一.准備環境
1.1.1 關閉防火牆和Selinux
1.1.2 各服務器配置本地域名解析(准備兩台機器即可)
[root@Centos-node6 tools]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.10.137 Centos-node1 192.168.10.138 Centos-node2 192.168.10.139 Centos-node3 192.168.10.140 Centos-node4 192.168.10.141 Centos-node5 192.168.10.142 Centos-node6
1.1.3 安裝Java jdk確保jdk在1.8版本
[root@Centos-node6 ~]# yum -y install java-1.8.0-openjdk-devel [root@Centos-node6 ~]# java -version openjdk version "1.8.0_181" OpenJDK Runtime Environment (build 1.8.0_181-b13) OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode)
1.1.4 創建文件夾
[root@Centos-node5 ~]# mkdir /tools [root@Centos-node5 ~]# mkdir /elk/{data,logs} -p
二 安裝elasticsearch
1.1.1 下載 elasticsearch
cd /tools
[root@Centos-node5 tools]# curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.3.2.rpm
1.1.2 安裝 elasticsearch
[root@Centos-node5 tools]# yum install elasticsearch-6.3.2.rpm
三 配置
1.1.1 配置集群名稱同一個集群內名稱統一
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml
cluster.name: my_elk
1.1.2 配置node節點名稱節點名稱唯一
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml node.name: elk_node-1
1.1.3 配置data 和log目錄
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml path.data: /elk/data path.logs: /elk/logs
1.1.4 配置監聽地址 0.0.0.0 也可
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml network.host: 192.168.10.141
1.1.5 配置 端口默認9200
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml http.port: 9200
1.1.6 配置節點信息(想要組建集群的話就需要在這指定要發現的節點信息 注:端口不是默認端口要指定端口)
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml discovery.zen.ping.unicast.hosts: ["192.168.10.141", "192.168.10.142"]
1.1.7 配置內存鎖定 服務啟動的時候鎖定足夠的內存,防止數據寫入swap
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml bootstrap.memory_lock: true
1.1.8 修改內存限制(不要追加在文件尾部追加推薦LimitNOFILE=65536下面)
[root@Centos-node5 ~]# vim /usr/lib/systemd/system/elasticsearch.service
LimitMEMLOCK=infinity
1.1.9 修改內存限制(默認最大最小限制為1g 官網推薦32g內)
[root@Centos-node5 ~]# vim /etc/elasticsearch/jvm.options -Xms2g -Xmx2g
1.2.0 修改目錄屬主
[root@Centos-node5 ~]# chown -R elasticsearch. /elk [root@Centos-node5 ~]# ll /elk/ 總用量 0 drwxr-xr-x 2 elasticsearch elasticsearch 6 8月 2 21:30 data drwxr-xr-x 2 elasticsearch elasticsearch 6 8月 2 21:30 logs
四 啟動 elasticsearch
1.1.1 啟動
加入開機自啟動
[root@Centos-node5 ~]# systemctl enable elasticsearch.service
Created symlink from /etc/systemd/system/multi-user.target.wants/elasticsearch.service to /usr/lib/systemd/system/elasticsearch.service.
啟動
[root@Centos-node5 ~]# systemctl start elasticsearch.service
1.1.2 驗證
systemctl 驗證(不准確)
[root@Centos-node5 ~]# systemctl status elasticsearch.service ● elasticsearch.service - Elasticsearch Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; vendor preset: disabled) Active: active (running) since 五 2018-08-03 21:05:41 CST; 1min 11s ago Docs: http://www.elastic.co Main PID: 14118 (java) CGroup: /system.slice/elasticsearch.service ├─14118 /bin/java -Xms3g -Xmx3g -XX:+UseConcMarkSweepG... └─14172 /usr/share/elasticsearch/modules/x-pack/x-pack... 8月 03 21:05:41 Centos-node5 systemd[1]: Started Elasticsearch. 8月 03 21:05:41 Centos-node5 systemd[1]: Starting Elasticsearch... Hint: Some lines were ellipsized, use -l to show in full.
查看日志
[root@Centos-node5 ~]# tail -f /elk/logs/my_elk.log
瀏覽器驗證
