1 資源
| 資源資訊 | 版本号 | 備注 |
|---|---|---|
| 伺服器 | Centos7 | IP: 192.168.51.4 |
| elasticsearch | 7.4.2 | IP: 192.168.51.4 |
2 介紹
Elasticsearch是一個基于Apache Lucene™的開源搜尋引擎,無論在開源還是專有領域,Lucene可以被認為是迄今為止最先進、性能最好的、功能最全的搜尋引擎庫。
但是,Lucene隻是一個庫。想要發揮其強大的作用,你需使用Java并要将其內建到你的應用中。Lucene非常複雜,你需要深入的了解檢索相關知識來了解它是如何工作的。
Elasticsearch也是使用Java編寫并使用Lucene來建立索引并實作搜尋功能,但是它的目的是通過簡單連貫的RESTful API讓全文搜尋變得簡單并隐藏Lucene的複雜性。
不過,Elasticsearch不僅僅是Lucene和全文搜尋引擎,它還提供:
- 分布式的實時檔案存儲,每個字段都被索引并可被搜尋
- 實時分析的分布式搜尋引擎
- 可以擴充到上百台伺服器,處理PB級結構化或非結構化資料
附上官網位址:https://www.elastic.co/cn/elasticsearch/
3 安裝與配置
3.1 安裝
elasticsearch單機版的安裝,可參考博文:
ES elasticsearch的安裝和配置:https://blog.csdn.net/qq_15769939/article/details/114249211
3.2 啟動ES
[[email protected] logstash-7.4.2]# cd /usr/local/elasticsearch-7.4.2/bin
[[email protected] bin]# ./elasticsearch -d
future versions of Elasticsearch will require Java 11; your Java version from [/opt/module/haoke/jdk1.8.0_141/jre] does not meet this requirement
3.3 配置秘鑰
3.3.1 生成根密鑰
[[email protected] bin]# ./elasticsearch-certutil ca --pem
...
Please enter the desired output file [elastic-stack-ca.zip]:
3.3.2 解壓根秘鑰
[[email protected] bin]# unzip elastic-stack-ca.zip
Archive: elastic-stack-ca.zip
creating: ca/
inflating: ca/ca.crt
inflating: ca/ca.key
總用量 8
-rw-r--r--. 1 root root 1200 3月 27 19:43 ca.crt
-rw-r--r--. 1 root root 1679 3月 27 19:43 ca.key
3.3.3 生成節點秘鑰
[[email protected] bin]# ./elasticsearch-certutil cert --ca-cert ca/ca.crt --ca-key ca/ca.key --pem
3.3.4 解壓節點密鑰
[[email protected] bin]# unzip certificate-bundle.zip
3.3.5 自定義配置路徑
[[email protected] bin]# cd /usr/local/elasticsearch-7.4.2/config
[[email protected] config]# mkdir x-pack
bin目錄生成的ca和instance兩個檔案夾 拷貝至config下面的x-pack檔案夾下
3.3.6 配置xpack秘鑰
[[email protected] config]# vi elasticsearch.yml
最後添加如下代碼:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.ssl.key: x-pack/instance/instance.key
xpack.ssl.certificate: x-pack/instance/instance.crt
xpack.ssl.certificate_authorities: x-pack/ca/ca.crt
xpack.ssl.verification_mode: certificate
xpack.ssl.client_authentication: required
4 測試通路
4.1 停止服務
[[email protected] config]# jps
28696 Elasticsearch
29977 Jps
[[email protected] config]# kill 28696
4.2 啟動服務
[[email protected] bin]# cd /usr/local/elasticsearch-7.4.2/bin
[[email protected] bin]# ./elasticsearch -d
4.3 設定密碼
[[email protected] bin]# ./elasticsearch-setup-passwords interactive
future versions of Elasticsearch will require Java 11; your Java version from [/opt/module/haoke/jdk1.8.0_141/jre] does not meet this requirement
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
5 相關資訊
- 第①篇:ELK 日志采集架構(一):架構設計
- 第②篇:ELK 日志采集架構(二):日志子產品開發
- 第③篇:ELK 日志采集架構(三):Filebeat安裝與配置
- 第④篇:ELK 日志采集架構(四):Kafka安裝與配置
- 第⑤篇:ELK 日志采集架構(五):Logstash安裝與配置
- 第⑥篇:ELK 日志采集架構(六):ElasticSearch安裝與配置
- 第⑦篇:ELK 日志采集架構(七):Kibana安裝與配置
- 第⑧篇:ELK 日志采集架構(八):功能測試與告警內建
博文不易,辛苦各位猿友點個關注和贊,感謝
![ELK詳細分析nginx日志1. 實驗規劃2. ELK安裝3. logstash伺服器的配置4. kibana檢視配置5. 建立儀表闆顯示pv和uv[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)