主机名 | 软件包 |
node-1 192.168.100.11 | elasticsearch-2.3.3.tar.gz jdk-8u181-linux-x64.tar.gz kibana-4.5.1-linux-x64.tar.gz logstash-2.3.3.tar.gz
|
node-2 192.168.100.12 | elasticsearch-2.3.3.tar.gz jdk-8u181-linux-x64.tar.gz |
syslog-client 192.168.100.13 | logstash-2.3.3.tar.gz jdk-8u181-linux-x64.tar.gz |
设置主机名和hosts文件
[root@localhost ~]# vim /etc/hosts ##三台机器同步设置
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.11 node-1
192.168.100.12 node-2
192.168.100.13 syslog-client
[root@localhost ~]# hostnamectl set-hostname node-1
[root@localhost ~]# hostnamectl set-hostname node-2
[root@localhost ~]# hostnamectl set-hostname syslog-client
设置Java环境三台一样步骤
[root@localhost ~]# vim /etc/profile
export JAVA_HOME=/usr/local/java
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=$JAVA_HOME/jre/lib/ext:$JAVA_HOME/lib/tools.jar
[root@localhost ~]# source /etc/profile
[root@node-1 ~]# tar zxvf jdk-8u181-linux-x64.tar.gz
[root@localhost ~]# mv jdk1.8.0_181/ /usr/local/java
安装elasticsearch(node-1和node-2一样步骤,node-2就不写了)
[root@node-1 ~]# tar zxvf elasticsearch-2.3.3.tar.gz -C /usr/local/
[root@node-1 ~]# useradd user1
[root@node-1 ~]# passwd user1
更改用户 user1 的密码 。
新的 密码:
无效的密码: 密码少于 8 个字符
重新输入新的 密码:
passwd:所有的身份验证令牌已经成功更新。
[root@node-1 elasticsearch-2.3.3]# chown -R user1:user1 /usr/local/elasticsearch-2.3.3
[root@node-1 ~]# vim /usr/local/elasticsearch-2.3.3/config/elasticsearch.yml
cluster.name: my-application #取消注释
node.name: node-1 #取消注释node-2的修改为node-2
path.data: /usr/local/elasticsearch-2.3.3/data #取消注释修改路径
path.logs: /usr/local/elasticsearch-2.3.3/logs #取消注释修改路径
bootstrap.mlockall: true #取消注释
network.host: 192.168.100.11 #取消注释修改为本机ip
http.port: 9200
discovery.zen.ping.unicast.hosts: ["192.168.100.11", "192.168.100.12"] #取消注释改为node1和2的IP
discovery.zen.minimum_master_nodes: 1 #取消注释 改为1
[root@node-1 elasticsearch-2.3.3]# su - user1
[user1@node-1 ~]$ /usr/local/elasticsearch-2.3.3/bin/elasticsearch
node-2配置步骤相同 注意把IP改为本机的就OK
打开浏览器访问本机IP的9200端口查看elasticsearch
查看集群的健康情况
http://192.168.100.11:9200/_cluster/health?pretty
查看群集的状态信息
http://192.168.100.11:9200/_cluster/state?pretty
安装elasticsearch-kopf插件查询elasticsearch集群数据
[root@node-1 elasticsearch-2.3.3]# ./bin/plugin install lmenezes/elasticsearch-kopf
-> Installing lmenezes/elasticsearch-kopf...
Trying https://github.com/lmenezes/elasticsearch-kopf/archive/master.zip ...
Downloading .............................................................................................................................................................................................DONE
Verifying https://github.com/lmenezes/elasticsearch-kopf/archive/master.zip checksums if available ...
NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify)
Installed kopf into /usr/local/elasticsearch-2.3.3/plugins/kopf
[root@node-1 elasticsearch-2.3.3]# ls plugins/ #安装完成会看到目录下的kopf
kopf
访问http://192.168.100.11:9200/_plugin/kopf
安装logstash(syslog-client)
[root@syslog-client ~]# tar zxvf logstash-2.3.3
[root@syslog-client ~]# cd logstash-2.3.3/bin/
[root@syslog-client bin]# vim log_system.conf
input {
file {
path=>"/var/log/messages"
type=>"system"
start_position=>"beginning"
}
}
output {
elasticsearch {
hosts=>["192.168.100.11:9200"]
index=>"system-%{+YYYY.MM.dd}"
}
}
[root@syslog-client bin]# ./logstash -f log_system.conf
Settings: Default pipeline workers: 1
Pipeline main started
安装kibana-4.5.1(node-1)
[root@node-1 ~]# tar zxvf kibana-4.5.1-linux-x64.tar.gz -C /usr/local/
[root@node-1 ~]# vim /usr/local/kibana-4.5.1-linux-x64/config/kibana.yml
elasticsearch.url: "http://192.168.100.11:9200" #改为本机elasticsearch的IP
kibana.index: ".kibana" #取消注释
[root@node-1 ~]# /usr/local/kibana-4.5.1-linux-x64/bin/kibana
log [22:09:17.854] [info][status][plugin:kibana] Status changed from uninitialized to green - Ready
log [22:09:17.965] [info][status][plugin:elasticsearch] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [22:09:18.080] [info][status][plugin:kbn_vislib_vis_types] Status changed from uninitialized to green - Ready
log [22:09:18.096] [info][status][plugin:markdown_vis] Status changed from uninitialized to green - Ready
log [22:09:18.106] [info][status][plugin:metric_vis] Status changed from uninitialized to green - Ready
log [22:09:18.110] [info][status][plugin:spyModes] Status changed from uninitialized to green - Ready
log [22:09:18.203] [info][status][plugin:statusPage] Status changed from uninitialized to green - Ready
log [22:09:18.216] [info][status][plugin:table_vis] Status changed from uninitialized to green - Ready
log [22:09:18.225] [info][listening] Server running at http://0.0.0.0:5601
log [22:09:23.220] [info][status][plugin:elasticsearch] Status changed from yellow to yellow - No existing Kibana index found
log [22:09:28.876] [info][status][plugin:elasticsearch] Status changed from yellow to green - Kibana index ready
访问本机的5601端口
在syslog-client安装HTTP并访问
查看搜集的日志信息