笔者Q:972581034 交流群:605799367。有任何疑问可与笔者或加群交流
安装
yum localinstall elasticsearch-6.1.1.rpm -y
mkdir -p /elk/{data,logs} && chown -R elasticsearch.elasticsearch /elk
配置
grep '^[a-Z]' /etc/elasticsearch/elasticsearch.yml
cluster.name: yoho8elk #ELK的集群名称,名称相同即属于是同一个集群
node.name: manager-node-1 #本机在集群内的节点名称ode-1
path.data: /elk/data #数据保存目录
path.logs: /elk/logs #日志保存目录
bootstrap.memory_lock: true #服务启动的时候锁定足够的内存,防止数据写入swap,可能会导致云主机报错.可以不填写.
network.host: 0.0.0.0 #监听 10.0.1.0网段的
http.port: 9200
discovery.zen.ping.unicast.hosts: ["10.0.1.100", "10.0.1.24"]
修改内存限制,并同步配置文件:
https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
vim jvm.options
-Xms1g
-Xmx1g
#官方配置文档最大建议30G以内。
修改节点2的配置文件。
[root@test-manager elasticsearch]# scp elasticsearch.yml test-web04:/etc/elasticsearch/
[root@test-web04 elasticsearch]# grep '^[a-Z]' /etc/elasticsearch/elasticsearch.yml
cluster.name: yoho8elk
node.name: test-web04-node-2
path.data: /elk/data
path.logs: /elk/logs
bootstrap.memory_lock: true #在云主机上加上这个参数可能会报错。
network.host: 0.0.0.0 #监听 0.0.0.0网段的
http.port: 9200
discovery.zen.ping.unicast.hosts: ["10.0.1.100", "10.0.1.24"]
设置java路径
which: no java in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin)
ln -sv /application/jdk/bin/java* /usr/local/sbin/
启动elasticsearch
systemctl start elasticsearch
systemctl enable elasticsearch
systemctl status elasticsearch
访问测试
curl 10.0.1.100:9200
集群管理head 插件
git clone git://github.com/mobz/elasticsearch-head.git
yum install -y npm
yum update openssl -y
npm install grunt -save
npm install 或 npm install -g cnpm --registry=https://registry.npm.taobao.org && cnpm install
启动插件
npm run start &
netstat -lntp |grep 9100
修改elasticsearch支持跨域访问并重启
vim /etc/elasticsearch/elasticsearch.yml
http.cors.enabled: true #最下方添加
http.cors.allow-origin: "*"
systemctl restart elasticsearch
ik分词器
/usr/share/elasticsearch/bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v6.1.2/elasticsearch-analysis-ik-6.1.2.zip