组件包括:

  1. bastion server:对外提供跳板服务

  2. elasticsearch cluster:存储所有数据

服务对应端口

服务 端口
kibana 5601
cerebro 9000
elasticsearch-head 9100
elasticsearch 9200、9300

安装bastion server

安装elasticsearch

cd ~

wget -c https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-linux-x86_64.tar.gz

tar zxvf elasticsearch-7.3.0-linux-x86_64.tar.gz

mv elasticsearch-7.3.0 /opt/es

useradd es -d /opt/es

mkdir -p /opt/es_data /opt/es_logs

chown -R es:es /opt/es_data /opt/es_logs /opt/es

wget -O /opt/es/config/elasticsearch.yml https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/elasticsearch.yml

编辑/opt/es/config/elasticsearch.yml文件,修改相关配置

编辑/opt/es/config/jvm.options,根据你内存情况进行修改

-Xms4g

-Xmx4g

注释3行

#-XX:+UseConcMarkSweepGC

#-XX:CMSInitiatingOccupancyFraction=75

#-XX:+UseCMSInitiatingOccupancyOnly

添加2行

-XX:+UseG1GC

-XX:MaxGCPauseMillis=200

随机自启动

centos 7

wget -O /usr/lib/systemd/system/es.service https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/es.service

systemctl enable es

systemctl daemon-reload

sysctl -p

ulimit -SHn 655360

systemctl restart es.service

centos 6

wget -O /etc/init.d/es https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/es

chmod +x /etc/init.d/es

chkconfig --add es

chkconfig --level 345 es on

sysctl -p

ulimit -SHn 655360

service es restart

检查服务是否正常

# netstat -nptl|grep 9[2,3]00

tcp 0 0 192.168.50.51:9200 0.0.0.0:* LISTEN 4760/java

tcp 0 0 192.168.50.51:9300 0.0.0.0:* LISTEN 4760/java

设置es密码

./bin/elasticsearch-setup-passwords interactive

根据提示输入密码,设置完重启es服务。

安装kibana(已内置,可忽略)

yum -y install nodejs npm git bzip2

wget -c https://artifacts.elastic.co/downloads/kibana/kibana-7.3.0-linux-x86_64.tar.gz

tar zxvf kibana-7.3.0-linux-x86_64.tar.gz

mv kibana-7.3.0-linux-x86_64 /opt/bigops/kibana

wget -O /opt/bigops/kibana/config/kibana.yml https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/kibana.yml

编辑/opt/bigops/kibana/config/kibana.yml

随机自动启

centos 7

wget -O /usr/lib/systemd/system/kibana.service https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/kibana.service

systemctl enable kibana

systemctl daemon-reload

systemctl restart kibana.service

centos 6

wget -O /etc/init.d/kibana https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/kibana

chmod +x /etc/init.d/kibana

chkconfig --add kibana

chkconfig --level 345 kibana on

service kibana restart

设置Nginx

wget -O /etc/nginx/conf.d/kibana.conf https://raw.githubusercontent.com/yunweibang/bigops-install/master/nginx/conf.d/kibana.conf

编辑/etc/nginx/conf.d/kibana.conf

server_name kibana.bigops.com; //你的域名

重启Nginx

service nginx restart

访问你配置的域名,会显示kibana登录页面

安装cerebro(已内置,可忽略)

wget -c https://github.com/lmenezes/cerebro/releases/download/v0.8.4/cerebro-0.8.4.tgz

tar zxvf cerebro-0.8.4.tgz

mv cerebro-0.8.4 /opt/bigops/cerebro

编辑/opt/bigops/cerebro/conf/application.conf文件

随机启动

centos 7

wget -O /usr/lib/systemd/system/cerebro.service https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/cerebro.service

chmod -R 777 /opt/bigops/cerebro/bin/

systemctl enable cerebro

systemctl daemon-reload

systemctl restart cerebro.service

centos 6

wget -O /etc/init.d/cerebro https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/cerebro

chmod -R 777 /opt/bigops/cerebro/bin/

chmod +x /etc/init.d/cerebro

chkconfig --add cerebro

chkconfig --level 345 cerebro on

service cerebro restart

用浏览器访问对应ip加端口

安装elasticsearch-head(可选)

wget -c https://nodejs.org/dist/latest-v8.x/node-v8.16.1-linux-x64.tar.xz

tar xf node-v8.16.1-linux-x64.tar.xz

mv node-v8.16.1-linux-x64 /usr/local/node

ln -sf /usr/local/node/bin/npm /usr/bin/npm

ln -sf /usr/local/node/bin/node /usr/bin/node

编辑/etc/profile,末尾添加

export NODE_HOME=/usr/local/node

export NODE_PATH=/usr/local/node

export PATH=$NODE_HOME/bin:$PATH

重新加载用户环境

source /etc/profile

安装elasticsearch-head

git clone git://github.com/mobz/elasticsearch-head.git

mv elasticsearch-head /opt/bigops/es-head

cd es-head

rm -rf ./node_modules

npm config set registry https://registry.npm.taobao.org

npm config set strict-ssl false

npm install -g grunt-cli

npm install --unsafe-perm

npm audit fix --force

npm audit

编辑/opt/bigops/es-head/Gruntfile.js文件

connect:     
    server: {
        options: {
             hostname: '0.0.0.0',  #添加这行,冒号后面有空格
             port: 9100,
             base: '.',
             keepalive: true

编辑/opt/bigops/es-head/_site/app.js,修改head连接es的地址,将localhost修改为es的IP地址

原配置

this.base_uri = this.config.base_uri || this.prefs.get("app-base_uri") || "http://localhost:9200";

将localhost修改为你的es地址

this.base_uri = this.config.base_uri || this.prefs.get("app-base_uri") || "http://xxx.xxx.xxx.xxx:9200";

启动

cd /opt/bigops/es-head && npm run start

随机自启动

centos 7

wget -O /usr/lib/systemd/system/es-head.service https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/es-head.service

systemctl enable es-head

systemctl daemon-reload

centos 6

wget -O /etc/init.d/kibana https://raw.githubusercontent.com/yunweibang/bigops-install/master/elk/es-head

chmod +x /etc/init.d/es-head

chkconfig --add es-head

chkconfig --level 345 es-head on

访问elasticsearch-head,浏览器输入:
http://192.168.50.51:9100/?auth_user=elastic&auth_password=你的es密码

忘记elasticsearch密码,重置密码

按下述步骤创建本地超级账户,然后使用api接口重置elastic账户的密码

(1) 停止elasticsearch服务

(2) 使用命令ES_HOME/bin/x-pack/users创建一个基于本地问价认证的超级管理员

./bin/elasticsearch-users useradd my_admin -p my_password -r superuser

(3) 启动elasticsearch服务

(4) 通过api重置elastic超级管理员的密码

curl -u my_admin -XPUT 'http://localhost:9200/_xpack/security/user/elastic/_password?pretty' -H 'Content-Type: application/json' -d'

{

"password" : "new_password"

}

'

(5) 校验密码是否重置成功

curl -u elastic 'http://localhost:9200/_xpack/security/_authenticate?pretty'

results matching ""

    No results matching ""