在RH8安装ELK

ELK即 Elasticsearch Logstach、Kibana缩写

前提是JDK1.8已经安装

一、安装Elastic Search

  1. 由于是在VM上安装,所以先在https://www.elastic.co/cn/start 获得ELK的链接下载到本地
  2. 创建普通用户elk,加到elk组中
  3. 解压下载到的tar.gz包到/usr/local/,重命名(去除版本号),更改权限给elk
  4. 创建es的data目录 /elk/es/data/,logs目录 /elk/es/logs/,在配置步骤中配置进去
  5. 在/usr/local/elasticsearch/安装目录中,先在conf里更改es配置elasticsearch.yml
  6. 在bin文件夹里后台启动elasticsearch
  7. 使用curl 查看结果
#wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.0-linux-x86_64.tar.gz
#wget https://artifacts.elastic.co/downloads/logstash/logstash-7.14.0-linux-x86_64.tar.gz
#wget https://artifacts.elastic.co/downloads/kibana/kibana-7.14.0-linux-x86_64.tar.gz

#groupadd elk
#useradd -g elk elk -m

#tar zxvf elasticsearch-7.14.0-linux-x86_64.tar.gz -C /usr/local && cd /usr/local/
#mv elasticsearch-7.14.0-linux-x86_64.tar.gz elasticsearch
#chown -R elk:elk elsticsearch

#su - elk
$cd elasticsearch/config
$cp elasticsearch.yml elasticsearch.yml.bak
$ifconfig,查看ip
$vim elasticsearch.yml
cluster.name: es
node.name: master
path.data: /elk/es/data/
path.logs: /elk/es/logs
network.host: 192.168.44.130
http.port: 9200
discovery.seed_hosts: ["192.168.44.130"]
cluster.initial_master_nodes: ["master"]

#mkdir /elk/es/data /elk/es/logs/
#chown -R elk:elk /elk/

$cd /usr/local/elasticsearch/bin/ 
$./elasticsearch -d

❌错误:提示bootstrap checks failed,you must address the points …。要增加max virtual memory大小

#echo "vm.max_map_count=262144" >> /etc/sysctl.conf
#sysctl -p
#vim /etc/security/limits.conf 
  在最下面加入 
  * soft nproc 65536
  * hard nproc 65536
  * soft nofile 65536 
  * hard nofile 65536
验证es安装结果
$curl 192.168.44.130:9200