修改系统参数
sysctl -w vm.max_map_count=262144
或者
vi /etc/sysctl.conf 添加 :vm.max_map_count=262144 sysctl -p 后重启es
此参数是elasticsearch需要修改的值,如果不修改,在生产模式下elasticsearch会启动失败。官方说明如下:
使用docker-compose安装elasticsearch+kibana
mkdir -p /es/data01 data02
chmod 777 -R /es
vim /es/docker-compose.yml
version: '2.2'
services:
es01:
image: elasticsearch:7.5.1
container_name: es01
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es02
- cluster.initial_master_nodes=es01,es02
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- /es/data01:/usr/share/elasticsearch/data
ports:
- 9200:9200
networks:
- elastic
es02:
image: elasticsearch:7.5.1
container_name: es02
environment:
- node.name=es02
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es01
- cluster.initial_master_nodes=es01,es02
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- /es/data02:/usr/share/elasticsearch/data
networks:
- elastic
kibana:
image: kibana:7.5.1
container_name: kibana
restart: always
ports:
- "5601:5601"
environment:
I18N_LOCALE: zh-CN #汉化
networks:
- elastic
links:
- es01:elasticsearch
volumes:
data01:
driver: local
data02:
driver: local
networks:
elastic:
driver: bridge
此处安装的elasticsearch已经默认集成了ik中文分词器。
注意:一定要修改esdata1和esdata2的权限,否则启动elasticsearch会报错。主要是由于启动elasticsearch
并非是以root用户启动的,所以如果esdata1和esdata2是root账户创建,会没有写入权限。
安装
Docker-compose up -d
Elasticsearch的api端口是9200,elasticsearch2的api端口是9201
Kibana默认对外的端口是5601
参考:
https://blog.csdn.net/maquealone/article/details/89417257
多机多节点分布式集群7.5.1
192.168.1.194
192.168.1.195
192.168.1.198
192.168.1.194
mkdir /data/elasticsearch/data/node1 -p mkdir /data/elasticsearch/logs/node1 -p chmod 777 -R /data
es01.yml
version: '3.4' services: elasticsearch_node1: network_mode: host image: elasticsearch:7.5.1 container_name: elasticsearch_node1 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node1 - node.master=true - node.data=true - http.port:9200 - transport.tcp.port:9300 - bootstrap.memory_lock=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin=* - cluster.initial_master_nodes=node1 - "ES_JAVA_OPTS=-Xms5102m -Xmx5102m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.zen.ping.unicast.hosts=192.168.1.194,192.168.1.195,192.168.1.198 - "discovery.zen.minimum_master_nodes=2" - discovery.zen.ping_timeout=120s - client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.194 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node1:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node1:/usr/share/elasticsearch/logs ports: - 9200:9200 - 9300:9300 kibana: network_mode: host image: kibana:7.5.1 container_name: kibana ports: - 5601:5601 volumes: - /etc/localtime:/etc/localtime - /opt/kibana.yml:/usr/share/kibana/config/kibana.yml:rw depends_on: - elasticsearch_node1
kibana.yml
## ** THIS IS AN AUTO-GENERATED FILE ** ## # # # Default Kibana configuration for docker target server.name: kibana server.host: "0.0.0.0" #这里写你的es第一个node的地址 elasticsearch.hosts: [ "http://192.168.1.194:9200"] xpack.monitoring.ui.container.elasticsearch.enabled: false xpack.security.enabled: true i18n.locale: zh-CN
192.168.1.195
mkdir /data/elasticsearch/data/node2 -p mkdir /data/elasticsearch/logs/node2 -p
chmod 777 -R /data/
es02.yml
version: '3' services: elasticsearch_node2: network_mode: host image: elasticsearch:7.5.1 container_name: elasticsearch_node1 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node2 - node.master=true - node.data=true - http.port:9200 - transport.tcp.port:9300 - bootstrap.memory_lock=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin=* - discovery.seed_hosts=["192.168.1.194:9300","192.168.1.195:9300","192.168.1.198:9300"] - cluster.initial_master_nodes=node1,node2,node3 - "ES_JAVA_OPTS=-Xms5120m -Xmx5120m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.zen.ping.unicast.hosts:["192.168.1.194:9300","192.168.1.195:9300","192.168.1.198:9300"] - discovery.zen.minimum_master_nodes:2 - discovery.zen.ping_timeout=120s - client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.195 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node2:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node2:/usr/share/elasticsearch/logs ports: - 9200:9200 - 9300:9300
192.168.1.198
mkdir /data/elasticsearch/data/node3 -p mkdir /data/elasticsearch/logs/node3 -p chmod 777 -R /data/
es03.yml
version: '3' services: elasticsearch_node3: network_mode: host image: elasticsearch:7.5.1 container_name: elasticsearch_node3 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node3 - node.master=true - node.data=true - http.port:9200 - transport.tcp.port:9300 - bootstrap.memory_lock=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin=* - cluster.initial_master_nodes=node1 - "ES_JAVA_OPTS=-Xms5120m -Xmx5120m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.zen.ping.unicast.hosts=192.168.1.194,192.168.1.195,192.168.1.198 - "discovery.zen.minimum_master_nodes=2" - discovery.zen.ping_timeout=120s - client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.198 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node3:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node3:/usr/share/elasticsearch/logs ports: - 9200:9200 - 9300:9300
http://122.226.100.194:9200/_cat/health?v http://122.226.100.194:9200/_cat/nodes?v http://122.226.100.194:9200/_cluster/stats?pretty
测试,把192.168.1.194 节点关掉
http://122.226.100.195:9200/_cat/nodes?v
启动194节点,过一会
kibana
使用Nginx为Elasticsearch集群做负载均衡及安全控制
安装htpasswd,如果没有,则手动安装
yum install -y httpd-tools
生成/opt/htpasswd文件,用户命名密码文件
htpasswd -b -c htpasswd admin 123456
nginx配置代理
es-cluster.conf
upstream es-cluster.xx.com{ ip_hash; server 192.168.1.194:9200 max_fails=2 fail_timeout=2s; server 192.168.1.195:9200 max_fails=2 fail_timeout=2s; server 192.168.1.198:9200 max_fails=2 fail_timeout=2s; keepalive 3000; } server { listen 80; server_name es-cluster.xx.com; access_log /var/log/nginx/es-cluster.xx.com.access.log; error_log /var/log/nginx/es-cluster.xx.com.error.log; location / { proxy_pass http://es-cluster.xx.com; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_basic "login"; auth_basic_user_file /opt/htpasswd; } }
kibana 用户密码登录和上面一样
定时清理ES文件
https://blog.csdn.net/u014526891/article/details/102919650
参考:
https://www.cnblogs.com/xiaofengxzzf/p/12580438.html
https://segmentfault.com/a/1190000018606414
https://www.cnblogs.com/dalianpai/p/12701635.html
https://blog.csdn.net/qq_38011415/article/details/111129089
https://priesttomb.github.io/%E6%96%B9%E6%A1%88%E8%AE%BE%E8%AE%A1%E5%AE%9E%E8%B7%B5/2019/06/22/elasticsearch_with_nginx_auth_basic/
https://www.cnblogs.com/qinsilandiao/p/13634957.html
多机多节点分布式集群7.15.0(带有账户、权限管理功能)
node1
elasticsearch_node1.yml
version: '3.4' services: elasticsearch_node1: network_mode: host image: docker.elastic.co/elasticsearch/elasticsearch:7.15.0 container_name: elasticsearch_node1 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node1 - node.master=true - node.data=true - http.port:9200 - transport.tcp.port:9300 - TZ=Asia/Shanghai - bootstrap.memory_lock=true - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.keystore.type=PKCS12 - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.type=PKCS12 - xpack.security.audit.enabled=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin=* - cluster.initial_master_nodes=node1 - "ES_JAVA_OPTS=-Xms512m -Xmx512m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.zen.ping.unicast.hosts=192.168.1.194,192.168.1.195,192.168.1.198 - "discovery.zen.minimum_master_nodes=2" - discovery.zen.ping_timeout=120s - client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.194 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node1:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node1:/usr/share/elasticsearch/logs - /data/elasticsearch/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 ports: - 9200:9200 - 9300:9300 kibana: network_mode: host image: docker.elastic.co/kibana/kibana:7.15.0 container_name: kibana restart: always ports: - 5601:5601 volumes: - /etc/localtime:/etc/localtime - /opt/kibana.yml:/usr/share/kibana/config/kibana.yml:rw depends_on: - elasticsearch_node1
kibana.yml
# ## ** THIS IS AN AUTO-GENERATED FILE ** ## # # # Default Kibana configuration for docker target server.name: kibana server.host: "0.0.0.0" #这里写你的es第一个node的地址 elasticsearch.hosts: [ "http://192.168.1.194:9200"] xpack.monitoring.ui.container.elasticsearch.enabled: true xpack.security.enabled: true elasticsearch.username: "elastic" ####我提前设置好了,可以在ES自动创建完密码之后再创建kibana elasticsearch.password: "xxxxxo0juNJr6O" ##### i18n.locale: zh-CN
node2
elasticsearch_node2.yml
version: '3.4' services: elasticsearch_node2: network_mode: host image: docker.elastic.co/elasticsearch/elasticsearch:7.15.0 container_name: elasticsearch_node2 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node2 - node.master=true - node.data=true - http.port:9200 - transport.tcp.port:9300 - TZ=Asia/Shanghai - bootstrap.memory_lock=true - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.keystore.type=PKCS12 - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.type=PKCS12 - xpack.security.audit.enabled=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin=* - cluster.initial_master_nodes=node1 - "ES_JAVA_OPTS=-Xms5102m -Xmx5102m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.zen.ping.unicast.hosts=192.168.1.194,192.168.1.195,192.168.1.198 - "discovery.zen.minimum_master_nodes=2" - discovery.zen.ping_timeout=120s - client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.195 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node1:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node1:/usr/share/elasticsearch/logs - /data/elasticsearch/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 ports: - 9200:9200 - 9300:9300
node3
elasticsearch_node3.yml
version: '3.4' services: elasticsearch_node3: network_mode: host image: docker.elastic.co/elasticsearch/elasticsearch:7.15.0 container_name: elasticsearch_node3 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node3 - node.master=true - node.data=true - http.port:9200 - transport.tcp.port:9300 - TZ=Asia/Shanghai - bootstrap.memory_lock=true - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.keystore.type=PKCS12 - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.type=PKCS12 - xpack.security.audit.enabled=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin=* - cluster.initial_master_nodes=node1 - "ES_JAVA_OPTS=-Xms5102m -Xmx5102m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.zen.ping.unicast.hosts=192.168.1.194,192.168.1.195,192.168.1.198 - "discovery.zen.minimum_master_nodes=2" - discovery.zen.ping_timeout=120s - client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.198 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node1:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node1:/usr/share/elasticsearch/logs - /data/elasticsearch/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 ports: - 9200:9200 - 9300:9300
1、生成证书elastic-certificates.p12
es提供了生成证书的工具elasticsearch-certutil,我们可以在docker实例中生成它,然后复制出来,后面统一使用。(以后别的环境也可以使用)
docker run -dit --name=es elasticsearch:7.15.0 /bin/bash
docker exec -it es /bin/bash
生成ca: elastic-stack-ca.p12
[root@25dee1848942 elasticsearch]# ./bin/elasticsearch-certutil ca This tool assists you in the generation of X.509 certificates and certificate signing requests for use with SSL/TLS in the Elastic stack. The 'ca' mode generates a new 'certificate authority' This will create a new X.509 certificate and private key that can be used to sign certificate when running in 'cert' mode. Use the 'ca-dn' option if you wish to configure the 'distinguished name' of the certificate authority By default the 'ca' mode produces a single PKCS#12 output file which holds: * The CA certificate * The CA's private key If you elect to generate PEM format certificates (the -pem option), then the output will be a zip file containing individual files for the CA certificate and private key Please enter the desired output file [elastic-stack-ca.p12]: Enter password for elastic-stack-ca.p12 :
再生成cert: elastic-certificates.p12
[root@25dee1848942 elasticsearch]# ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 This tool assists you in the generation of X.509 certificates and certificate signing requests for use with SSL/TLS in the Elastic stack. The 'cert' mode generates X.509 certificate and private keys.
复制出证书到各个节点的/data/elasticsearch/目录,并赋予777权限
删除刚才创建的es容器
docker stop es docker rm es
2、生成密码es密码
启动es集群,在各个节点
docker-compose -f elasticsearch_node1.yml up -d
docker-compose -f elasticsearch_node2.yml up -d
docker-compose -f elasticsearch_node3.yml up -d
进入elasticsearch_node1容器
docker exec -it elasticsearch_node1 /bin/sh
生成密码用auto, 自己设置用 interactive
[root@cfeeab4bb0eb elasticsearch]# ./bin/elasticsearch-setup-passwords -h Sets the passwords for reserved users Commands -------- auto - Uses randomly generated passwords interactive - Uses passwords entered by a user Non-option arguments: command Option Description ------ ----------- -E <KeyValuePair> Configure a setting -h, --help Show help -s, --silent Show minimal output -v, --verbose Show verbose output [root@cfeeab4bb0eb elasticsearch]# ./bin/elasticsearch-setup-passwords auto Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user. The passwords will be randomly generated and printed to the console. Please confirm that you would like to continue [y/N]y Changed password for user apm_system PASSWORD apm_system = xxx Changed password for user kibana PASSWORD kibana = xxxx Changed password for user logstash_system PASSWORD logstash_system = xxx Changed password for user beats_system PASSWORD beats_system = xxx Changed password for user remote_monitoring_user PASSWORD remote_monitoring_user = xxx Changed password for user elastic PASSWORD elastic = xxxx
使用elastic账户登录ES和kibana
3、metricbeat监控
node1
curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-7.15.0-linux-x86_64.tar.gz tar xzvf metricbeat-7.15.0-linux-x86_64.tar.gz mv metricbeat-7.15.0-linux-x86_64 metricbeat-7.15.0 cd metricbeat-7.15.0
vi -b metricbeat.yml
###################### Metricbeat Configuration Example ####################### # This file is an example configuration file highlighting only the most common # options. The metricbeat.reference.yml file from the same directory contains all the # supported options with more comments. You can use it as a reference. # # You can find the full configuration reference here: # https://www.elastic.co/guide/en/beats/metricbeat/index.html # =========================== Modules configuration ============================ metricbeat.config.modules: # Glob pattern for configuration loading path: ${path.config}/modules.d/*.yml # Set to true to enable config reloading reload.enabled: false # Period on which files under path should be checked for changes #reload.period: 10s # ======================= Elasticsearch template setting ======================= setup.template.settings: index.number_of_shards: 1 index.codec: best_compression #_source.enabled: false # ================================== General =================================== # The name of the shipper that publishes the network data. It can be used to group # all the transactions sent by a single shipper in the web interface. #name: # The tags of the shipper are included in their own field with each # transaction published. #tags: ["service-X", "web-tier"] # Optional fields that you can specify to add additional information to the # output. #fields: # env: staging # ================================= Dashboards ================================= # These settings control loading the sample dashboards to the Kibana index. Loading # the dashboards is disabled by default and can be enabled either by setting the # options here or by using the `setup` command. setup.dashboards.enabled: true # The URL from where to download the dashboards archive. By default this URL # has a value which is computed based on the Beat name and version. For released # versions, this URL points to the dashboard archive on the artifacts.elastic.co # website. #setup.dashboards.url: # =================================== Kibana =================================== # Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. # This requires a Kibana endpoint configuration. setup.kibana: # Kibana Host # Scheme and port can be left out and will be set to the default (http and 5601) # In case you specify and additional path, the scheme is required: http://localhost:5601/path # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601 host: "192.168.1.194:5601" # Kibana Space ID # ID of the Kibana Space into which the dashboards should be loaded. By default, # the Default Space will be used. #space.id: # =============================== Elastic Cloud ================================ # These settings simplify using Metricbeat with the Elastic Cloud (https://cloud.elastic.co/). # The cloud.id setting overwrites the `output.elasticsearch.hosts` and # `setup.kibana.host` options. # You can find the `cloud.id` in the Elastic Cloud web UI. #cloud.id: # The cloud.auth setting overwrites the `output.elasticsearch.username` and # `output.elasticsearch.password` settings. The format is `<user>:<pass>`. #cloud.auth: # ================================== Outputs =================================== # Configure what output to use when sending the data collected by the beat. # ---------------------------- Elasticsearch Output ---------------------------- output.elasticsearch: # Array of hosts to connect to. hosts: ["192.168.1.194:9200"] # Protocol - either `http` (default) or `https`. #protocol: "https" # Authentication credentials - either API key or username/password. #api_key: "id:api_key" username: "elastic" password: "xxxx" # ------------------------------ Logstash Output ------------------------------- #output.logstash: # The Logstash hosts #hosts: ["localhost:5044"] # Optional SSL. By default is off. # List of root certificates for HTTPS server verifications #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] # Certificate for SSL client authentication #ssl.certificate: "/etc/pki/client/cert.pem" # Client Certificate Key #ssl.key: "/etc/pki/client/cert.key" # ================================= Processors ================================= # Configure processors to enhance or manipulate events generated by the beat. processors: - add_host_metadata: ~ - add_cloud_metadata: ~ - add_docker_metadata: ~ - add_kubernetes_metadata: ~ # ================================== Logging =================================== # Sets log level. The default log level is info. # Available log levels are: error, warning, info, debug #logging.level: debug # At debug level, you can selectively enable logging only for some components. # To enable all selectors use ["*"]. Examples of other selectors are "beat", # "publisher", "service". #logging.selectors: ["*"] # ============================= X-Pack Monitoring ============================== # Metricbeat can export internal metrics to a central Elasticsearch monitoring # cluster. This requires xpack monitoring to be enabled in Elasticsearch. The # reporting is disabled by default. # Set to true to enable the monitoring reporter. #monitoring.enabled: false # Sets the UUID of the Elasticsearch cluster under which monitoring data for this # Metricbeat instance will appear in the Stack Monitoring UI. If output.elasticsearch # is enabled, the UUID is derived from the Elasticsearch cluster referenced by output.elasticsearch. #monitoring.cluster_uuid: # Uncomment to send the metrics to Elasticsearch. Most settings from the # Elasticsearch output are accepted here as well. # Note that the settings should point to your Elasticsearch *monitoring* cluster. # Any setting that is not set is automatically inherited from the Elasticsearch # output configuration, so if you have the Elasticsearch output configured such # that it is pointing to your Elasticsearch monitoring cluster, you can simply # uncomment the following line. #monitoring.elasticsearch: # ============================== Instrumentation =============================== # Instrumentation support for the metricbeat. #instrumentation: # Set to true to enable instrumentation of metricbeat. #enabled: false # Environment in which metricbeat is running on (eg: staging, production, etc.) #environment: "" # APM Server hosts to report instrumentation results to. #hosts: # - http://localhost:8200 # API Key for the APM Server(s). # If api_key is set then secret_token will be ignored. #api_key: # Secret token for the APM Server(s). #secret_token: # ================================= Migration ================================== # This allows to enable 6.7 migration aliases #migration.6_to_7.enabled: true
./metricbeat modules enable elasticsearch-xpack ./metricbeat modules enable kibana ./metricbeat modules enable system ./metricbeat setup
后台运行metricbeat
nohup /opt/metricbeat-7.15.0/metricbeat -c /opt/metricbeat-7.15.0/metricbeat.yml -d "publish" & > nohup.out
其他节点自行修改
查看堆栈检测的监控,开启“内部检测”
参考:
https://www.zhangshengrong.com/p/On1vqW2JXy/
https://gobea.cn/blog/detail/KodEdv6b.html
监控后台运行
https://blog.csdn.net/weixin_41905537/article/details/103404153