Elasticsearch5.5+Kibana5.5安裝部署
下述為具體安裝的操作,時間原因,略微有點幹,中間有點小坑,文末有具體解決方法,KI的x-pack下載耗時比較長,這裡不過多介紹。
環境:
centos 6.5
介質:
elasticsearch-5.5.0.tar.gz
kibana-5.5.0-linux-x86_64.tar.gz
jdk-8u51-linux-x64.rpm
環境準備:
#### set selinux status
cat /etc/selinux/config |grep -v ^# |grep SELINUX= |awk -F'=' '{print $2}'
cp /etc/selinux/config /etc/selinux/config.BAK
cp /etc/sysconfig/selinux /etc/sysconfig/selinux.BAK
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config || sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux || sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux
#### set iptables status
/etc/init.d/iptables status
/etc/init.d/iptables stop
/sbin/chkconfig iptables off
#### set limits.conf
cp /etc/security/limits.conf /etc/security/limits.conf.BAK
ulimit -l unlimited
ulimit -n 65536
vim /etc/security/limits.conf
* soft nproc 65535
* hard nproc 65535
* soft nofile 65536
* hard nofile 65536
* soft memlock unlimited
* hard memlock unlimited
vim /etc/security/limits.d/90-nproc.conf
* soft nproc 65535
* hard nproc 65535
* soft nofile 65536
* hard nofile 65536
* soft memlock unlimited
* hard memlock unlimited
#### install java environment
rpm -ivh jdk-8u51-linux-x64.rpm
vim /etc/profile
export JAVA_HOME=/usr/java/jdk1.8.0_51
export JRE_HOME=/usr/java/jdk1.8.0_51/jre
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:$JAVA_HOME/bin
source /etc/profile
#### mkdir workspace
mkdir -p /opt/elk
#### install Elasticsearch
tar -zxf elasticsearch-5.5.0.tar.gz
mv elasticsearch-5.5.0 /opt/elk
useradd elasticsearch
chown -R elasticsearch:elasticsearch /opt/elk/elasticsearch/
mkdir -p /var/log/elk/elasticsearch
chown -R elasticsearch:elasticsearch /var/log/elk/elasticsearch
#### install Kibana
tar -zxf kibana-5.5.0-linux-x86_64.tar.gz
mv kibana-5.5.0-linux-x86_64 /opt/elk/kibana
#### configue Elasticsearch
cp /opt/elk/elasticsearch/config/elasticsearch.yml /opt/elk/elasticsearch/config/elasticsearch.yml.BAK
echo " cluster.name: ELKstack" >> /opt/elk/elasticsearch/config/elasticsearch.yml
echo " path.logs: /var/log/elk/elasticsearch" >> /opt/elk/elasticsearch/config/elasticsearch.yml
echo " bootstrap.memory_lock: false" >> /opt/elk/elasticsearch/config/elasticsearch.yml
echo " bootstrap.system_call_filter: false" >> /opt/elk/elasticsearch/config/elasticsearch.yml
echo " network.host: 0.0.0.0" >> /opt/elk/elasticsearch/config/elasticsearch.yml
echo " http.port: 9200" >> /opt/elk/elasticsearch/config/elasticsearch.yml
#### configue Kibana
cp /opt/elk/kibana/config/kibana.yml /opt/elk/kibana/config/kibana.yml.BAK
echo " server.host: 0.0.0.0" >> /opt/elk/kibana/config/kibana.yml
echo " server.port: 5601" >> /opt/elk/kibana/config/kibana.yml
#### start service
/opt/elk/elasticsearch/bin/elasticsearch
/opt/elk/kibana/bin/kibana
啟動報錯:
ERROR: bootstrap checks failedmax virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
ava.lang.RuntimeException: max file descriptors [65535] for elasticsearch process likely too low, increase to at least [65536]
其中vm.max_map_count報錯,
在elasticsearch.yml中配置bootstrap.system_call_filter為false,注意要在Memory下面:
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
此外可以後期的啟動指令碼增加"sudo sysctl -w vm.max_map_count=262144"。
max file報錯已在limits.conf檔案中做過修改,將nofile上限修改為65536即可。