centos7部署ELK7.1.1教程

安装java

有2台测试机上面都需要安装jdk 8,有2个方法,一是直接通过yum install java java-devel来安装,喜欢折腾的朋友可以按以下方法:

打开https://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html下载jdk-8u211-linux-x64.tar.gz包,下载需要oracle的账号。下载到机器上面之后,运行:

1
2
3
4
5
6
7
8
9
10
tar zvxf jdk-8u211-linux-x64.tar.gz 
mv jdk1.8.0_211 /usr/local/java

# 在/etc/profile最后面加入:
export JAVA_HOME=/usr/local/java/
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

source /etc/profile
java -version #检查是否配置成功
1
2
3
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.1.1-x86_64.rpm
wget https://artifacts.elastic.co/downloads/logstash/logstash-7.1.1.rpm
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.1.1-x86_64.rpm
1
2
3
4
5
6
7
8
9
10
11
12
13
[root@master ELK]# rpm -ivh elasticsearch-7.1.1-x86_64.rpm 
warning: elasticsearch-7.1.1-x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID d88e42b4: NOKEY
Preparing... ################################# [100%]
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Updating / installing...
1:elasticsearch-0:7.1.1-1 ################################# [100%]
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
Created elasticsearch keystore in /etc/elasticsearch

安装elasticsearch-head

1
2
3
4
5
6
cd /tmp
wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2
yum -y install bzip2
cd /usr/local/elasticsearch-head
npm install --unsafe-perm
grunt server &

查看数据:

  • 查看健康状态
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[root@master elasticsearch-head]# curl http://192.168.1.60:9200/_cluster/health?pretty=true
{
"cluster_name" : "myelk",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 2,
"number_of_data_nodes" : 2,
"active_primary_shards" : 1,
"active_shards" : 2,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}

安装logstash

1
2
3
4
5
6
7
8
[root@master ELK]# rpm -ivh logstash-7.1.1.rpm 
warning: logstash-7.1.1.rpm: Header V4 RSA/SHA512 Signature, key ID d88e42b4: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:logstash-1:7.1.1-1 ################################# [100%]
Using provided startup.options file: /etc/logstash/startup.options
/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/pleaserun-0.0.30/lib/pleaserun/platform/base.rb:112: warning: constant ::Fixnum is deprecated
Successfully created system startup script for Logstash

参考资料

ELK-7.1.1 安装部署数据收集展示:https://hacpai.com/article/1559892603869

ELK6.0部署:Elasticsearch+Logstash+Kibana搭建分布式日志平台:https://ken.io/note/elk-deploy-guide

Elasticsearch教程:https://www.sojson.com/blog/81.html

ELK(使用RPM包安装配置ELK):https://www.cnblogs.com/minseo/p/9117768.html

0%