ELK部署

Elasticsearch 部署

https://www.unixhot.com/article/59

安装JDK

[root@ww1 ~]# yum install -y java
[root@ww1 ~]# java -version
openjdk version "1.8.0_65"
OpenJDK Runtime Environment (build 1.8.0_65-b17)
OpenJDK 64-Bit Server VM (build 25.65-b01, mixed mode)

YUM安装ElasticSearch

1.下载并安装GPG key

[root@ww1 ~]# rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

2.添加yum仓库

[root@ww1 ~]# vim /etc/yum.repos.d/elasticsearch.repo
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enabled=1

3.安装elasticsearch

[root@hadoop-node1 ~]# yum install -y elasticsearch

[root@ww1 elasticsearch]# grep '^[a-z]' elasticsearch.yml
cluster.name: escls
node.name: el-node-01
path.data: /elk_data/data
path.logs: /elk_data/logs
bootstrap.memory_lock: true
network.host: 192.168.116.101
http.port: 9200
[root@ww1 elasticsearch]# systemctl restart elasticsearch.service
[root@ww1 elasticsearch]# netstat -nltp|grep 9200
tcp6       0      0 192.168.116.101:9200    :::*                    LISTEN      4086/java           
[root@ww1 elasticsearch]#

** 注意权限,之前因为日志目录属性不对,导致无法启动

[root@ww1 elasticsearch]# chown -R elasticsearch:elasticsearch /elk_data
[root@ww1 elasticsearch]# ll /elk_data/
drwxr-xr-x. 2 elasticsearch elasticsearch 6 10?27 14:40 data
drwxr-xr-x. 2 elasticsearch elasticsearch 6 10?27 14:40 logs
[root@ww1 elasticsearch]# cd /elk_data/

测试elasticsearch

[root@ww1 elasticsearch]# curl http://192.168.116.101:9200
{
  "name" : "el-node-01",
  "cluster_name" : "escls",
  "cluster_uuid" : "f-W7UrSUSv2jPOCn0VKE-w",
  "version" : {
    "number" : "2.4.6",
    "build_hash" : "5376dca9f70f3abef96a77f4bb22720ace8240fd",
    "build_timestamp" : "2017-07-18T12:17:44Z",
    "build_snapshot" : false,
    "lucene_version" : "5.5.4"
  },
  "tagline" : "You Know, for Search"
}
[root@ww1 elasticsearch]#
[root@ww1 elasticsearch]# curl -i -XGET 'http://192.168.116.101:9200/_count?'
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 59

{"count":0,"_shards":{"total":0,"successful":0,"failed":0}}[root@ww1 elasticsearch]#

安装Head插件,集群管理

[root@ww1 bin]# ./plugin install mobz/elasticsearch-head
-> Installing mobz/elasticsearch-head...
Trying https://github.com/mobz/elasticsearch-head/archive/master.zip ...
Downloading ............................................................................DONE
Verifying https://github.com/mobz/elasticsearch-head/archive/master.zip checksums if available ...
NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify)
Installed head into /usr/share/elasticsearch/plugins/head
[root@ww1 bin]#

http://192.168.116.101:9200/_plugin/head/

安装kopf插件

[root@ww1 bin]# ./plugin install lmenezes/elasticsearch-kopf
-> Installing lmenezes/elasticsearch-kopf...
Trying https://github.com/lmenezes/elasticsearch-kopf/archive/master.zip ...
Downloading ..............................................................................DONE
Verifying https://github.com/lmenezes/elasticsearch-kopf/archive/master.zip checksums if available ...
NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify)
Installed kopf into /usr/share/elasticsearch/plugins/kopf
[root@ww1 bin]#

http://192.168.116.101:9200/_plugin/kopf/#!/cluster

LogStash部署与配置

安装JDK

[root@ww1 ~]# yum install -y java
[root@ww1 ~]# java -version
openjdk version "1.8.0_65"
OpenJDK Runtime Environment (build 1.8.0_65-b17)
OpenJDK 64-Bit Server VM (build 25.65-b01, mixed mode)

YUM部署LogStash

1.下载并安装GPG key

[root@ww2 ~]# rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

2.添加yum仓库

[root@linux-node2 ~]# vim /etc/yum.repos.d/logstash.repo
[logstash-2.3]
name=Logstash repository for 2.3.x packages
baseurl=https://packages.elastic.co/logstash/2.3/centos
gpgcheck=1
gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch
enabled=1

3.安装logstash

[root@ww2 ~]# yum install -y logstash

Kibana简介

Yum安装Kibana

1.下载并安装GPG key

[root@ww2 ~]# rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

2.添加yum仓库

[root@ww2 ~]# vim /etc/yum.repos.d/kibana.repo
[kibana-4.5]
name=Kibana repository for 4.5.x packages
baseurl=http://packages.elastic.co/kibana/4.5/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enabled=1

3.安装kibana

[root@ww2 ~]# yum install -y kibana

使用Cobbler创建ELKStack仓库

当然生产环境,肯定不能使用外网的YUM仓库,可以使用Cobbler来创建自己的yum仓库。

[root@log-node1 ~]# cobbler repo add --name=logstash-2.3 --mirror=http://packages.elastic.co/logstash/2.3/centos --arch=x86_64 --breed=yum
[root@log-node1 ~]# cobbler repo add --name=elasticsearch2 --mirror=http://packages.elastic.co/elasticsearch/2.x/centos --arch=x86_64 --breed=yum
[root@log-node1 ~]# cobbler repo add --name=kibana4.5 --mirror=http://packages.elastic.co/kibana/4.5/centos --arch=x86_64 --breed=yum
[root@log-node1 ~]# cobbler reposync