ELK-安装--todo

olivee 5年前 ⋅ 1201 阅读

echo "vm.swappiness=1" >> /etc/sysctl.conf echo "vm.max_map_count=262144" >> /etc/sysctl.conf reboot

vi /etc/security/limits.conf elasticsearch soft memlock unlimited elasticsearch hard memlock unlimited elasticsearch - nofile 65535

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0 systemctl disable firewalld systemctl stop firewalld

sudo groupadd elasticsearch sudo useradd -g elasticsearch elasticsearch

/opt/efk/elasticsearch-7.6.0-linux-x86_64.tar.gz

cd /opt/efk/ tar -xzvf elasticsearch-7.6.0-linux-x86_64.tar.gz

mkdir /opt/efk/es-data mkdir /opt/efk/es-logs

sudo chown -R elasticsearch:elasticsearch /opt/efk/elasticsearch-7.6.0 /opt/efk/es-data /opt/efk/es-logs

节点1配置 cluster.name: ccs-es-7-6-0 node.name: efk-node1 node.attr.rack: r1 path.data: /opt/efk/es-data path.logs: /opt/efk/es-logs bootstrap.memory_lock: true network.host: 192.168.19.180 http.port: 9200 discovery.seed_hosts: ["192.168.19.180:9300", "192.168.19.181:9300", "192.168.19.182:9300"] cluster.initial_master_nodes: ["efk-node1", "efk-node2", "efk-node3"] gateway.recover_after_nodes: 3 action.destructive_requires_name: true xpack.security.enabled: true xpack.ml.enabled: true xpack.license.self_generated.type: trial

节点2配置 cluster.name: ccs-es-7-6-0 node.name: efk-node2 node.attr.rack: r1 path.data: /opt/efk/es-data path.logs: /opt/efk/es-logs bootstrap.memory_lock: true network.host: 192.168.19.181 http.port: 9200 discovery.seed_hosts: ["192.168.19.180:9300", "192.168.19.181:9300", "192.168.19.182:9300"] cluster.initial_master_nodes: ["efk-node1", "efk-node2", "efk-node3"] gateway.recover_after_nodes: 3 action.destructive_requires_name: true xpack.security.enabled: true xpack.ml.enabled: true xpack.license.self_generated.type: trial

节点3配置 cluster.name: ccs-es-7-6-0 node.name: efk-node3 node.attr.rack: r1 path.data: /opt/efk/es-data path.logs: /opt/efk/es-logs bootstrap.memory_lock: true network.host: 192.168.19.182 http.port: 9200 discovery.seed_hosts: ["192.168.19.180:9300", "192.168.19.181:9300", "192.168.19.182:9300"] cluster.initial_master_nodes: ["efk-node1", "efk-node2", "efk-node3"] gateway.recover_after_nodes: 3 action.destructive_requires_name: true xpack.security.enabled: true xpack.ml.enabled: true xpack.license.self_generated.type: trial

su elasticsearch cd /opt/efk/elasticsearch-7.6.0 ./bin/elasticsearch

#设置密码 bin/elasticsearch-setup-passwords interactive

安装 https://github.com/lmenezes/cerebro/releases cd /opt/efk/ wget https://github.com/lmenezes/cerebro/releases/download/v0.8.5/cerebro-0.8.5.tgz tar -xzvf cerebro-0.8.5.tgz cd /opt/efk/cerebro-0.8.5/bin ./cerebro

打开http://192.168.19.180:9000/#/connect 输入:http://192.168.19.180:9200/

--------------安装kibana

sudo groupadd kibana sudo useradd -g kibana kibana

timedatectl set-timezone Asia/Shanghai

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0 systemctl disable firewalld systemctl stop firewalld

echo "vm.swappiness=1" >> /etc/sysctl.conf echo "vm.max_map_count=262144" >> /etc/sysctl.conf

vi /etc/security/limits.conf kibana soft memlock unlimited kibana hard memlock unlimited kibana - nofile 65535

reboot

mkdir /opt/efk cd /opt/efk wget https://artifacts.elastic.co/downloads/kibana/kibana-7.6.0-linux-x86_64.tar.gz tar -xzvf kibana-7.6.0-linux-x86_64.tar.gz cd kibana-7.6.0-linux-x86_64

vi config/kibana.yml server.host: 192.168.19.183 elasticsearch.hosts: ["http://192.168.19.180:9200", "http://192.168.19.181:9200", "http://192.168.19.182:9200"]

chown -R kibana:kibana /opt/efk/kibana-7.6.0-linux-x86_64 su - kibana cd /opt/efk/kibana-7.6.0-linux-x86_64 ./bin/kibana

http://192.168.19.183:5601/app/kibana

---------------k8s中安装filebeat curl -L -O https://raw.githubusercontent.com/elastic/beats/7.6/deploy/kubernetes/filebeat-kubernetes.yaml