01 - Elastic Stack安装

作者: 启卫
时间: 2017年4月11号
功能: 理解elk安装过程

目标:

  • 在CentOS 7上部署ELK

1. 使用初始化配置CentOS7

CentOS 7 初始配置参考文档

服务器配置要求:

  • OS: CentOS 7
  • RAM: 4GB
  • CPU: 2

安装java 8

#Step 1 进入家目录
cd ~

#Step 2 下载
wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u73-b02/jdk-8u73-linux-x64.rpm"

#Step 3 本地安装/usr/java/jdk1.*/bin/java 
# 创建/usr/bin/java 链接
sudo yum -y localinstall jdk-8u73-linux-x64.rpm

#Step 4 删除刚才安装的文件
rm ~/jdk-*.rpm

#Step 5 检查安装
# java -version
java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)

export JAVA_HOME=/usr/bin/java

ELk所有版本必须一样

  • Beats 5.3
  • Elasticsearch 5.3
  • Elasticsearch Hadoop 5.3
  • Kibana 5.3
  • Logstash 5.3
  • X-Pack 5.3

安装顺序

  1. Elasticsearch
    x-pack for Elasticsearch
  2. kibina
    x-pack for kibana
  3. logstash
  4. beats
  5. elasticsearch hadoop

2. 安装elasticsearch

#Step 1. 导入GPG密钥
sudo rpm --import http://packages.elastic.co/GPG-KEY-elasticsearch

#Step 2. 创建一个yum源
echo '[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=http://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch
enabled=1
' | sudo tee /etc/yum.repos.d/elasticsearch.repo

#安装 Elasiticsearch
sudo yum -y install elasticsearch

#编辑配置文件
sudo vi /etc/elasticsearch/elasticsearch.yml
#将network.host改成localhost, 保证其他主机不可访问9200

network.host: localhost

#开启Elasticsearch
sudo systemctl start elasticsearch

#开机自启
sudo systemctl enable elasticsearch

# 测试
$curl 'http://localhost:9200'
{
  "name" : "WOz1m8N",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "o05AxqdJRBKJmPUHNMwz5Q",
  "version" : {
    "number" : "5.3.0",
    "build_hash" : "3adb13b",
    "build_date" : "2017-03-23T03:31:50.652Z",
    "build_snapshot" : false,
    "lucene_version" : "6.4.1"
  },
  "tagline" : "You Know, for Search"
}

3. 安装Kibina

#下载
wget https://artifacts.elastic.co/downloads/kibana/kibana-5.3.0-linux-x86.tar.gz

#解压
tar -zxvf ki*

#运行
cd ki*
./bin/kibana

4. 安装LogStash

#导入key
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

#编辑repo
sudo vi /etc/yum.repos.d/logstsh.repo
[logstash-5.x]
name=Elastic repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

#安装
sudo yum install logstash

4.1 使用源码安装

#使用源码下载
chown -R qiwei:qiwei log*

#进入目录
cd /opt/logstash-5.3.0

#运行测试, -e 表示直接使用命令行命令
$ bin/logstash -e 'input { stdin { } } output { stdout {codec=>rubydebug} }'

Sending Logstash's logs to /opt/logstash-5.3.0/logs which is now configured via log4j2.properties
[2017-04-10T19:20:35,972][INFO ][logstash.setting.writabledirectory] Creating directory {:setting=>"path.queue", :path=>"/opt/logstash-5.3.0/data/queue"}
[2017-04-10T19:20:36,047][INFO ][logstash.agent           ] No persistent UUID file found. Generating new UUID {:uuid=>"39a7a7be-bf94-45a5-8be6-10304fa9d16a", :path=>"/opt/logstash-5.3.0/data/uuid"}
[2017-04-10T19:20:38,738][INFO ][logstash.pipeline        ] Starting pipeline {"id"=>"main", "pipeline.workers"=>1, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>5, "pipeline.max_inflight"=>125}
[2017-04-10T19:20:38,883][INFO ][logstash.pipeline        ] Pipeline main started
The stdin plugin is now waiting for input:
[2017-04-10T19:20:39,282][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9600}

hello world
2017-04-10T11:21:25.171Z elk.infoclue.net hello world

#退出
CRTL-D
posted @ 2017-04-11 15:44  elewei  阅读(660)  评论(0)    收藏  举报