自动化-ELK日志管理

Posted 2020-11-07 赵SIR

 

2台服务器  node1  192.168.1.102    node2  192.168.1.104    /etc/hosts   分别放着解析地址

#  wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo           ###2台服务器上操作

http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html    官网 下载 jdk--elasticsearch

# yum install jdk-8u171-linux-x64.rpm elasticsearch-5.4.0.rpm                                            ###2台服务器上操作

# vim /etc/elasticsearch/elasticsearch.yml                                 ####node1 操作

# grep "^[a-Z]" /etc/elasticsearch/elasticsearch.yml 
cluster.name: elk-cluster
node.name: node-1
path.data: /data/elkdata
path.logs: /data/logs
bootstrap.memory_lock: true
network.host: 192.168.1.102
http.port: 9200
discovery.zen.ping.unicast.hosts: ["192.168.1.102", "192.168.1.104"]

在2台服务器上都操作   mkdir /data/elkdata   && mkdir /data/logs

####node1操作

# vim /usr/lib/systemd/system/elasticsearch.service 

LimitMEMLOCK=infinity   

# cat /etc/elasticsearch/jvm.options   一些内存什么的配置文件,如果修改可以修改这个

-Xms3g
-Xmx3g

# systemctl restart elasticsearch.service

scp /etc/elasticsearch/elasticsearch.yml 192.168.1.104:/etc/elasticsearch/

###node2操作

# grep ‘^[a-z]‘ /etc/elasticsearch/elasticsearch.yml 
cluster.name: elk-cluster
node.name: node-2
path.data: /data/elkdata
path.logs: /data/logs
bootstrap.memory_lock: true
network.host:192.168.1.104
http.port: 9200
discovery.zen.ping.unicast.hosts: ["192.168.1.102", "192.168.1.104"]

# vim /usr/lib/systemd/system/elasticsearch.service 

LimitMEMLOCK=infinity   

# systemctl restart elasticsearch.service