部署ELK
1.搭建客户机Nginx
ls[root@nginx ~]# hostname
nginx
[root@nginx ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)
[root@nginx ~]# uname -r
2.6.32-431.el6.x86_64
[root@nginx ~]# /etc/init.d/iptables stop
iptables:将链设置为政策 ACCEPT:filter [确定]
iptables:清除防火墙规则: [确定]
iptables:正在卸载模块: [确定]
[root@nginx ~]# setenforce 0
setenforce: SELinux is disabled
[root@nginx ~]# chkconfig iptables off
[root@nginx ~]# tar xf nginx-1.13.12.tar.gz -C /usr/src/
[root@nginx ~]# useradd -M -s /sbin/nologin nginx
[root@nginx ~]# cd /usr/src/nginx-1.13.12/
[root@nginx nginx-1.13.12]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install
[root@nginx nginx-1.13.12]# cp -p /usr/local/nginx/sbin/* /usr/local/sbin/
[root@nginx nginx-1.13.12]# nginx
[root@nginx nginx-1.13.12]# netstat -anpt|grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5605/nginx
2部署客户机Apache:
[root@Apache ~]# hostname
Apache
[root@Apache ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)
[root@Apache ~]# uname -r
2.6.32-431.el6.x86_64
[root@Apache ~]# /etc/init.d/iptables stop
[root@Apache ~]# setenforce 0
[root@Apache ~]# tar xf apr-1.5.1.tar.gz -C /usr/src/
[root@Apache ~]# tar xf apr-util-1.5.1.tar.gz -C /usr/src/
[root@Apache ~]# tar xf httpd-2.4.33.tar.gz -C /usr/src/
[root@Apache ~]# cd /usr/src/apr-1.5.1/
[root@Apache apr-1.5.1]# ./configure prefix=/usr/local/apr && make && make install
[root@Apache apr-1.5.1]# cd ../apr-util-1.5.1/
[root@Apache apr-util-1.5.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/ && make && make install
[root@Apache apr-util-1.5.1]# cd ../httpd-2.4.33/
[root@Apache httpd-2.4.33]# ./configure --prefix=/usr/local/httpd --enable-so --enable-rewrite --enable-header --enable-charset-lite --enable-cgi --with-apr=/usr/local/apr/ --with-apr-util=/usr/local/apr-util/ && make && make install
[root@Apache httpd-2.4.33]# ln -s /usr/local/httpd/bin/* /usr/local/sbin/
[root@Apache httpd-2.4.33]# apachectl start
AH00557: httpd: apr_sockaddr_info_get() failed for Apache
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
[root@Apache httpd-2.4.33]# netstat -anpt|grep httpd
tcp 0 0 :::80 :::* LISTEN 34117/httpd
3.部署Elasticserch(Logstash、Kibana三台都需要安装JDK)
1.查看系统环境:
[root@Elasticserch ~]# hostname
Elasticserch
[root@Elasticserch ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)
[root@Elasticserch ~]# uname -r
2.6.32-431.el6.x86_64
[root@Elasticserch ~]# /etc/init.d/iptables stop
[root@Elasticserch ~]# setenforce 0
2.安装JDK环境:
[root@Elasticserch ~]# tar xf jdk-8u161-linux-x64.tar.gz
[root@Elasticserch ~]# mv jdk1.8.0_161/ /usr/local/java
[root@Elasticserch ~]# vim /etc/profile.d/java.sh
export JAVA_HOME=/usr/local/java
export PATH=$PATH:$JAVA_HOME/bin
[root@Elasticserch ~]# source /etc/profile
[root@Elasticserch ~]# java -version
java version "1.8.0_161"
Java(TM) SE Runtime Environment (build 1.8.0_161-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.161-b12, mixed mode)
3.安装Elasticserch节点:
[root@Elasticserch ~]# tar xf elasticsearch-6.2.4.tar.gz
[root@Elasticserch ~]# mv elasticsearch-6.2.4 /usr/local/elasticsearch
[root@Elasticserch ~]# cd /usr/local/elasticsearch/
[root@Elasticserch elasticsearch]# cd config/
[root@Elasticserch config]# cp elasticsearch.yml{,.default} #备份配置文件,防止修改错误
4.修改配置文件:
[root@Elasticserch config]# vim elasticsearch.yml
cluster.name: my-es-cluster #集群的名称
node.name: node-1 #节点的名称
path.data: /usr/local/elasticsearch/data #数据路径
path.logs: /usr/local/ elasticsearch /logs #日志路径
bootstrap.memory_lock: false #这行去掉注释把ture改成false,不改会造成服务启动报错
bootstrap.system_call_filter: false #添加这行,否则启动会报错。
配置上述两行的原因:
这是在因为Centos6不支持SecComp,而ES5.2.0默认bootstrap.system_call_filter为true进行检测,所以导致检测失败,失败后直接导致ES不能启动。
network.host: 192.168.200.132 # elasticsearch主机地址
http.port: 9200 #端口号
discovery.zen.ping.unicast.hosts: ["node-1"] #启动新节点通过主机列表发现。
discovery.zen.minimum_master_nodes: 1 #总节点数
[root@elasticsearch ~]# vim /etc/security/limits.d/90-nproc.conf
* soft nproc 4096 #默认1024,改成4096
[root@elasticsearch ~]# vim /etc/sysctl.conf
#末尾追加否则服务会报错。
vm.max_map_count=655360
[root@elasticsearch ~]# sysctl -p #使上述配置生效
3.创建elasticsearch运行的用户:
[root@Elasticserch config]# useradd elasticsearch
[root@Elasticserch config]# chown -R elasticsearch.elasticsearch /usr/local/elasticsearch/
4.修改文件句柄数:
[root@Elasticserch config]# vim /etc/security/limits.conf
#添加下面内容:
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
5.切换用户启动服务
[root@Elasticserch config]# su - elasticsearch
[elasticsearch@Elasticserch ~]$ cd /usr/local/elasticsearch/
[elasticsearch@elasticsearch elasticsearch]$ bin/elasticsearch &
注:如果启动错误请看下上述配置过程黄色标记的部分是否有配置错误或者没有配置。
6.查看服务是否启动成功
[root@elasticsearch ~]# netstat -anpt
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 970/rpcbind
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1150/sshd
tcp 0 0 0.0.0.0:56600 0.0.0.0:* LISTEN 988/rpc.statd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1226/master
tcp 0 64 192.168.200.132:22 192.168.200.2:62459 ESTABLISHED 1301/sshd
tcp 0 0 :::111 :::* LISTEN 970/rpcbind
tcp 0 0 ::ffff:192.168.200.132:9200 :::* LISTEN 3990/java
tcp 0 0 ::ffff:192.168.200.132:9300 :::* LISTEN 3990/java
tcp 0 0 :::52916 :::* LISTEN 988/rpc.statd
tcp 0 0 :::22 :::* LISTEN 1150/sshd
tcp 0 0 ::1:25 :::* LISTEN 1226/master
7.简单测试下:
[root@elasticsearch ~]# curl http://192.168.200.132:9200
{
"name" : "node-1",
"cluster_name" : "my-es-cluster",
"cluster_uuid" : "tMW5tRXMTwO0g1i9BAp0rg",
"version" : {
"number" : "6.2.4",
"build_hash" : "ccec39f",
"build_date" : "2018-04-12T20:37:28.497551Z",
"build_snapshot" : false,
"lucene_version" : "7.2.1",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
说明服务正常。
8.安装head插件:
[root@Elasticserch ~]# vim /usr/local/elasticsearch/config/elasticsearch.yml
# 增加参数,使head插件可以访问es
http.cors.enabled: true
http.cors.allow-origin: "*"
下载head插件
wget https://github.com/mobz/elasticsearch-head/archive/master.zip
安装node
wget https://npm.taobao.org/mirrors/node/latest-v4.x/node-v4.4.7-linux-x64.tar.gz
tar -zxvf node-v4.4.7-linux-x64.tar.gz
配置下环境变量,编辑/etc/profile添加
[root@Elasticserch ~]# vim /etc/profile.d/node.sh
export NODE_HOME=/root/node-v4.4.7-linux-x64
export PATH=$PATH:$NODE_HOME/bin
export DODE_PATH=$NODE_HOME/lib/node_modules
[root@Elasticserch ~]# . /etc/profile
安装grunt
grunt是基于Node.js的项目构建工具,可以进行打包压缩、测试、执行等等的工作,head插件就是通过grunt启动
[root@Elasticserch ~]# unzip master.zip
[root@Elasticserch ~]# cd elasticsearch-head-master/
[root@Elasticserch elasticsearch-head-master]# npm install -g grunt-cli # 执行后会生成node_modules文件夹
[root@Elasticserch elasticsearch-head-master]# grunt -version
grunt-cli v1.2.0
[root@Elasticserch elasticsearch-head-master]# vim Gruntfile.js
connect: {
server: {
options: {
port: 9100,
base: '.',
keepalive: true
hostname: '*' #添加这行
[root@Elasticserch elasticsearch-head-master]# vim _site/app.js
(function( app, i18n ) {
var ui = app.ns("ui");
var services = app.ns("services");
app.App = ui.AbstractWidget.extend({
defaults: {
base_uri: null
},
init: function(parent) {
this._super();
this.prefs = services.Preferences.instance();
this.base_uri = this.config.base_uri || this.prefs.get("app-base_uri") || "http://192.168.200.130:9200"; #改成es地址
运行head
[root@Elasticserch elasticsearch-head-master]# grunt server &
重启es
报错解决方法:
npm config set strict-ssl false
npm config set registry http://registry.cnpmjs.org
npm info underscore
npm --registry http://registry.cnpmjs.org info underscore
编辑 ~/.npmrc 加入下面内容
registry = http://registry.cnpmjs.org
