echo "vm.swappiness=1" >> /etc/sysctl.conf echo "vm.max_map_count=262144" >> /etc/sysctl.conf reboot
vi /etc/security/limits.conf elasticsearch soft memlock unlimited elasticsearch hard memlock unlimited elasticsearch - nofile 65535
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0 systemctl disable firewalld systemctl stop firewalld
sudo groupadd elasticsearch sudo useradd -g elasticsearch elasticsearch
/opt/efk/elasticsearch-7.6.0-linux-x86_64.tar.gz
cd /opt/efk/ tar -xzvf elasticsearch-7.6.0-linux-x86_64.tar.gz
mkdir /opt/efk/es-data mkdir /opt/efk/es-logs
sudo chown -R elasticsearch:elasticsearch /opt/efk/elasticsearch-7.6.0 /opt/efk/es-data /opt/efk/es-logs
节点1配置 cluster.name: ccs-es-7-6-0 node.name: efk-node1 node.attr.rack: r1 path.data: /opt/efk/es-data path.logs: /opt/efk/es-logs bootstrap.memory_lock: true network.host: 192.168.19.180 http.port: 9200 discovery.seed_hosts: ["192.168.19.180:9300", "192.168.19.181:9300", "192.168.19.182:9300"] cluster.initial_master_nodes: ["efk-node1", "efk-node2", "efk-node3"] gateway.recover_after_nodes: 3 action.destructive_requires_name: true xpack.security.enabled: true xpack.ml.enabled: true xpack.license.self_generated.type: trial
节点2配置 cluster.name: ccs-es-7-6-0 node.name: efk-node2 node.attr.rack: r1 path.data: /opt/efk/es-data path.logs: /opt/efk/es-logs bootstrap.memory_lock: true network.host: 192.168.19.181 http.port: 9200 discovery.seed_hosts: ["192.168.19.180:9300", "192.168.19.181:9300", "192.168.19.182:9300"] cluster.initial_master_nodes: ["efk-node1", "efk-node2", "efk-node3"] gateway.recover_after_nodes: 3 action.destructive_requires_name: true xpack.security.enabled: true xpack.ml.enabled: true xpack.license.self_generated.type: trial
节点3配置 cluster.name: ccs-es-7-6-0 node.name: efk-node3 node.attr.rack: r1 path.data: /opt/efk/es-data path.logs: /opt/efk/es-logs bootstrap.memory_lock: true network.host: 192.168.19.182 http.port: 9200 discovery.seed_hosts: ["192.168.19.180:9300", "192.168.19.181:9300", "192.168.19.182:9300"] cluster.initial_master_nodes: ["efk-node1", "efk-node2", "efk-node3"] gateway.recover_after_nodes: 3 action.destructive_requires_name: true xpack.security.enabled: true xpack.ml.enabled: true xpack.license.self_generated.type: trial
su elasticsearch cd /opt/efk/elasticsearch-7.6.0 ./bin/elasticsearch
#设置密码 bin/elasticsearch-setup-passwords interactive
安装 https://github.com/lmenezes/cerebro/releases cd /opt/efk/ wget https://github.com/lmenezes/cerebro/releases/download/v0.8.5/cerebro-0.8.5.tgz tar -xzvf cerebro-0.8.5.tgz cd /opt/efk/cerebro-0.8.5/bin ./cerebro
打开http://192.168.19.180:9000/#/connect 输入:http://192.168.19.180:9200/
--------------安装kibana
sudo groupadd kibana sudo useradd -g kibana kibana
timedatectl set-timezone Asia/Shanghai
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0 systemctl disable firewalld systemctl stop firewalld
echo "vm.swappiness=1" >> /etc/sysctl.conf echo "vm.max_map_count=262144" >> /etc/sysctl.conf
vi /etc/security/limits.conf kibana soft memlock unlimited kibana hard memlock unlimited kibana - nofile 65535
reboot
mkdir /opt/efk cd /opt/efk wget https://artifacts.elastic.co/downloads/kibana/kibana-7.6.0-linux-x86_64.tar.gz tar -xzvf kibana-7.6.0-linux-x86_64.tar.gz cd kibana-7.6.0-linux-x86_64
vi config/kibana.yml server.host: 192.168.19.183 elasticsearch.hosts: ["http://192.168.19.180:9200", "http://192.168.19.181:9200", "http://192.168.19.182:9200"]
chown -R kibana:kibana /opt/efk/kibana-7.6.0-linux-x86_64 su - kibana cd /opt/efk/kibana-7.6.0-linux-x86_64 ./bin/kibana
http://192.168.19.183:5601/app/kibana
---------------k8s中安装filebeat curl -L -O https://raw.githubusercontent.com/elastic/beats/7.6/deploy/kubernetes/filebeat-kubernetes.yaml