ELKELK安装与部署

Posted 2021-01-04 xialiaoliao0911

一、系统环境变量

【主机信息】

IP                           主机名                   操作系统版本
10.10.10.102                 console                 CentOS7.5
10.10.10.103                 log1                    CentOS7.5
10.10.10.104                 log2                    CentOS7.5

 【软件包版本信息】

elasticsearch-6.4.0.tar.gz
logstash-6.4.0.tar.gz
kibana-6.4.0-linux-x86_64.tar.gz

 

 

 

1. 设置主机名和IP映射

分别在上述三台机器的/etc/hosts文件中追加如下内容：

10.10.10.102 console
10.10.10.103 log1
10.10.10.104 log2

 

2.关于3台机器的防火墙，并设置开机不启动

#关闭防火墙
systemctl stop firewalld

#设置防火墙开机不启动
systemctl disable firewalld

 

3.修改3台机器的系统文件描述符大小

vim /etc/security/limits.conf

es         -            nofile           65536

 

4.增大3台机器的虚拟内存mmap count配置

vim  /etc/sysctl.conf
vm.max_map_count = 262144

#使修改生效
sysctl -p

 

5.在3台机器上分别新建用户es和日志文件目录

useradd es
mkdir  /esdata
chown -R es:es /esdata

 

二、Elasticsearch的安装与配置

 

1.分别在10.10.10.102、10.10.10.103、10.10.10.104机器上新建Elasticsearch安装目录并修改属主用户和组

mkdir -p  /usr/local/elasticsearch-6.4.0
chown -R es:es /usr/local/elasticsearch-6.4.0

 

2.登录10.10.10.102机器并切换到es用户，将elasticsearch-6.4.0.tar.gz解压到 /usr/local/elasticsearch-6.4.0目录下

tar -xf  /home/es/elasticsearch-6.4.0.tar.gz
cp -r *  /usr/local/elasticsearch-6.4.0

 

3.修改配置文件

console配置文件如下：

[[email protected] config]$ cat /usr/local/elasticsearch-6.4.0/config/elasticsearch.yml
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: console                                #设置集群的名称为console
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: console                                   #设置集群节点名称为console
node.master: true                                    #设置该节点是否为主节点，这里选择true，其他2台机器这里设置为false
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /esdata                                   #设置数据目录为/esdata
#
# Path to log files:
#
#path.logs: /path/to/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
#bootstrap.mlockall: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 10.10.10.102                     #这里配置的是console机器的IP，其他2台机器分别配置自己的IP
network.bind_host: 10.10.10.102                #同上
network.publish_host: 10.10.10.102             #同上

#
# Set a custom port for HTTP:
#
http.port: 9200                                #开启端口
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.zen.ping.unicast.hosts: ["10.10.10.102:9300"]              #配置自动发现机制，其他2台机器也设置这个值
#
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
#
discovery.zen.minimum_master_nodes: 1                                #设置发现的主节点个数为1
#
# For more information, consult the zen discovery module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

 

 log1配置文件：

[[email protected] config]$ cat elasticsearch.yml
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: console
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: log1
node.master: false
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /esdata
#
# Path to log files:
#
#path.logs: /path/to/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
#bootstrap.mlockall: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 10.10.10.103
network.bind_host: 10.10.10.103
network.publish_host: 10.10.10.103

#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.zen.ping.unicast.hosts: ["10.10.10.102:9300"]
#
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
#
discovery.zen.minimum_master_nodes: 1
#
# For more information, consult the zen discovery module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

 

 log2配置文件：

[[email protected] config]$ cat elasticsearch.yml
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: console
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: log2
node.master: false
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /esdata
#
# Path to log files:
#
#path.logs: /path/to/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
#bootstrap.mlockall: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 10.10.10.104
network.bind_host: 10.10.10.104
network.publish_host: 10.10.10.104

#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.zen.ping.unicast.hosts: ["10.10.10.102:9300"]
#
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
#
discovery.zen.minimum_master_nodes: 1
#
# For more information, consult the zen discovery module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

 

4.后台启动Elasticsearch

/usr/local/elasticsearch-6.4.0/bin/elasticsearch -d

 

 

三、

四、