【centos】安装ELK之ElasticSearch

部署环境:

  • centos 6.X
  • jdk 1.7
  • elasticsearch 2.3.1 https://www.elastic.co/downloads/elasticsearch
  • logstash 2.3.1 https://www.elastic.co/downloads/logstash
  • Kibana 4.5.0 https://www.elastic.co/downloads/kibana

 

下载资源:

  Elasticsearch:https://www.elastic.co/downloads 比如下载的是tar.gz包;根据自己习惯,可以下载rpm,或者zip 都可以。

需要提前注意的是,对端口的火墙策略;

# vim /etc/sysconfig/iptables  
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT  
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9200 -j ACCEPT  
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9292 -j ACCEPT  
# service iptables restart  

还就是安装JDK

  略

 

将其解压到/usr/local 下的elasticsearch文件夹下,然后Run bin/elasticsearch on Unix orbin\elasticsearch.bat on Windows

但是,如果是用root权限运行,会提示“java.lang.RuntimeException: don't run elasticsearch as root.” 原因是这是出于系统安全考虑设置的条件。由于ElasticSearch可以接收用户输入的脚本并且执行,为了系统安全考虑, 建议创建一个单独的用户用来运行ElasticSearch

[root@candaotool bin]# ./elasticsearch
Exception in thread "main" java.lang.RuntimeException: don't run elasticsearch as root.
    at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:93)
    at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:144)
    at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:270)
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Refer to the log for complete error details.
  • 创建elsearch用户组及elsearch用户

    groupadd elsearch
    useradd elsearch -g elsearch -p elasticsearch
  • 更改elasticsearch文件夹及内部文件的所属用户及组为elsearch:elsearch

    cd /opt
    chown -R elsearch:elsearch  elasticsearch
  • 切换到elsearch用户再启动

  • su elsearch cd elasticsearch/bin
    ./elasticsearch

    运行输出:

  • [elasticsearch@candaotool bin]$ ./elasticsearch
    [2016-04-14 16:22:19,887][WARN ][bootstrap                ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, 
    CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed [
    2016-04-14 16:22:20,200][INFO ][node ] [Jack O'Lantern] version[2.3.1], pid[2805], build[bd98092/2016-04-04T12:25:05Z] [2016-04-14 16:22:20,201][INFO ][node ] [Jack O'Lantern] initializing ... [2016-04-14 16:22:20,806][INFO ][plugins ] [Jack O'Lantern] modules [lang-groovy, reindex, lang-expression], plugins [], sites []
  • ElasticSearch后端启动命令  
    ./elasticsearch -d
  • 检验服务是否正常,如果想通过IP地址访问,那么需要修改config/elasticsearch.yml文件中的network.host: 192.168.87.8,这样就可以通过http://192.168.87.8:9200访问了。后续kibana中也可以顺利配置这个IP和端口了。

  • curl -X GET http://localhost:9200
    [elasticsearch@candaotool bin]$ curl -X GET http://localhost:9200
    {
      "name" : "Spectral",
      "cluster_name" : "elasticsearch",
      "version" : {
        "number" : "2.3.1",
        "build_hash" : "bd980929010aef404e7cb0843e61d0665269fc39",
        "build_timestamp" : "2016-04-04T12:25:05Z",
        "build_snapshot" : false,
        "lucene_version" : "5.5.0"
      },
      "tagline" : "You Know, for Search"
    }

    到此,表示服务正常运行!

    如果搭建ES(2.X版本以后)集群的话,需要手动修改一下elasticsearch.yml文件:

# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
# discovery.zen.ping.unicast.hosts: ["host1", "host2"]
#
# Prevent the "split brain" by configuring the majority of nodes (total number of nodes / 2 + 1):
#
# discovery.zen.minimum_master_nodes: 3
#
# For more information, see the documentation at:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery.html>

 

  • 资源参考:
    • https://www.elastic.co/download
      https://www.elastic.co/downloads/elasticsearch
      http://my.oschina.net/topeagle/blog/591451
      http://stackoverflow.com/questions/34920801/how-to-run-elasticsearch-2-1-1-as-root-user-in-linux-machine

    • http://kibana.logstash.es/content/kibana/v4/setup.html
    • https://www.elastic.co/guide/en/kibana/current/setup.html 提到了安装为服务的方法
posted @ 2016-04-14 17:38  iMhager  阅读(2495)  评论(0编辑  收藏  举报