NO.1.Elasticsearch-7.6.2搭建
官网下载缓慢,这里百度云盘
- 创建安装目录
mkdir -p /usr/local/es/
- 解压至安装目录
tar -zxvf elasticsearch-7.6.2-linux-x86_64.tar.gz -C /usr/local/es/
- 修改配置(自己玩虚拟机可以改内存,不然启动不起来)
vim /usr/local/es/elasticsearch-7.6.2/config/elasticsearch.yml
- 修改/usr/local/es/elasticsearch-7.6.2/config/elasticsearch.yml
vim /usr/local/es/elasticsearch-7.6.2/config/jvm.options
1.修改数据和日志存放地址 2.修改绑定ip,允许远程访问 3.保留一个节点(多节点逗号隔开)
三. 修改linux内核参数
-
修改/etc/security/limits.conf 增加下面内容
* soft nproc 65535 * hard nproc 65535 * soft nofile 65535 * hard nofile 131072
-
修改/etc/sysctl.conf 增加下面内容
vm.max_map_count=655360 #配置生效 sysctl -p
四. 创建账户esuser,因为es默认不允许以root账户运行
#创建用户组
groupadd esgroup
#创建用户
useradd -g esgroup esuser
#设置权限
chown -R esuser:esgroup /usr/local/es/
#设置密码
passwd asdasd123
五. 启动
#切换用户
su esuser
#切换目录
cd /usr/local/es/elasticsearch-7.6.2/bin
#后台启动es
./elasticsearch -d
#查找es进程
ps -ef | grep elastic
NO.2.Kibana-7.6.2搭建
百度云盘
官网下载地址
(1)创建安装目录
mkdir /usr/local/kibana/
(2)解压至安装目录
tar -zxvf kibana-7.6.2-linux-x86_64.tar.gz -C /usr/local/kibana/
(3) 编辑kibana.yml
vim /usr/local/kibana/kibana-7.6.2-linux-x86_64/config/kibana.yml
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://127.0.0.1:9200"]
# Kibana在es中的索引
kibana.index: ".kibana"
# es中kibana的用户名
elasticsearch.username: "kibana"
# es中kibana的密码
elasticsearch.password: "es123456"
# 设置中文显示
i18n.locale: "zh-CN"
(4)切换到bin目录
cd /usr/local/kibana/kibana-7.6.2-linux-x86_64/bin
(5)后台启动
nohup ./kibana --allow-root >/dev/null 2>&1 &
# 新手建议可查看输出日志
nohup ./kibana --allow-root &
NO.3.Logstash-7.6.2搭建
Logstash是基于ruby开发的
mkdir /usr/local/ruby/
tar -zxvf ruby-2.7.1.tar.gz -C /usr/local/ruby/
cd /usr/local/ruby/ruby-2.7.1
./configure
make
make install
(1)创建安装目录
mkdir /usr/local/logstash/
(2)解压至安装目录
tar -zxvf logstash-7.6.2.tar.gz -C /usr/local/logstash/
(3)切换到bin目录
cd /usr/local/logstash/logstash-7.6.2/bin
(4)查看版本号
./logstash --version
(5)配置日志输出
# dao logstash bin目录
cd /usr/local/logstash/logstash-7.6.2/bin
# 生成一个logback.conf
touch logback.conf
vim logback.conf
input {
tcp {
add_field => {"service" => "base"}
mode => "server"
host => "0.0.0.0"
port => 4560
codec => json_lines
}
tcp {
add_field => {"service" => "gateway"}
mode => "server"
host => "0.0.0.0"
port => 4561
codec => json_lines
}
}
output {
if [service] == "base"{
elasticsearch {
hosts => "172.18.2.34:9200"
index => "base-logstash-%{+YYYY.MM.dd}"
}
}
if [service] == "gateway"{
elasticsearch {
hosts => "172.18.2.34:9200"
index => "gateway-logstash-%{+YYYY.MM.dd}"
}
}
}
(6)启动
nohup ./logstash -f logback.conf &
NO.4. 端口号查看
# es
netstat -tunlp|grep 9200
# logstash
netstat -tunlp|grep 4560
#kibana
netstat -tunlp|grep 5601
NO.5.springcloud 日志输出到logstash
(1)项目日志配置文件添加
logback-spring.xml
<!--输出到logstash的appender-->
<appender name="LOGSTASH" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
<!--可以访问的logstash日志收集端口-->
<destination>172.18.2.34:4560</destination>
<encoder charset="UTF-8" class="net.logstash.logback.encoder.LogstashEncoder"/>
</appender>
<root level="INFO">
<appender-ref ref="LOGSTASH"/>
</root>
(2)pom添加相应依赖
<!--集成logstash-->
<dependency>
<groupId>net.logstash.logback</groupId>
<artifactId>logstash-logback-encoder</artifactId>
<version>5.3</version>
</dependency>