filebeat inputs =============================

filebeat.inputs:

# Each - is an input. Most options can be set at the input level, so
# you can use different inputs for various configurations.
# Below are the input specific configurations.

- type: log

  # Change to true to enable this input configuration.
  enabled: true

  # Paths that should be crawled and fetched. Glob based paths.
  paths:
    - /data/trace/json/*/*.json
    #- c:\programdata\elasticsearch\logs\*

  # Exclude lines. A list of regular expressions to match. It drops the lines that are
  # matching any regular expression from the list.
  #exclude_lines: ['^DBG']

  # Include lines. A list of regular expressions to match. It exports the lines that are
  # matching any regular expression from the list.
  #include_lines: ['^ERR', '^WARN']

  # Exclude files. A list of regular expressions to match. Filebeat drops the files that
  # are matching any regular expression from the list. By default, no files are dropped.
  #exclude_files: ['.gz$']

  # Optional additional fields. These fields can be freely picked
  # to add additional information to the crawled log files for filtering
  #fields:
  #  level: debug
  #  review: 1

  ### Multiline options

  # Multiline can be used for log messages spanning multiple lines. This is common
  # for Java Stack Traces or C-Line Continuation

  # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
  #multiline.pattern: ^\[

  # Defines if the pattern set under pattern should be negated or not. Default is false.
  #multiline.negate: false

  # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
  # that was (not) matched before or after or as long as a pattern is not matched based on negate.
  # Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
  #multiline.match: after

  # 抓取单个文件的缓冲,默认16384(16k)
  harvester_buffer_size: 104857600
  # 单个event的大小默认10485760(10M)
  max_bytes: 104857600
  
  # 如果文件在指定的持续时间内没有更新,Filebeat会关闭文件句柄
  close_inactive: 3s
   
  # Filebeat会为每个harvester提供预定义的使用期限
  close_timeout: 1m
  # 一旦文件结束,Filebeat会立即关闭文件。 当您的文件只写入一次而不是不时更新时,这很有用。
  close_eof: true
  # Filebeat会在删除文件时马上关闭harvester。
  close_removed: true
  # Filebeat将在指定的非活动时间段过去后移除文件的状态。
  clean_inactive: 48h

  ignore_older: 1h

  scan_frequency: 10s

  # Filebeat在达到EOF之后再次检查文件之间等待的时间
  backoff: 5s
  # 在达到EOF之后再次检查文件之前Filebeat等待的最长时间 backoff <= max_backoff <= scan_frequency
  max_backoff: 10s


#============================= Filebeat modules ===============================

filebeat.config.modules:
  # Glob pattern for configuration loading
  path: ${path.config}/modules.d/*.yml

  # Set to true to enable config reloading
  reload.enabled: false

  # Period on which files under path should be checked for changes
  #reload.period: 10s

#==================== Elasticsearch template setting ==========================

setup.template.settings:
  index.number_of_shards: 3
  #index.codec: best_compression
  #_source.enabled: false

#================================ General =====================================

# The name of the shipper that publishes the network data. It can be used to group
# all the transactions sent by a single shipper in the web interface.
#name:

# The tags of the shipper are included in their own field with each
# transaction published.
#tags: ["service-X", "web-tier"]

# Optional fields that you can specify to add additional information to the
# output.
#fields:
#  env: staging


#============================== Dashboards =====================================
# These settings control loading the sample dashboards to the Kibana index. Loading
# the dashboards is disabled by default and can be enabled either by setting the
# options here, or by using the `-setup` CLI flag or the `setup` command.
#setup.dashboards.enabled: false

# The URL from where to download the dashboards archive. By default this URL
# has a value which is computed based on the Beat name and version. For released
# versions, this URL points to the dashboard archive on the artifacts.elastic.co
# website.
#setup.dashboards.url:

#============================== Kibana =====================================

# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
# This requires a Kibana endpoint configuration.
setup.kibana:

  # Kibana Host
  # Scheme and port can be left out and will be set to the default (http and 5601)
  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
  #host: "localhost:5601"

  # Kibana Space ID
  # ID of the Kibana Space into which the dashboards should be loaded. By default,
  # the Default Space will be used.
  #space.id:

#============================= Elastic Cloud ==================================

# These settings simplify using filebeat with the Elastic Cloud (https://cloud.elastic.co/).

# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
# `setup.kibana.host` options.
# You can find the `cloud.id` in the Elastic Cloud web UI.
#cloud.id:

# The cloud.auth setting overwrites the `output.elasticsearch.username` and
# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
#cloud.auth:

#================================ Outputs =====================================

# Configure what output to use when sending the data collected by the beat.

#-------------------------- Elasticsearch output ------------------------------
# output.elasticsearch:
  # Array of hosts to connect to.
  #hosts: ["localhost:9200"]

  # Optional protocol and basic auth credentials.
  #protocol: "https"
  #username: "elastic"
  #password: "changeme"

#----------------------------- Logstash output --------------------------------
output.logstash:
  # The Logstash hosts
  hosts: ["172.16.4.53:5044"]

  # Optional SSL. By default is off.
  # List of root certificates for HTTPS server verifications
  #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]

  # Certificate for SSL client authentication
  #ssl.certificate: "/etc/pki/client/cert.pem"

  # Client Certificate Key
  #ssl.key: "/etc/pki/client/cert.key"

#================================ Procesors =====================================

# Configure processors to enhance or manipulate events generated by the beat.

processors:
  - add_host_metadata: ~
  - add_cloud_metadata: ~

#================================ Logging =====================================

# Sets log level. The default log level is info.
# Available log levels are: error, warning, info, debug
#logging.level: debug

# At debug level, you can selectively enable logging only for some components.
# To enable all selectors use ["*"]. Examples of other selectors are "beat",
# "publish", "service".
#logging.selectors: ["*"]

#============================== Xpack Monitoring ===============================
# filebeat can export internal metrics to a central Elasticsearch monitoring
# cluster.  This requires xpack monitoring to be enabled in Elasticsearch.  The
# reporting is disabled by default.

# Set to true to enable the monitoring reporter.
#xpack.monitoring.enabled: false

# Uncomment to send the metrics to Elasticsearch. Most settings from the
# Elasticsearch output are accepted here as well. Any setting that is not set is
# automatically inherited from the Elasticsearch output configuration, so if you
# have the Elasticsearch output configured, you can simply uncomment the
# following line.
#xpack.monitoring.elasticsearch:


--logstash:
## cat /etc/logstash/conf.d/logstash.conf 
input {
    #beats {
    #    port => 5044
    #    codec => "json"
    #}

    file {
           file_completed_action => "delete"
           path => "/data/trace/json/*/*.json"
           mode => "read"
           #不处理120天以前的数据,默认为一天
           #ignore_older => "10368000"
           codec => "json"
           # 一次抽取一个文件最多10块
           file_chunk_count => "10"
           # 块大小1M
           file_chunk_size => "1048576"

           sincedb_clean_after => "2"

           #max_open_files => "200"

    }
}
filter {

    ruby {
        path => "/etc/logstash/conf.d/test.rb"
    }

    json {
        source => "business"
        remove_field => ["@version","path","host","tags","header","body","business"]
    }

}
output {
    # stdout {}
    webhdfs {
       host => "10.19.94.240"              # (required)
       port => 14000                      # (optional, default: 50070)
       path => "/user/hive/warehouse/yjp_trace.db/yjp_ods_trace/day=%{op_day}/logstash-%{op_hour}.log"  # (required)
       user => "hdfs"                       # (required)
       # compression => "snappy"
       # snappy_format => "stream"
       codec => line {
                    format => "%{message}"
                }
    }
    elasticsearch {
        hosts => ["172.16.4.51:9200","172.16.4.52:9200","172.16.4.53:9200"]
        index => "trace_%{op_day}"
        #template => "/data1/cloud/logstash-5.5.1/filebeat-template.json"
        #template_name => "my_index"
        #template_overwrite => true
    }

}




--集群查看:
http://10.19.102.65:9200/_cat/nodes
10.19.102.65  49 83 12 6.18 6.41 6.57 mdi - namenode2
10.19.162.134 53 81 16 6.42 6.54 6.66 mdi - datanode2
10.19.145.159 52 99 22 5.92 5.98 6.15 mdi * datanode3
10.19.94.155  64 75 22 7.04 7.23 7.53 mdi - datanode1
10.19.18.192  46 81 20 6.38 6.37 6.48 mdi - namenode1

监控信息查看:

数据查看:

另外一个集群的监控:

索引:

Logstash的监控:

 

 

 

部分报错原因分析:
#
# systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2019-12-12 11:45:02 CST; 6s ago
     Docs: http://www.elastic.co
  Process: 6666 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet (code=exited, status=1/FAILURE)
 Main PID: 6666 (code=exited, status=1/FAILURE)

Dec 12 11:45:02 hadoop103 systemd[1]: Started Elasticsearch.
Dec 12 11:45:02 hadoop103 elasticsearch[6666]: which: no java in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin)
Dec 12 11:45:02 hadoop103 elasticsearch[6666]: warning: Falling back to java on path. This behavior is deprecated. Specify JAVA_HOME
Dec 12 11:45:02 hadoop103 elasticsearch[6666]: could not find java; set JAVA_HOME
Dec 12 11:45:02 hadoop103 systemd[1]: elasticsearch.service: main process exited, code=exited, status=1/FAILURE
Dec 12 11:45:02 hadoop103 systemd[1]: Unit elasticsearch.service entered failed state.
Dec 12 11:45:02 hadoop103 systemd[1]: elasticsearch.service failed.

解释:由于java可能是自定义安装,路径不是默认的/usr/local/bin/java

在启动文件中找不到java的二进制文件,需要做一个软连接即可:
# ln -s /opt/module/jdk1.8.0_221/bin/java /usr/local/bin/java 

然后重新启动即可:
# systemctl restart elasticsearch
# systemctl status elasticsearch

 

vkingnew
关注
专栏目录
Elasticsearch-6.5.4集群安装部署
weixin_38846022的博客
10-09 1110
ES集群安装部署 硬件选择 环境选择 集群名称:phone_his_log ElasticSearch安装需要JDK,本文的ElasticSearch版本为6.5.4,JDK为1.8. 服务器ip 节点属性 分配JVM内存 节点名称 节点端口 192.169.0.23 Data1节点 8GB data1 9200/9300 Master1节点 2GB master1 92...
elasticsearch-6.5.4集群搭建
07-12 578
安装elasticsearch-6.5.4 elasticsearch-6.5.4集群搭建 centos7
ElasticSearch6.5.4集群搭建
Coding Farmer的博客
01-29 2333
ES集群中索引可能由多个分片构成,并且每个分片可以拥有多个副本。通过将一个单独的索引分为多个分片,我们可以处理不能在一个单一的服务器上面运行的大型索引,简单的说就是索引的大小过大,导致效率问题。不能运行的原因可能是内存也可能是存储。由于每个分片可以有多个副本,通过将副本分配到多个服务器,可以提高查询的负载能力。默认情况下是一个索引5个主分片,每个主分片对应一个副分片。如果是单节点ES,可以用GET...
ElasticHD: Elasticsearch 的可视化管理工具指南
最新发布
gitblog_00364的博客
08-08 1123
ElasticHD: Elasticsearch 的可视化管理工具指南 ElasticHD项目地址:https://gitcode.com/gh_mirrors/ela/ElasticHD 项目介绍 一、什么是ElasticHD? ElasticHD是一款用于Elasticsearch的可视化管理工具,无需额外软件支持,仅需Web浏览器即可实现集群管理和监控。它基于响应式CSS设计,适用于各种设...
Linux系统 Elasticsearch、Logstash、Kibana集群部署文档 版本6.5.4
09-11 170
Elasticsearch、Logstash、Kibana集群部署文档版本6.5.4 一、Elasticsearch部署文档 由于Elasticsearch、Logstash、Kibana均不能以root账号运行但是Linux对非root账号可并发操作的文件、线程都有限制。 1.修改文件限制修改系统文件 # vim /etc/security/limits.conf * so...
elasticsearch应用(6.5.4版本三节点集群)
HC1986的博客
08-26 389
elasticsearch应用-6.5.4版本双节点集群elasticsearch应用(6.5.4版本双节点集群)搭建 es-6.5.4安装es-6.5.4配置1.*修改系统配置*2 *第一个节点的es配置*2.2 *第二个节点的es配置*3 *JVM配置*4 *修改ES目录权限*5 *启动服务*6 *结束进程*7*验证一下服务是否正常*测试*常用命令*安装 X-Pack插件 elasticsearch应用(6.5.4版本双节点集群) 服务器环境: os1:centos 7.8 192.168.100.10
elasticsearch6.5.4
01-08
1. **安装部署**:下载elasticsearch-6.5.4压缩包,解压后配置相关参数,如网络绑定、内存分配等,启动服务即可。 2. **索引创建**:使用PUT请求创建索引,定义映射(mapping)以指定字段类型。 3. **数据导入**:...
Elasticsearch 6.5.4全套(windows版)
12-04
部署 Elasticsearch 6.5.4 时,用户需要确保系统满足最低硬件和软件要求,如 Java 运行环境 (JRE)。安装过程中,应正确配置 Elasticsearch 的配置文件 `elasticsearch.yml`,包括设置内存、网络、路径等参数。同时...
ES(一) -- ES 6.5.4部署
知识点滴
09-23 1081
一:摘要概述 是什么:ElasticSearch为目前比较流行的全文搜索引擎,底层技术封装Apache Lucene实现 扩展点:相对于Apache Luence而言ES还实现分布式文件存储、实时数据分析、通过服务器扩展可以达到PB级别结构化/非结构化数据处理 进步性:Apache Luence操作及其复杂,不信自己去试试。但是ES封装以后对外提供RESTFull Web接口,入门堪称精简 H...
elasticsearch-6.5.4,filebeat-6.5.4,kibana-6.5.4,logstash-6.5.4
07-28
标题和描述中提到的"elasticsearch-6.5.4", "filebeat-6.5.4", "kibana-6.5.4", "logstash-6.5.4"是 Elastic Stack(以前称为 ELK Stack)的四个关键组件的特定版本。Elastic Stack 是一个用于日志管理和分析的强大...
linux的es6.5.4.rar
07-08
这个"linux的es6.5.4.rar"压缩包很可能是包含了在Linux系统上运行的Elasticsearch 6.5.4版本的安装文件和相关配置。 Elasticsearch 6.5.4是一个重要的里程碑,因为它带来了许多新特性和改进。在这个版本中,Elastic...
elasticsearch-6.7.0
03-29
ElasticSearch(ES)2019最新版下载。Elasticsearch是个开源分布式搜索引擎,提供搜集、分析、存储数据三大功能。它的特点有:分布式,零配置,自动发现,索引自动分片,索引副本机制,restful风格接口,多数据源,自动搜索负载等。Elasticsearch是一个高度可扩展的开源全文搜索和分析引擎。它允许您快速,近实时地存储,搜索和分析大量数据。它通常用作支持具有复杂搜索功能和需求的应用程序的底层引擎/技术。
ELK-6.5部署
小树苗
04-26 483
ELK(Elastic Search+logStash+Kibana) elastic search: 搜集、分析、存储 logstach: inputs → filters → outputs;接收,处理,转发 kibana:web展示 #上图是经典的日志收集流程,只不过我们这次要在filebeat与Logstash之间加上一个消息队列redis,Logstash服务端只需要从...
ELK6.5.4+filebeat+kafka实时日志分析平台部署搭建详细实现过程
weixin_33725515的博客
01-18 413
ELK6.5.4+filebeat+kafka实时日志分析平台部署搭建详细实现过程 1、ELK平台介绍 在搜索ELK资料的时候,发现这篇文章比较好,于是摘抄一小段: 日志主要包括系统日志、应用程序日志和安全日志。系统运维和开发人员可以通过日志了解服务器软硬件信息、检查配置过程中的错误及错误发生的原因。经常分析日志可以了解服务器的负荷,性能安全性,从而及时采取措施纠正错误。 通常,日志被分散的储存不...
elasticsearch-6.5.4集群部署(图文详细)及常见错误
夜灬狼丶
01-18 1509
目录 服务器规划 部署包下载 服务器初始化(所有节点都要操作) 内核参数修改 /etc/security/limits.conf修改 /etc/sysctl.conf文件修改 禁用selinux 关闭防火墙 创建es用户 安装jdk es部署 单节点(节点1)部署 部署包上传解压 配置文件修改 修改文件属组 部署包分发 单节点(节点2)部署 配置文件修改 修改文件属组 单节点(节点3)部署 配置文件修改 修改文件属组 启动ES集群 验证 单节点验证 查看集
Elasticsearch性能监控(一)
HULK一线技术杂谈
01-23 1853
女主宣言在Elasticsearch的运维过程中,我们经常会遇到节点不可用、OOM和垃圾回收时间过长等问题,如果每次都等出问题了才发现,极端情况下会影响业务访问。在日常运维中,我们需要提前预测这些问题,及时处理,防止影响业务。那么问题来了!我们要怎么监测呢?快跟随小编一起来看看吧!本文是Emily Chang的分享《How to monitor Elasticsearch performance》
ElasticSearch日志系统 对ELK进行安全性配置
Beyond1536的博客
09-02 1400
目标:对ElasticSearch进行安全性配置。是的输入端(Logstash)和输出端(Kibana)都需要用户身份验证。Filebeat链接Logstash使用ssl验证。 启用ElasticSearch安全功能 使用基本许可证时,默认情况下禁用 Elasticsearch 安全功能。启用 Elasticsearch 安全功能可启用基本身份验证,以便可以使用用户名和密码身份验证运行本地集群。 1. 如果 Kibana 和 Elasticsearch 正在运行,需要停止后再进行操作。 2. 将
ElasticSearch6.5.4五集群操作
qq_25012687的博客
09-17 344
ElasticSearch6.5.4<一>单机部署以及简单尝试 ElasticSearch6.5.4<二>几个重要概念以及常用搜索 ElasticSearch6.5.4<三>中文以及拼音的操作 ElasticSearch6.5.4<四>java使用ES并实战搜索 ElasticSearch6.5.4<五>集群操作 Elasti...
Elasticsearch 6.5.4集群部署指南
此外,还可以通过Kibana(通常与Elasticsearch一起部署)来监控集群的状态和性能。 这个集群不仅可以提供高可用性,还能在数据量增长时通过添加更多节点进行扩展。记得定期备份和更新你的集群,以保持数据安全和...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值