首页 > 其他 > 详细

ELK 7.12搭建

时间:2021-06-08 17:06:41      阅读:35      评论:0      收藏:0      [点我收藏+]

环境准备:Centos7.6

包准备:

elasticsearch-7.12.0-x86_64.rpm jdk-8u181-linux-x64.rpm kibana-7.12.0-x86_64.rpm logstash-7.12.0-x86_64.rpm

1.安装jdk

[root@localhost ~]# rpm -ivh jdk-8u181-linux-x64.rpm
warning: jdk-8u181-linux-x64.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:jdk1.8-2000:1.8.0_181-fcs ################################# [100%]
Unpacking JAR files...
tools.jar...
plugin.jar...
javaws.jar...
deploy.jar...
rt.jar...
jsse.jar...
charsets.jar...
localedata.jar...
[root@localhost ~]# java -version
java version "1.8.0_181"
Java(TM) SE Runtime Environment (build 1.8.0_181-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode)

2.安装 ELK

[root@localhost ~]# rpm -ivh elasticsearch-7.12.0-x86_64.rpm
warning: elasticsearch-7.12.0-x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID d88e42b4: NOKEY
Preparing... ################################# [100%]
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Updating / installing...
1:elasticsearch-0:7.12.0-1 ################################# [100%]
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
Created elasticsearch keystore in /etc/elasticsearch/elasticsearch.keystore
[root@localhost ~]# rpm -ivh logstash-7.12.0-x86_64.rpm
warning: logstash-7.12.0-x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID d88e42b4: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:logstash-1:7.12.0-1 ################################# [100%]
Using bundled JDK: /usr/share/logstash/jdk
Using provided startup.options file: /etc/logstash/startup.options
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/pleaserun-0.0.31/lib/pleaserun/platform/base.rb:112: warning: constant ::Fixnum is deprecated
Successfully created system startup script for Logstash
[root@localhost ~]# rpm -ivh kibana-7.12.0-x86_64.rpm
warning: kibana-7.12.0-x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID d88e42b4: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:kibana-7.12.0-1 ################################# [100%]
Creating kibana group... OK
Creating kibana user... OK
Created Kibana keystore in /etc/kibana/kibana.keystore

3.修改配置文件目录

[root@localhost ~]# grep "^[a-Z]" /etc/elasticsearch/elasticsearch.yml
cluster.name: elk
node.name: node-1
path.data: /elk/data
path.logs: /elk/logs
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
network.host: 10.197.10.207
cluster.initial_master_nodes: ["node-1"]

[root@localhost ~]# grep "^[a-Z]" /etc/kibana/kibana.yml
server.port: 5601
server.host: "10.197.10.207"
elasticsearch.hosts: ["http://10.197.10.207:9200"]

 

4.启动

[root@localhost ~]# /etc/init.d/kibana start
Starting kibana (via systemctl): [ OK ]
[root@localhost ~]# /etc/init.d/elasticsearch start
Starting elasticsearch (via systemctl): Job for elasticsearch.service failed because the control process exited with error code. See "systemctl status elasticsearch.service" and "journalctl -xe" for details.
[FAILED]

这里启动es失败了,需要 把对应的目录权限给到elasticsearch 

[root@localhost ~]# chown -R elasticsearch.elasticsearch /elk/
[root@localhost ~]# /etc/init.d/elasticsearch start
Starting elasticsearch (via systemctl): [ OK ]

启动后,ES可以通过http:10.197.10.207:9200 查看   
通过es的集群健康状态 
http://10.197.10.207:9200/_cluster/health?pretty=true

举一个py的脚本:

获取到的是一个json 格式的返回值,那就可以通过python 对其中的信息进行
分析,例如对status 进行分析,如果等于green(绿色)就是运行在正常,等于
yellow(黄色)表示副本分片丢失,red(红色)表示主分片丢失

[root@localhost ~]# more es-cluster-monitor.py
#!/usr/bin/env python
#coding:utf-8
import smtplib
from email.mime.text import MIMEText
from email.utils import formataddr
import subprocess
body = ""
false="false"
obj = subprocess.Popen(("curl -sXGET http://192.168.56.11:9200/_cluster/health?pretty=true"),shell=True,
stdout=subprocess.PIPE)
data = obj.stdout.read()
data1 = eval(data)
status = data1.get("status")
if status == "green":
print "50"
else:
print "100"

kibana 展示:http://10.197.10.207:5601

 

ELK 7.12搭建

原文:https://www.cnblogs.com/ccsway/p/14862241.html

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!