ELK日志分析系统之elasticsearch7.x最新版安装与配置
1、Elasticsearch
1.1、elasticsearch的简介
ElasticSearch是一个基于Lucene的搜索服务器。它提供了一个分布式多用户能力的全文搜索引擎,基于RESTful web接口。Elasticsearch是用Java开发的,并作为Apache许可条款下的开放源码发布,是第二流行的企业搜索引擎。设计用于云计算中,能够达到实时搜索,稳定,可靠,快速,安装使用方便。
1.2、下载地址:https://www.elastic.co/cn/downloads/elasticsearch,到此网页上下开elasticsearch安装包。
1.3、将下载的.tar包解压到目录/application下。创建软链接es文件。详情如下图所示:
1.4、关于JDK,此安装包里包含有JDK,不用再系统上重新安装其他的版本的JDK。
1.5、将此JDK放到系统变量文件/etc/profile中,在文件最后插入如下配置,详情如下:
#set java environment export JAVA_HOME=/application/es/jdk export JRE_HOME=${JAVA_HOME}/jre export CLASSPATH=.:${JAVA_HOME}/lib/dt.JAVA_HOME/lib/tools.jar:${JRE_HOME}/lib export PATH=${JAVA_HOME}/bin:${PATH}
1.6、使用source命令,使配置生效
source /etc/profile
1.7、配置elasticsearch的配置文件
[root@harlan_ansible ~]# vim /application/es/config/elasticsearch.yml
# ======================== Elasticsearch Configuration ========================= # # NOTE: Elasticsearch comes with reasonable defaults for most settings. # Before you set out to tweak and tune the configuration, make sure you # understand what are you trying to accomplish and the consequences. # # The primary way of configuring a node is via this file. This template lists # the most important settings you may want to configure for a production cluster. # # Please consult the documentation for further information on configuration options: # https://www.elastic.co/guide/en/elasticsearch/reference/index.html # # ---------------------------------- Cluster ----------------------------------- # # Use a descriptive name for your cluster: # cluster.name: my-harlan #配置集群的名称 # # ------------------------------------ Node ------------------------------------ # # Use a descriptive name for the node: # node.name: harlan_ansible #本节点的名称,此主机的名称 # # Add custom attributes to the node: # #node.attr.rack: r1 # # ----------------------------------- Paths ------------------------------------ # # Path to directory where to store the data (separate multiple locations by comma): # path.data: /application/es/to/data #日志存放地址 # # Path to log files: # path.logs: /application/es/to/logs #elasticsearch的本地日志 # # ----------------------------------- Memory ----------------------------------- # # Lock the memory on startup: # #bootstrap.memory_lock: true # # Make sure that the heap size is set to about half the memory available # on the system and that the owner of the process is allowed to use this # limit. # # Elasticsearch performs poorly when the system is swapping the memory. # # ---------------------------------- Network ----------------------------------- # # Set the bind address to a specific IP (IPv4 or IPv6): # network.host: 0.0.0.0 #任意IP都可以访问elasticsearch # # Set a custom port for HTTP: # http.port: 9200 #elasticsearch的访问端口 # # For more information, consult the network module documentation. # # --------------------------------- Discovery ---------------------------------- # # Pass an initial list of hosts to perform discovery when this node is started: # The default list of hosts is ["127.0.0.1", "[::1]"] # #discovery.seed_hosts: ["host1", "host2"] # # Bootstrap the cluster using an initial set of master-eligible nodes: # cluster.initial_master_nodes: ["harlan_ansible"] #开启集群的节点 # # For more information, consult the discovery and cluster formation module documentation. # # ---------------------------------- Gateway ----------------------------------- # # Block initial recovery after a full cluster restart until N nodes are started: # #gateway.recover_after_nodes: 3 # # For more information, consult the gateway module documentation. # # ---------------------------------- Various ----------------------------------- # # Require explicit names when deleting indices: # #action.destructive_requires_name: true http.cors.enabled: true #下面这两个,是为了通过外网的浏览器访问 http.cors.allow-origin: "*"
1.8、通过上述配置后,还需要配置启动elasticsearch服务的用户和权限。因为elasticsearch的服务不能使用root用户进行启动。所以需要创建es帐号,并且更改/application/es的所属用户和组。
1.8.1 创建用户es
useradd es
1.8.2 更改/application/es的所属用户和组
chown -R es.es /application/es chown -R es.es /application/elasticsearch-7.3.2
1.9、切换到es帐户,启动elasticsearch服务
[es@harlan_ansible]$ su es
[es@harlan_ansible root]$ /application/es/bin/elasticsearch -d
1.10、查看服务是否已启动
1.11、由上图可知,elasticsearch服务已经启动。
测试:通过浏览器进行访问
1.12、由图可知,elasticsearch已经安装成功。
如果有错误,欢迎各位网友指导。
另外喜欢的话,给个推荐呗,谢谢!