安装Elasticsearch
下载
1
| wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.1-linux-x86_64.tar.gz
|
解压
1 2
| tar zxf elasticsearch-7.5.1-linux-x86_64.tar.gz mv elasticsearch-7.5.1 /usr/local/elastic
|
修改配置文件
1
| vi config/elasticsearch.yml
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14
| cluster.name: myes # 集群名称 node.name: node-1 # 设置node名称 path.data: /data/elasticsearch/data # 数据目录位置 path.logs: /data/elasticsearch/logs # 日志目录位置 network.host: 0.0.0.0 # 设置访问地址 http.port: 9200 # 设置访问端口 cluster.initial_master_nodes: ["node-1"] http.cors.allow-origin: "*" # 跨域问题 http.cors.enabled: true xpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
|
1 2 3
| vi /etc/sysctl.conf vm.max_map_count=262144 sysctl -p
|
创建数据目录
1 2
| mkdir -p /data/elasticsearch/{data,logs} chown -R elastic.elastic /data/elasticsearch
|
创建用户
1 2
| groupadd elastic useradd -g elastic -s /sbin/nologin -c "Elastic Server" elastic
|
创建elastic服务
1 2 3 4 5 6 7 8 9 10 11 12 13
| cat > /usr/lib/systemd/system/elastic.service <<EOF [Unit] Description=elasticsearch server [Service] Type=simple User=elastic Group=elastic LimitNOFILE=100000 LimitNPROC=100000 ExecStart=/usr/local/elastic/bin/elasticsearch [Install] WantedBy=multi-user.target EOF
|
启动
1 2
| systemctl enable elastic.service systemctl start elastic.service
|
测试
1
| curl 'http://localhost:9200/?pretty'
|
出现如下结果表示启动成功

开启xpack
生成证书
1 2
| ./bin/elasticsearch-certutil ca ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
|
添加刚才输入的密码到elasticsearch.keystore
,会在config
文件夹下生成elasticseaerch.keystore
文件
1 2 3 4 5 6
| ./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password ./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
mkdir config/certs mv elastic-stack-ca.p12 config/certs mv elastic-certificates.p12 config/certs
|
设置用户密码
1
| ./bin/elasticsearch-setup-passwords interactive
|

容器启动
1 2 3 4 5 6
| docker run -d \ -p 9200:9200 \ -p 9300:9300 \ -e discovery.type=single-node \ -e xpack.security.enabled=true \ elasticsearch:7.2.0
|
安装kibana
下载
1
| wget https://artifacts.elastic.co/downloads/kibana/kibana-7.5.1-linux-x86_64.tar.gz
|
解压
1 2
| tar zxf kibana-7.5.1-linux-x86_64.tar.gz mv kibana-7.5.1-linux-x86_64 /usr/local/kibana
|
修改配置
1 2 3 4 5 6 7 8 9 10 11 12
| server.port: 5601
server.host: "0.0.0.0" logging.dest: "/usr/local/kibana/kibana.log"
elasticsearch.hosts: ["http://localhost:9200"]
elasticsearch.username: "elastic" elasticsearch.password: "elastic"
i18n.locale: "zh-CN"
|
创建用户
1 2 3
| groupadd kibana useradd -g kibana -s /sbin/nologin -c "Kibana Server" kibana chown -R kibana.kibana kibana
|
创建kibana服务
1 2 3 4 5 6 7 8 9 10 11
| cat > /usr/lib/systemd/system/kibana.service <<EOF [Unit] Description=kibana server [Service] Type=simple User=kibana Group=kibana ExecStart=/usr/local/kibana/bin/kibana [Install] WantedBy=multi-user.target EOF
|
启动
1 2
| systemctl enable kibana.service systemctl start kibana.service
|
配置nginx代理
1 2 3 4 5 6 7 8 9
| location /kibana/ { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_pass https://localhost:5601/; rewrite ^/kibana/(.*)$ /$1 break; }
|
1 2
| server: basePath: "/kibana"
|
容器启动
1 2 3 4 5 6 7
| docker run -d \ -p 5601:5601 \ -e ELASTICSEARCH_HOSTS=http://elastic:9200 \ -e ELASTICSEARCH_USERNAME=elastic \ -e ELASTICSEARCH_PASSWORD=elastic \ -e I18N_LOCALE=zh-CN \ kibana:7.2.0
|