一.准备环境
1.1.1 关闭防火墙和Selinux
1.1.2 各服务器配置本地域名解析(准备两台机器即可)
[root@Centos-node6 tools]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.10.137 Centos-node1 192.168.10.138 Centos-node2 192.168.10.139 Centos-node3 192.168.10.140 Centos-node4 192.168.10.141 Centos-node5 192.168.10.142 Centos-node6
1.1.3 安装Java jdk确保jdk在1.8版本
[root@Centos-node6 ~]# yum -y install java-1.8.0-openjdk-devel [root@Centos-node6 ~]# java -version openjdk version "1.8.0_181" OpenJDK Runtime Environment (build 1.8.0_181-b13) OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode)
1.1.4 创建文件夹
[root@Centos-node5 ~]# mkdir /tools [root@Centos-node5 ~]# mkdir /elk/{data,logs} -p
二 安装elasticsearch
1.1.1 下载 elasticsearch
cd /tools
[root@Centos-node5 tools]# curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.3.2.rpm
1.1.2 安装 elasticsearch
[root@Centos-node5 tools]# yum install elasticsearch-6.3.2.rpm
三 配置
1.1.1 配置集群名称同一个集群内名称统一
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml
cluster.name: my_elk
1.1.2 配置node节点名称节点名称唯一
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml node.name: elk_node-1
1.1.3 配置data 和log目录
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml path.data: /elk/data path.logs: /elk/logs
1.1.4 配置监听地址 0.0.0.0 也可
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml network.host: 192.168.10.141
1.1.5 配置 端口默认9200
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml http.port: 9200
1.1.6 配置节点信息(想要组建集群的话就需要在这指定要发现的节点信息 注:端口不是默认端口要指定端口)
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml discovery.zen.ping.unicast.hosts: ["192.168.10.141", "192.168.10.142"]
1.1.7 配置内存锁定 服务启动的时候锁定足够的内存,防止数据写入swap
[root@Centos-node5 ~]# vim /etc/elasticsearch/elasticsearch.yml bootstrap.memory_lock: true
1.1.8 修改内存限制(不要追加在文件尾部追加推荐LimitNOFILE=65536下面)
[root@Centos-node5 ~]# vim /usr/lib/systemd/system/elasticsearch.service
LimitMEMLOCK=infinity
1.1.9 修改内存限制(默认最大最小限制为1g 官网推荐32g内)
[root@Centos-node5 ~]# vim /etc/elasticsearch/jvm.options -Xms2g -Xmx2g
1.2.0 修改目录属主
[root@Centos-node5 ~]# chown -R elasticsearch. /elk [root@Centos-node5 ~]# ll /elk/ 总用量 0 drwxr-xr-x 2 elasticsearch elasticsearch 6 8月 2 21:30 data drwxr-xr-x 2 elasticsearch elasticsearch 6 8月 2 21:30 logs
四 启动 elasticsearch
1.1.1 启动
加入开机自启动
[root@Centos-node5 ~]# systemctl enable elasticsearch.service
Created symlink from /etc/systemd/system/multi-user.target.wants/elasticsearch.service to /usr/lib/systemd/system/elasticsearch.service.
启动
[root@Centos-node5 ~]# systemctl start elasticsearch.service
1.1.2 验证
systemctl 验证(不准确)
[root@Centos-node5 ~]# systemctl status elasticsearch.service ● elasticsearch.service - Elasticsearch Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; vendor preset: disabled) Active: active (running) since 五 2018-08-03 21:05:41 CST; 1min 11s ago Docs: http://www.elastic.co Main PID: 14118 (java) CGroup: /system.slice/elasticsearch.service ├─14118 /bin/java -Xms3g -Xmx3g -XX:+UseConcMarkSweepG... └─14172 /usr/share/elasticsearch/modules/x-pack/x-pack... 8月 03 21:05:41 Centos-node5 systemd[1]: Started Elasticsearch. 8月 03 21:05:41 Centos-node5 systemd[1]: Starting Elasticsearch... Hint: Some lines were ellipsized, use -l to show in full.
查看日志
[root@Centos-node5 ~]# tail -f /elk/logs/my_elk.log
浏览器验证
