使用脚本安装elasticsearch7.3的记录
#!/bin/sh
# https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
# remove all java
# rpm -qa | grep java | xargs rpm -e --nodeps
# rpm -qa | grep jdk | xargs rpm -e --nodeps
# rpm -qa | grep gcj | xargs rpm -e --nodeps
# check java jdk1.8
# yum list java-1.8*
# yum install java-1.8.0-openjdk* -y
yum install -y java-1.8.0-openjdk java-1.8.0-openjdk-devel
/usr/lib/jvm/java-1.8.0/bin/java -version
# install elk
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
echo -e "[elasticsearch-7.x]\nname=Elasticsearch repository for 7.x packages\nbaseurl=https://artifacts.elastic.co/packages/7.x/yum\ngpgcheck=1\ngpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch\nenabled=1\nautorefresh=1\ntype=rpm-md" > /etc/yum.repos.d/elasticsearch.repo
sudo yum install elasticsearch-7.1.1 -y
sudo yum install kibana-7.1.1 -y
sudo yum install logstash-7.1.1 -y
num=$(yum list installed | grep 'elasticsearch\.'|wc -l)
if [ $num -eq 0 ]
then
echo "Install elasticsearch failed";
break;
fi
num=$(yum list installed | grep 'kibana\.'|wc -l)
if [ $num -eq 0 ]
then
echo "Install kibana failed";
break;
fi
num=$(yum list installed | grep 'logstash\.'|wc -l)
if [ $num -eq 0 ]
then
echo "Install logstash failed";
break;
fi
# install heartbeat-7.1.1
curl -L -O https://artifacts.elastic.co/downloads/beats/heartbeat/heartbeat-7.1.1-x86_64.rpm
sudo rpm -vi heartbeat-7.1.1-x86_64.rpm
# jdk
echo "set java home path"
sed -i "s/#JAVA_HOME=/JAVA_HOME=\/usr\/lib\/jvm\/java-1.8.0\//g" /etc/sysconfig/elasticsearch
# elasticsearch
sudo chkconfig --add elasticsearch
sudo chkconfig elasticsearch on
# sudo -i service elasticsearch start
# sudo -i service elasticsearch stop
# Log files can be found in /var/log/elasticsearch/.
# vim /etc/sysconfig/elasticsearch
# https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html#rpm
# data path
read -p "set elasticsearch data path(default /data/elk/data/elasticsearch):" DATA_PATH
if [ ! -n "$DATA_PATH" ]; then
DATA_PATH=/data/elk/data/elasticsearch
fi
_DATA_PATH="${DATA_PATH//\//\\/}"
sed -i "s/^path.data:.*/path.data: $_DATA_PATH/g" /etc/elasticsearch/elasticsearch.yml
mkdir "${DATA_PATH}" -p
chown elasticsearch:elasticsearch "${DATA_PATH}" -R
# log path
read -p "set elasticsearch log path(default /data/elk/log/elasticsearch):" LOG_PATH
if [ ! -n "$LOG_PATH" ]; then
LOG_PATH=/data/elk/log/elasticsearch
fi
_LOG_PATH="${LOG_PATH//\//\\/}"
sed -i "s/^path.logs:.*/path.logs: $_LOG_PATH/g" /etc/elasticsearch/elasticsearch.yml
mkdir "${LOG_PATH}" -p
chown elasticsearch:elasticsearch "${LOG_PATH}" -R
# network host
IP_ADDR='172.0.0.1'
IP_ADDR=$(ip addr | awk '/^[0-9]+: / {}; /inet.*global/ {print gensub(/(.*)\/(.*)/, "\\1", "g", $2)}' | head -1)
sed -i "s/^#network.host:/network.host:/g" /etc/elasticsearch/elasticsearch.yml
read -p "set elasticsearch network host(default $IP_ADDR):" NETWORK_HOST
if [ ! -n "$NETWORK_HOST" ]; then
NETWORK_HOST=$IP_ADDR
fi
_NETWORK_HOST="${NETWORK_HOST//\./\\.}"
sed -i "s/^network.host:.*/network.host: $_NETWORK_HOST/g" /etc/elasticsearch/elasticsearch.yml
# #discovery.seed_hosts: ["host1", "host2"]
# [1]: the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured
sed -i "s/^#discovery.seed_hosts:/discovery.seed_hosts:/g" /etc/elasticsearch/elasticsearch.yml
sed -i "s/^discovery.seed_hosts:.*/discovery.seed_hosts: [\"$_NETWORK_HOST\"]/g" /etc/elasticsearch/elasticsearch.yml
# node name
read -p "set elasticsearch node name(default my_node):" NODE_NAME
if [ ! -n "$NODE_NAME" ]; then
NODE_NAME=my_node
fi
# #node.name: node-1
sed -i "s/^#node.name:/node.name:/g" /etc/elasticsearch/elasticsearch.yml
sed -i "s/^node.name:.*/node.name: $NODE_NAME/g" /etc/elasticsearch/elasticsearch.yml
# #cluster.initial_master_nodes: ["node-1", "node-2"]
# Cause: master_not_discovered_exception
sed -i "s/^#cluster.initial_master_nodes:/cluster.initial_master_nodes:/g" /etc/elasticsearch/elasticsearch.yml
sed -i "s/^cluster.initial_master_nodes:.*/cluster.initial_master_nodes: [\"$NODE_NAME\"]/g" /etc/elasticsearch/elasticsearch.yml
# http port
read -p "set elasticsearch http port(default 9200):" HTTP_PORT
if [ ! -n "$HTTP_PORT" ]; then
HTTP_PORT=9200
fi
sed -i "s/^#http.port:/http.port:/g" /etc/elasticsearch/elasticsearch.yml
sed -i "s/^http.port:.*/http.port: $HTTP_PORT/g" /etc/elasticsearch/elasticsearch.yml
# unable to install syscall filter:
# java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
# seccomp是linux kernel从2.6.23版本开始所支持的一种安全机制,seccomp(安全计算模式的简称)是Linux内核中的计算机安全设施。 它被合并到2005年3月8日发布的内核版本2.6.12中的Linux内核主线上。[1] seccomp允许进程单向转换为“安全”状态,除了exit(),sigreturn(),read()和write()之外,它不能对已经打开的文件描述符进行任何系统调用。如果它尝试任何其他系统调用,内核将使用SIGKILL或SIGSYS [2] [3]终止进程。 从这个意义上说,它不会虚拟化系统的资源,而是将过程与它们完全隔离开来。
sed -i 'N;s/\nbootstrap\.system_call_filter:.*//;P;D' /etc/elasticsearch/elasticsearch.yml
echo 'bootstrap.system_call_filter: false' >> /etc/elasticsearch/elasticsearch.yml
# [2] bootstrap checks failed
# [1]: max number of threads [1024] for user [elasticsearch] is too low, increase to at least [4096]
###sed -i 'N;s/\n\*.*soft.*nproc.*//;P;D' /etc/security/limits.d/90-nproc.conf
###sed -i 'N;s/\n\*.*hard.*nproc.*//;P;D' /etc/security/limits.d/90-nproc.conf
###echo '* soft nproc 4096' >> /etc/security/limits.d/90-nproc.conf
###echo '* hard nproc 4096' >> /etc/security/limits.d/90-nproc.conf
# https://www.elastic.co/guide/en/elasticsearch/reference/current/setting-system-settings.html
sed -i 'N;s/\n.*soft.*nofile.*//;P;D' /etc/security/limits.d/90-nproc.conf
echo '* soft nofile 65535' >> /etc/security/limits.d/90-nproc.conf
sed -i 'N;s/\n.*hard.*nofile.*//;P;D' /etc/security/limits.d/90-nproc.conf
echo '* hard nofile 65535' >> /etc/security/limits.d/90-nproc.conf
sed -i 'N;s/\n.*soft.*nproc.*//;P;D' /etc/security/limits.d/90-nproc.conf
echo '* soft nproc 10240' >> /etc/security/limits.d/90-nproc.conf
sed -i 'N;s/\n.*hard.*nproc.*//;P;D' /etc/security/limits.d/90-nproc.conf
echo '* hard nproc 10240' >> /etc/security/limits.d/90-nproc.conf
sed -i 'N;s/\n.*vm\.max_map_count.*//;P;D' /etc/sysctl.conf
echo 'vm.max_map_count = 655360' >> /etc/sysctl.conf
sed -i 'N;s/\n.*fs\.file-max.*//;P;D' /etc/sysctl.conf
echo 'fs.file-max = 500000' >> /etc/sysctl.conf
sysctl -p
# Starting elasticsearch: OpenJDK 64-Bit Server VM warning: If the number of processors is expected to increase from one, then you should configure the number of parallel GC threads appropriately using -XX:ParallelGCThreads=N
# 这个jdk的警告就是显示需要加CPU
# authenticate
# Enter password for [elastic, apm_system, kibana, logstash_system, beats_system, remote_monitoring_user]
# 追加配置项 xpack.security.enabled
sed -i 'N;s/\nxpack\.security\.enabled:.*//;P;D' /etc/elasticsearch/elasticsearch.yml
echo 'xpack.security.enabled: true' >> /etc/elasticsearch/elasticsearch.yml
# [1] bootstrap checks failed
# [1]: Transport SSL must be enabled if security is enabled on a [basic] license. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]
sed -i 'N;s/\n.*xpack\.security\.transport\.ssl\.enabled.*//;P;D' /etc/elasticsearch/elasticsearch.yml
echo 'xpack.security.transport.ssl.enabled: true' >> /etc/elasticsearch/elasticsearch.yml
# master not discovered or elected yet, an election requires a node with id [U-83wHEGSVKGt2acrzt8tw]
sed -i 'N;s/\n.*discovery\.zen.minimum_master_nodes.*//;P;D' /etc/elasticsearch/elasticsearch.yml
echo 'discovery.zen.minimum_master_nodes: 1' >> /etc/elasticsearch/elasticsearch.yml
service elasticsearch start
echo "Waiting for listening ......"
times=0
while :
do
num=$(netstat -an|grep $HTTP_PORT|grep LISTEN|wc -l)
if [ $num -gt 0 ]
then
echo "Listening port $HTTP_PORT succeeded";
break;
fi
# echo $num
sleep 3
declare -i times=$times+3
# echo $times
if [ $times -gt 120 ]
then echo "Listening port $HTTP_PORT failed";exit;
fi
done
echo "start to visit http://$NETWORK_HOST:$HTTP_PORT/_xpack/license/start_trial?acknowledge=true"
curl -H "Content-Type:application/json" -XPOST "http://$NETWORK_HOST:$HTTP_PORT/_xpack/license/start_trial?acknowledge=true"
/usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
# /usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto --verbose
# add user
# https://www.elastic.co/guide/en/elasticsearch/reference/current/users-command.html
# 修改密码命令如下
# curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'
# kibana
# https://www.elastic.co/guide/en/kibana/current/rpm.html
# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
# echo -e "[kibana-7.x]\nname=Kibana repository for 7.x packages\nbaseurl=https://artifacts.elastic.co/packages/7.x/yum\ngpgcheck=1\ngpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch\nenabled=1\nautorefresh=1\ntype=rpm-md" > /etc/yum.repos.d/kibana.repo
# sudo yum install kibana -y
# sudo yum install kibana-7.1.1 -y
sudo chkconfig --add kibana
sudo chkconfig kibana on
# sudo -i service kibana start
# sudo -i service kibana stop
# kibana server port
read -p "set kibana server port(default 5601):" KIBANA_SERVER_PORT
if [ ! -n "$KIBANA_SERVER_PORT" ]; then
KIBANA_SERVER_PORT=5601
fi
#server.port: 5601
sed -i "s/^#server.port:/server.port:/g" /etc/kibana/kibana.yml
sed -i "s/^server.port:.*/server.port: $KIBANA_SERVER_PORT/g" /etc/kibana/kibana.yml
#server.host: "localhost"
sed -i "s/^#server.host:/server.host:/g" /etc/kibana/kibana.yml
sed -i "s/^server.host:.*/server.host: $_NETWORK_HOST/g" /etc/kibana/kibana.yml
# kibana password
read -p "input the password of the \"kibana\" you set just now(default elastic):" KIBANA_PASSWORD
if [ ! -n "$KIBANA_PASSWORD" ]; then
KIBANA_PASSWORD=elastic
fi
#elasticsearch.username: "user"
#elasticsearch.password: "pass"
sed -i "s/^#elasticsearch.username:/elasticsearch.username:/g" /etc/kibana/kibana.yml
sed -i "s/^elasticsearch.username:.*/elasticsearch.username: \"kibana\"/g" /etc/kibana/kibana.yml
sed -i "s/^#elasticsearch.password:/elasticsearch.password:/g" /etc/kibana/kibana.yml
sed -i "s/^elasticsearch.password:.*/elasticsearch.password: \"$KIBANA_PASSWORD\"/g" /etc/kibana/kibana.yml
# The URLs of the Elasticsearch instances to use for all your queries.
#elasticsearch.hosts: ["http://localhost:9200"]
sed -i "s/^#elasticsearch.hosts:/elasticsearch.hosts:/g" /etc/kibana/kibana.yml
sed -i "s/^elasticsearch.hosts:.*/elasticsearch.hosts: [\"http:\/\/$NETWORK_HOST:$HTTP_PORT\"]/g" /etc/kibana/kibana.yml
# data path
read -p "set kibana data path(default /data/elk/data/kibana):" KIBANA_DATA_PATH
if [ ! -n "$KIBANA_DATA_PATH" ]; then
KIBANA_DATA_PATH=/data/elk/data/kibana
fi
_KIBANA_DATA_PATH="${KIBANA_DATA_PATH//\//\\/}"
sed -i "s/^path.data:.*/path.data: $_KIBANA_DATA_PATH/g" /etc/kibana/kibana.yml
mkdir "${KIBANA_DATA_PATH}" -p
chown kibana:kibana "${KIBANA_DATA_PATH}" -R
# log path
read -p "set kibana log path(default /data/elk/log/kibana):" KIBANA_LOG_PATH
if [ ! -n "$KIBANA_LOG_PATH" ]; then
KIBANA_LOG_PATH=/data/elk/log/kibana
fi
_KIBANA_LOG_PATH="${KIBANA_LOG_PATH//\//\\/}"
sed -i "s/^path.logs:.*/path.logs: $_KIBANA_LOG_PATH/g" /etc/kibana/kibana.yml
mkdir "${KIBANA_LOG_PATH}" -p
chown kibana:kibana "${KIBANA_LOG_PATH}" -R
service kibana start
echo "Waiting for listening ......"
times=0
while :
do
num=$(netstat -an|grep $KIBANA_SERVER_PORT|grep LISTEN|wc -l)
if [ $num -gt 0 ]
then
echo "Listening port $KIBANA_SERVER_PORT succeeded";
break;
fi
# echo $num
sleep 3
declare -i times=$times+3
# echo $times
if [ $times -gt 120 ]
then echo "Listening port $KIBANA_SERVER_PORT failed";exit;
fi
done
echo "http://$NETWORK_HOST:$KIBANA_SERVER_PORT"
# logstash
# https://www.elastic.co/guide/en/logstash/current/installing-logstash.html
# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
# echo -e "[logstash-7.x]\nname=Elastic repository for 7.x packages\nbaseurl=https://artifacts.elastic.co/packages/7.x/yum\ngpgcheck=1\ngpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch\nenabled=1\nautorefresh=1\ntype=rpm-md" > /etc/yum.repos.d/logstash.repo
# sudo yum install logstash-7.1.1 -y
###sudo initctl start logstash
# The auto-generated configuration file for upstart systems is /etc/init/logstash.conf.
# data path
read -p "set logstash data path(default /data/elk/data/logstash):" LOGSTASH_DATA_PATH
if [ ! -n "$LOGSTASH_DATA_PATH" ]; then
LOGSTASH_DATA_PATH=/data/elk/data/logstash
fi
_KIBANA_DATA_PATH="${LOGSTASH_DATA_PATH//\//\\/}"
sed -i "s/^path.data:.*/path.data: $_KIBANA_DATA_PATH/g" /etc/logstash/logstash.yml
mkdir "${LOGSTASH_DATA_PATH}" -p
chown logstash:logstash "${LOGSTASH_DATA_PATH}" -R
# log path
read -p "set logstash log path(default /data/elk/log/logstash):" LOGSTASH_LOG_PATH
if [ ! -n "$LOGSTASH_LOG_PATH" ]; then
LOGSTASH_LOG_PATH=/data/elk/log/logstash
fi
_LOGSTASH_LOG_PATH="${LOGSTASH_LOG_PATH//\//\\/}"
sed -i "s/^path.logs:.*/path.logs: $_LOGSTASH_LOG_PATH/g" /etc/logstash/logstash.yml
mkdir "${LOGSTASH_LOG_PATH}" -p
chown logstash:logstash "${LOGSTASH_LOG_PATH}" -R
# #xpack.monitoring.enabled: false
sed -i "s/^#xpack.monitoring.enabled:/xpack.monitoring.enabled:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.monitoring.enabled:.*/xpack.monitoring.enabled: true/g" /etc/logstash/logstash.yml
# logstash password
read -p "input the password of \"logstash_system\" you set just now(default elastic):" LOGSTASH_SYSTEM_PASSWORD
if [ ! -n "$LOGSTASH_SYSTEM_PASSWORD" ]; then
LOGSTASH_SYSTEM_PASSWORD=elastic
fi
# #xpack.monitoring.elasticsearch.username: logstash_system
# #xpack.monitoring.elasticsearch.password: password
sed -i "s/^#xpack.monitoring.elasticsearch.username:/xpack.monitoring.elasticsearch.username:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.monitoring.elasticsearch.username:.*/xpack.monitoring.elasticsearch.username: \"logstash_system\"/g" /etc/logstash/logstash.yml
sed -i "s/^#xpack.monitoring.elasticsearch.password:/xpack.monitoring.elasticsearch.password:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.monitoring.elasticsearch.password:.*/xpack.monitoring.elasticsearch.password: \"$LOGSTASH_SYSTEM_PASSWORD\"/g" /etc/logstash/logstash.yml
# #xpack.monitoring.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
sed -i "s/^#xpack.monitoring.elasticsearch.hosts:/xpack.monitoring.elasticsearch.hosts:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.monitoring.elasticsearch.hosts:.*/xpack.monitoring.elasticsearch.hosts: [\"http:\/\/$NETWORK_HOST:$HTTP_PORT\"]/g" /etc/logstash/logstash.yml
#xpack.monitoring.collection.interval: 10s
sed -i "s/^#xpack.monitoring.collection.interval:/xpack.monitoring.collection.interval:/g" /etc/logstash/logstash.yml
#xpack.monitoring.collection.pipeline.details.enabled: true
sed -i "s/^#xpack.monitoring.collection.pipeline.details.enabled:/xpack.monitoring.collection.pipeline.details.enabled:/g" /etc/logstash/logstash.yml
#xpack.management.enabled: false
sed -i "s/^#xpack.management.enabled:/xpack.management.enabled:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.management.enabled:.*/xpack.management.enabled: true/g" /etc/logstash/logstash.yml
#xpack.management.pipeline.id: ["main", "apache_logs"]
sed -i "s/^#xpack.management.pipeline.id:/xpack.management.pipeline.id:/g" /etc/logstash/logstash.yml
#xpack.management.elasticsearch.username: logstash_admin_user
#xpack.management.elasticsearch.password: password
sed -i "s/^#xpack.management.elasticsearch.username:/xpack.management.elasticsearch.username:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.management.elasticsearch.username:.*/xpack.management.elasticsearch.username: \"logstash_system\"/g" /etc/logstash/logstash.yml
sed -i "s/^#xpack.management.elasticsearch.password:/xpack.management.elasticsearch.password:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.management.elasticsearch.password:.*/xpack.management.elasticsearch.password: \"$LOGSTASH_SYSTEM_PASSWORD\"/g" /etc/logstash/logstash.yml
#xpack.management.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
sed -i "s/^#xpack.management.elasticsearch.hosts:/xpack.management.elasticsearch.hosts:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.management.elasticsearch.hosts:.*/xpack.management.elasticsearch.hosts: [\"http:\/\/$NETWORK_HOST:$HTTP_PORT\"]/g" /etc/logstash/logstash.yml
#xpack.management.elasticsearch.sniffing: false
sed -i "s/^#xpack.management.elasticsearch.sniffing:/xpack.management.elasticsearch.sniffing:/g" /etc/logstash/logstash.yml
sed -i "s/^xpack.management.elasticsearch.sniffing:.*/xpack.management.elasticsearch.sniffing: true/g" /etc/logstash/logstash.yml
#xpack.management.logstash.poll_interval: 5s
sed -i "s/^#xpack.management.logstash.poll_interval:/xpack.management.logstash.poll_interval:/g" /etc/logstash/logstash.yml
# heartbeat-7.1.1
# curl -L -O https://artifacts.elastic.co/downloads/beats/heartbeat/heartbeat-7.1.1-x86_64.rpm
# sudo rpm -vi heartbeat-7.1.1-x86_64.rpm
sudo chkconfig heartbeat-elastic on
# urls: ["http://localhost:9200"]
sed -i "s/^\s*urls: \[\".*\"\]/ urls: [\"http:\/\/$NETWORK_HOST:$HTTP_PORT\"]/g" /etc/heartbeat/heartbeat.yml
# #host: "localhost:5601"
sed -i "s/^\s*#host:/ host:/g" /etc/heartbeat/heartbeat.yml
sed -i "s/^\s*host: \".*\"/ host: \"$NETWORK_HOST:$KIBANA_SERVER_PORT\"/g" /etc/heartbeat/heartbeat.yml
# hosts: ["localhost:9200"]
sed -i "s/^\s*hosts: \[\".*\"\]/ hosts: [\"$NETWORK_HOST:$HTTP_PORT\"]/g" /etc/heartbeat/heartbeat.yml
# beats_system password
read -p "input the password of the \"beats_system\" you set just now(default elastic):" BEATS_SYSTEM_PASSWORD
if [ ! -n "$BEATS_SYSTEM_PASSWORD" ]; then
BEATS_SYSTEM_PASSWORD=elastic
fi
# #username: "elastic"
# #password: "changeme"
sed -i "s/^\s*#username: \".*\"/ username: \"beats_system\"/g" /etc/heartbeat/heartbeat.yml
sed -i "s/^\s*#password:/ password:/g" /etc/heartbeat/heartbeat.yml
sed -i "s/^\s*password: \".*\"/ password: \"$BEATS_SYSTEM_PASSWORD\"/g" /etc/heartbeat/heartbeat.yml
##xpack.monitoring.enabled: false
sed -i "s/^#xpack.monitoring.enabled:/xpack.monitoring.enabled:/g" /etc/heartbeat/heartbeat.yml
cp /etc/heartbeat/monitors.d/sample.http.yml.disabled /etc/heartbeat/monitors.d/http.yml
sed -i "s/^\s*urls: \[\".*\"\]/ urls: [\"http:\/\/$NETWORK_HOST:$HTTP_PORT\"]/g" /etc/heartbeat/monitors.d/http.yml
# #username: ''
# #password: ''
sed -i "s/^\s*#username:.*/ username: \"beats_system\"/g" /etc/heartbeat/monitors.d/http.yml
sed -i "s/^\s*#password:.*/ password: \"$BEATS_SYSTEM_PASSWORD\"/g" /etc/heartbeat/monitors.d/http.yml
sed -i "s/^xpack.monitoring.enabled:.*/xpack.monitoring.enabled: true/g" /etc/heartbeat/heartbeat.yml
sudo service heartbeat-elastic start
# elasticsearch的CPU居高不下的问题
# https://www.cnblogs.com/mhSui/p/10697515.html
# http://zoufeng.net/2018/07/16/cpu-of-elasticsearch-high-search-slow/
# https://www.cnblogs.com/andayhou/p/9476477.html
# 内存、cpu过高,编辑/etc/elasticsearch/jvm.options,调整Xms和Xmx的大小,官方建议这个值不要超过物理内存的50%,也不要超过32G
## 注释掉原来的配置
## GC configuration
##-XX:+UseConcMarkSweepGC
##-XX:CMSInitiatingOccupancyFraction=75
##-XX:+UseCMSInitiatingOccupancyOnly
## 更新为
# -XX:+UseG1GC
# -XX:MaxGCPauseMillis=50
##修改
#-Xms6g
#-Xms6g
# 请求数检查
# netstat -nt | awk '{wait[$NF]++}END{for(i in wait) print i,wait[i]}'
# ---------------------------------------------------------------------------
#http://192.168.28.130:9200/_cluster/allocation/explain
#http://192.168.28.130:9200/_cat/shards
# 清除未分配的切片
#curl -H "Content-Type: application/json" -XPUT '192.168.28.130:9200/_settings' -d '
#{
# "index" : {
# "number_of_replicas" : 0
# }
#}' -u elastic:elastic
#
# 修改密码
[root@spyzie-DB1:/usr/local/worksh]# /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
centos6的kibana7.1无法启动报错 FATAL Error: /lib64/libc.so.6: version `GLIBC_2.14' not found 升级glibc的问题处理
系统:centos6.10_x86_64
# kibana启动不了,报错:[root@:~]# tail -f /var/log/kibana/kibana.stderr
FATAL Error: /lib64/libc.so.6: version `GLIBC_2.14' not found (required by /usr/share/kibana/node_modules/@elastic/nodegit/build/Release/nodegit.node)
解决办法:升级glibc到2.17
1.原先的系统glibc库的版本是2.12,需要升级到2.17版本
root@server1 [/home/yt_opsadmin/node-v12.13.0-linux-x64]# strings /lib64/libc.so.6 | grep GLIBC
GLIBC_2.2.5
GLIBC_2.2.6
GLIBC_2.3
GLIBC_2.3.2
GLIBC_2.3.3
GLIBC_2.3.4
GLIBC_2.4
GLIBC_2.5
GLIBC_2.6
GLIBC_2.7
GLIBC_2.8
GLIBC_2.9
GLIBC_2.10
GLIBC_2.11
GLIBC_2.12
GLIBC_PRIVATE
wget http://ftp.gnu.org/gnu/glibc/glibc-2.17.tar.gz
2.编译
# 编译时间较长,开启screen避免编译中断
# screen -S glibc
# tar -xf glibc-2.17.tar.gz
# cd glibc-2.17
# mkdir build
# cd build
# 预编译
# ../configure --prefix=/usr --disable-profile --enable-add-ons --with-headers=/usr/include --with-binutils=/usr/bin
# 多线程编译,加快编译速度
# make -j 4
# make install
[root@:~]# strings /lib64/libc.so.6 | grep GLIBC
GLIBC_2.2.5
GLIBC_2.2.6
GLIBC_2.3
GLIBC_2.3.2
GLIBC_2.3.3
GLIBC_2.3.4
GLIBC_2.4
GLIBC_2.5
GLIBC_2.6
GLIBC_2.7
GLIBC_2.8
GLIBC_2.9
GLIBC_2.10
GLIBC_2.11
GLIBC_2.12
GLIBC_2.13
GLIBC_2.14
GLIBC_2.15
GLIBC_2.16
GLIBC_2.17
GLIBC_PRIVATE
[root@spyzie-DB1:~]# ldd --version
ldd (GNU libc) 2.17
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.
