一.安装jdk8

经过我测试logstash5.x不支持java10和11,所以安装java8

加入LinuxUprising Java PPA

sudo add-apt-repository ppa:webupd8team/java

sudo apt-get update

安装java8(Long Term Support)

sudo apt-get install oracle-java8-installer

查看java是否安装成功

java -version

设置java11为默认

sudo apt-get install oracle-java8-set-default

二.新建用户

因为安全问题elasticsearch 不让用root用户直接运行,创建新用户

adduser elk 输入两次密码

passwd elk 输入两次密码

root给elk赋权限,chown -R elk /opt/elasticsearch-5.6.11

三.安装elastcisearch

卸载elastcisearch

sudo systemctl stop elasticsearch

sudo apt-get --purge autoremove elasticsearch

rm -rf /var/lib/elasticsearch

rm -rf /etc/elasticsearch

安装

由于目前IK Analysis插件5.x的最高版本为5.6.11,所以elk我们也安装5.6.11

wget -P /opt/downloads https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.6.11.tar.gz

sudo tar zxvf /opt/downloads/elasticsearch-5.6.11.tar.gz -C /opt

进入配置文件

sudo vim /opt/elasticsearch-5.6.11/config/elasticsearch.yml

修改network.host的值

network.host: 192.168.x.x 自身ip,限制为内网访问

network.host: 0.0.0.0 也可以不限制ip

http.port: 9200

删除lock

rm -rf /opt/elasticsearch-5.6.11/data/nodes/0/node.lock

切换到elk用户,守护进程启动es

su - elk -c "/opt/elasticsearch-5.6.11/bin/elasticsearch -d"

若启动不成功,日志文件报max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

sudo sysctl -w vm.max_map_count=262144

上述方法只是临时修改,若要永久修改

在/etc/sysctl.conf文件最后添加一行

vm.max_map_count=262144

查看是否修改成功

more /proc/sys/vm/max_map_count

再启动es即可

测试es是否正常运行

curl -X GET http://127.0.0.1:9200

关闭代码为

jps|grep Elasticsearch

显示 xxxx Elasticsearch

kill -9 xxxx

netstat -anltp|grep 9200

显示LISTEN xxxx/java

kill -9 xxxx

四、安装Logstash

卸载deb版本的logstash

sudo systemctl stop logstash

dpkg -P logstash或sudo apt-get --purge autoremove logstash

rm -rf /usr/share/logstash

rm -rf /var/lib/logstash

rm -rf /var/log/logstash

安装

wget -P /opt/downloads https://artifacts.elastic.co/downloads/logstash/logstash-5.6.11.tar.gz

sudo tar zxvf /opt/downloads/logstash-5.6.11.tar.gz -C /opt

错误提示:Unrecognized VM option 'UseParNewGC'

解决办法:把/opt/logstash/config/jvm.options配置文件中的-XX:UseParNewGC注释掉

错误提示:could not create the java virtual machine或找不到主类

解决办法:把/opt/logstash/bin/logstash.bat中%CLASSPATH%没有加双引号的都加上双引号。

修改数据文件夹读写权限:

sudo chmod 777 /opt/logstash-5.6.11/data

测试是否成功启动

/opt/logstash-5.6.11/bin/logstash -e 'input{stdin{}}output{stdout{codec=>rubydebug}}'

修改配置

关闭代码为

netstat -anltp|grep 9600

显示LISTEN xxxx/java

kill -9 xxxx

五、安装Kibana

卸载deb版本的kibana

sudo systemctl stop kibana

dpkg -P kibana或sudo apt-get --purge autoremove kibana

rm -rf /var/lib/kibana

安装

wget -P /opt/downloads https://artifacts.elastic.co/downloads/kibana/kibana-5.6.11-linux-x86_64.tar.gz

sudo tar zxvf /opt/downloads/kibana-5.6.11-linux-x86_64.tar.gz -C /opt

修改配置

vim /opt/kibana-5.6.11-linux-x86_64/config/kibana.yml

#配置本机ip

server.host: "0.0.0.0"

#配置es集群url

elasticsearch.url: "http://localhost:9200"

后台启动kibana

nohup /opt/kibana-5.6.11-linux-x86_64/bin/kibana &

然后回车返回到shell

关闭

netstat -anltp|grep 5601

显示LISTEN xxxx/java

kill -9 xxxx

六、安装Elasticsearch-head

cd /opt

git clone git://github.com/mobz/elasticsearch-head.git

修改配置

vim /opt/elasticsearch-head/_site/app.js

this.base_uri = this.config.base_uri || this.prefs.get("app-base_uri") || "http://localhost:9200";修改为当前es地址,默认es在本机localhost:9200不用修改

vim /opt/elasticsearch-head/Gruntfile.js

在原有的connect:server:options节点上加上hostname: '*',

修改es配置

sudo vim /opt/elasticsearch-5.6.11/config/elasticsearch.yml

network.host: 0.0.0.0

http.cors.enabled: true

http.cors.allow-origin: "*"

安装node

sudo apt-get install nodejs

安装npm

sudo apt-get install npm

安装grunt和grunt-cli

sudo npm install -g grunt

sudo npm install -g grunt-cli

安装模块依赖

sudo npm install

后台启动head

cd /opt/elasticsearch-head

nohup npm run start &

回车返回到shell

客户端浏览器打开x.x.x.x:9100

若显示未连接修改http://localhost:9200为es服务器ip:port

关闭

netstat -anltp|grep 9100

显示LISTEN xxxx/grunt

kill -9 xxxx

七、安装IK Analysis插件

/opt/elasticsearch-5.6.11/bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v5.6.11/elasticsearch-analysis-ik-5.6.11.zip

重启服务

jps|grep Elasticsearch

显示 xxxx Elasticsearch

kill -9 xxxx (xxxx为)

su - elk -c "/opt/elasticsearch-5.6.11/bin/elasticsearch -d"

八、建立守护进程(systemd)


elasticsearch

vim /lib/systemd/system/elasticsearch.service
[Unit]

Description=Elasticsearch

Documentation=http://www.elastic.co

Wants=network-online.target

After=network-online.target

[Service]

Environment=ES_HOME=/opt/elasticsearch-5.6.

Environment=CONF_DIR=/opt/elasticsearch-5.6./config

Environment=DATA_DIR=/opt/elasticsearch-5.6./data

Environment=LOG_DIR=/opt/elasticsearch-5.6./logs

Environment=PID_DIR=/opt/elasticsearch-5.6.

#EnvironmentFile=-/etc/default/elasticsearch-5.6.

WorkingDirectory=/opt/elasticsearch-5.6.

User=elk

Group=elk

ExecStartPre=/opt/elasticsearch-5.6./bin/elasticsearch-systemd-pre-exec

ExecStart=/opt/elasticsearch-5.6./bin/elasticsearch \

-p ${PID_DIR}/elasticsearch.pid \

--quiet \

-Edefault.path.logs=${LOG_DIR} \

-Edefault.path.data=${DATA_DIR} \

-Edefault.path.conf=${CONF_DIR}

# StandardOutput is configured to redirect to journalctl since

# some error messages may be logged in standard output before

# elasticsearch logging system is initialized. Elasticsearch

# stores its logs in /opt/elasticsearch-5.6./logs and does not use

# journalctl by default. If you also want to enable journalctl

# logging, you can simply remove the "quiet" option from ExecStart.

StandardOutput=journal

StandardError=inherit

# Specifies the maximum file descriptor number that can be opened by this process

LimitNOFILE=

# Specifies the maximum number of processes

LimitNPROC=

# Specifies the maximum size of virtual memory

LimitAS=infinity

# Specifies the maximum file size

LimitFSIZE=infinity

# Disable timeout logic and wait until process is stopped

TimeoutStopSec=

# SIGTERM signal is used to stop the Java process

KillSignal=SIGTERM

# Send the signal only to the JVM rather than its control group

KillMode=process

# Java process is never killed

SendSIGKILL=no

# When a JVM receives a SIGTERM signal it exits with code

SuccessExitStatus=

[Install]

WantedBy=multi-user.target
systemctl enable elasticsearch.service
systemctl daemon-reload

elasticsearch-head

vim /lib/systemd/system/elasticsearch-head.service
[Unit]

Description=elasticsearch-head

[Service]

Type=simple

User=root

ExecStart=/opt/systemd-sh/elasticsearch-head.sh start

#ExecReload=/opt/systemd-sh/elasticsearch-head.sh restart

#ExecStop=/opt/systemd-sh/elasticsearch-head.sh stop

#ExecReload=/bin/kill -s HUP $MAINPID

#ExecStop=/bin/kill -s QUIT $MAINPID

Restart=always

PrivateTmp=true

[Install]

WantedBy=multi-user.target
vim /opt/systemd-sh/elasticsearch-head.sh
systemctl daemon-reload
#!/bin/bash

function exist_port()

{

  port=`netstat -lntp | grep $ | awk '{print $4}' | cut -d \: -f `

  if [ "$port" = "$1" ];then

    return

  else

    return

  fi

}

function kill_by_port()

{

  port=`netstat -lntp | grep $ | awk '{print $7}' | cut -d \/ -f `

  if [ "$port" != "" ];then

    sudo kill - $port

    echo "kill $port"

  fi

}

function run()

{if [ "$1" = "start" ];then

    start

  elif [ "$1" = "stop" ];then

    stop

  elif [ "$1" = "restart" ];then

    stop

    start

  else

    echo "please input param, start, restart or stop"

  fi

}

function start()

{

  exist_port

  if [ $? =  ];then

    echo 'start elasticsearch-head'

    cd /opt/elasticsearch-head

    sudo npm run start

  fi

}

function stop()

{

  kill_by_port

}

run $*
chmod +x /opt/systemd-sh/elasticsearch-head.sh
systemctl enable elasticsearch-head.service

logstash

vim /lib/systemd/system/logstash.service
[Unit]

Description=logstash

[Service]

Type=simple

User=root

Group=root

# Load env vars from /etc/default/ and /etc/sysconfig/ if they exist.

# Prefixing the path with '-' makes it try to load, but if the file doesn't

# exist, it continues onward.

#EnvironmentFile=-/etc/default/logstash

#EnvironmentFile=-/etc/sysconfig/logstash

Environment=LS_HOME=/opt/logstash-5.6.

Environment=LS_SETTINGS_DIR="/opt/logstash-5.6.11/config"

Environment=LS_OPTS="--path.settings /opt/logstash-5.6.11/config"

#Environment=LS_JAVA_OPTS=""

Environment=LS_PIDFILE=/opt/logstash-5.6./logstash.pid

Environment=LS_USER=root

Environment=LS_GROUP=root

Environment=LS_GC_LOG_FILE=/opt/logstash-5.6./logs/gc.log

Environment=LS_OPEN_FILES=

Environment=LS_NICE=

Environment=SERVICE_NAME="logstash"

Environment=SERVICE_DESCRIPTION="logstash"

ExecStart=/opt/logstash-5.6./bin/logstash -f /opt/logstash-5.6./config/logstash.conf

Restart=always

WorkingDirectory=/

Nice=

LimitNOFILE=

[Install]

WantedBy=multi-user.target
vim /opt/logstash-5.6./config/logstash.conf

自行添加conf文件,注这里写用标准输入会超时。

systemctl enable logstash.service
systemctl daemon-reload

kibana

vim /lib/systemd/system/kibana.service
[Unit]

Description=kibana

[Service]

Type=simple

User=root

ExecStart=/opt/kibana-5.6.-linux-x86_64/bin/kibana "-c /opt/kibana-5.6.11-linux-x86_64/config/kibana.yml"

Restart=always

PrivateTmp=true

WorkingDirectory=/

[Install]

WantedBy=multi-user.target
systemctl enable kibana.service
systemctl daemon-reload
reboot

重启后看是否自启成功

ELK安装(ubuntu)的更多相关文章

  1. ELK 安装Elasticsearch

    章节 ELK 介绍 ELK 安装Elasticsearch ELK 安装Kibana ELK 安装Beat ELK 安装Logstash ELK栈要安装以下开源组件: Elasticsearch Ki ...

  2. Vmware虚拟机安装Ubuntu并设置root登陆

    主机操作系统是win7.在Ubuntu官网下好系统镜像.iso文件,安装好Vmware workstation软件 1 安装Ubuntu系统到Vmware虚拟机: 注意下面这步是无法直接设置账号为ro ...

  3. Windows 10下使用U盘安装Ubuntu双系统

    问题描述:在Windows10下安装Ubuntu. 使用工具:Windows10.Ubuntu16.04 LTS安装包.UltraISO.easyBCD. 操作步骤: 1.安装之前要给Ubuntu分出 ...

  4. 跳入linux的第一个坑-因为安装Ubuntu导致的硬盘被误格的恢复.(记TestDisk使用记录)

    不看废话,直接跳到操作说明 前几日心血来潮想把家中的旧笔记本换成Linux操作系统,算是在业余生活中正式投入Linux的怀抱.说干就干,发行版选择了Ubuntu,下载了Ubuntu16.04的ISO, ...

  5. pcDuino-V2操作系统的安装-ubuntu/Android

    操作系统:(非虚拟机) zws@z-pc:~$ lsb_release -aNo LSB modules are available.Distributor ID: Ubuntu Descriptio ...

  6. (原创)使用VMware安装Ubuntu,怎么无法使用startx进入桌面模式?

    最近在VMware中安装Ubuntu时,发现VMware的快速安装后是文本模式,无法使用startx进入桌面模式,非常不方便.此问题为默认安装方式,需要设置安装方式. 操作系统:Windows 8.1 ...

  7. mac上安装ubuntu双系统

    mac和ubuntu双系统 mac系统安装ubuntu双系统的方法, mac系统要安装ubuntu, 必须使用u盘作为启动盘, 在mac启动的时候引导mac安装ubuntu, 下面为详细的安装方法: ...

  8. windows下用虚拟机安装ubuntu

    虚拟机软件推荐VMware Workstation,为了较好支持Win8,最好下载VMware Workstation10及以上新版本,对机器配置要求比较高,如果本身操作系统是WinXP或Win7的话 ...

  9. U盘安装Ubuntu 10.4 Server

    试了几次的U盘安装Ubuntu Server失败后,只能求助网络了,找了半天终于安装成功了.问题就是虽然从U盘启动了安装程序,但是在系统安装到一半的过程中,会进行CD-ROM的检查,检查不到安装程序, ...

随机推荐

  1. 【原创】大叔经验分享(41)hdfs开启kerberos之后报错Encryption type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled

    hdfs开启kerberos之后,namenode报错,连不上journalnode 2019-03-15 18:54:46,504 WARN org.apache.hadoop.security.U ...

  2. [其它]安装ios12 developer beta 3出错

    ios11设备升级到ios12有时候会出现 安装ios12 developer beta 3出错 提示.此时有一种可能就是,你手机或者ipad空间不足2G多(因为ios12是2.13G) 仅作为记录使 ...

  3. layui框架--关闭当前页面并刷新父页面

    //关闭当前页面 并刷新父页面 var index = parent.layer.getFrameIndex(window.name); parent.layer.close(index) windo ...

  4. 高级UI特效—用SVG码造一个精美的中国地图

    前言 来继续学习SVG,要想深入了解还是要多动手进行实战.关于svg基础可以去看一下我的上一篇文章<SVG前戏—让你的View多姿多彩>,今天就用SVG打造一个精美的UI效果. 正文 先上 ...

  5. Confluence 6 MySQL 3.x 字符集编码问题

    MySQL 3.x is 已知在大写和小写转换的时候有些问题(non-ASCII). 问题诊断 请按照 Troubleshooting Character Encodings 页面中的内容对问题进行诊 ...

  6. Confluence 6 找到在创建 XML 备份的时候出现的错误

    错误可能是因为数据库突然不可访问而产生.如果你在你的日志中看到了错误  'Couldn't backup database data' ,这个指南将会帮助你更正这个错误.我们强烈推荐你备份 Confl ...

  7. Confluence 6 配置避免管理员联系表单垃圾

    你可以配置 Confluence 使用验证码(Captcha)来避免垃圾内容发送给 Confluence 管理员.有关管理员联系表单验证码的内容在全站验证码设置中进行配置,相关的文档请参考 Confi ...

  8. OC Swift中检查代码行数

    1 打开终端  cd 进去当前项目 2 总行数查看命令     find . -name "*.m" -or -name "*.h" | xargs wc -l ...

  9. python 爬虫简化树状图

  10. html超文本标记语言

     <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8" ...