ElasticSearch (2): 一键部署7.14.1 版本 elk+kafka+rsyslog
#### @Author: hanxiaoshun# @Date: 2021-09-08 15:57:13# @LastEditTime: 2021-09-15 16:16:59# @LastEditors: Please set LastEditors# @Description: In User Settings Edit# @FilePath: \5.5.0_elk\e.sh###echo
·
1.准备好环境Centos 7.9环境
安装一些常用的 network tools,配置好IP和dns;配置最好在 8 Core 16 G及以上,最低建议4,8
2.请下载对应版本的各组件安装包
将安装包放入/home/elk/res目录下
-rw-r--r--. 1 root root 344049417 Sep 15 15:03 elasticsearch-7.14.1-linux-x86_64.tar.gz
-rw-r--r--. 1 root root 23776 Sep 15 17:10 hs_err_pid11804.log
drwxr-xr-x. 3 root root 18 Sep 15 17:43 kafka_2.13-2.8.0
-rwxrwxrwx. 1 root root 71403603 Sep 8 21:33 kafka_2.13-2.8.0.tgz
-rw-r--r--. 1 root root 285786508 Sep 10 16:51 kibana-7.14.1-linux-x86_64.tar.gz
-rw-r--r--. 1 root root 363072947 Sep 9 14:45 logstash-7.14.1-linux-x86_64.tar.gz
-rw-r--r--. 1 root root 48808 Jun 11 23:05 rsyslog-kafka-8.24.0-57.el7_9.1.x86_64.rpm3.编写脚本
将以下内容拷贝到/home/elk/e.sh里面,并赋予权限
###
# @Author: hanxiaoshun
# @Date: 2021-09-08 15:57:13
# @LastEditTime: 2021-09-15 16:16:59
# @LastEditors: Please set LastEditors
# @Description: In User Settings Edit
# @FilePath: \5.5.0_elk\e.sh
###
echo 'enable udp port 514'
firewall-cmd --zone=public --add-port=5601/tcp --permanent
firewall-cmd --zone=public --add-port=514/udp --permanent
firewall-cmd --reload
firewall-cmd --list-ports
elk_home=/home/elk
res_home=$elk_home/res
echo 'install rsyslog rsyslog-kafka-------------'
# yum -y install rsyslog rsyslog-kafka
cd $res_home || exit
yum -y install rsyslog-kafka-8.24.0-57.el7_9.1.x86_64.rpm
systemctl start rsyslog
systemctl enable rsyslog
echo 'replace rsyslog.conf-----------'
mv /etc/rsyslog.conf /etc/rsyslog.a.conf
cp -rf $elk_home/rsyslog.b.conf /etc/rsyslog.conf
echo 'restart rsyslogd---------'
systemctl restart rsyslog
systemctl status rsyslog
echo 'edit kafka---------'
tar -zxvf kafka_2.13-2.8.0.tgz
sleep 10
kfk_home=$res_home/kafka_2.13-2.8.0
# ES具体怎么删除的暂时还不清楚,缓存每168个小时清空一次到1小时
echo 'edit log.retention.hours=168 to 1'
sed -i 's/log.retention.hours=168/log.retention.hours=1/g' $kfk_home/config/server.properties
echo 'start kafka zookeeper---------'
# nohup $kfk_home/bin/zookeeper-server-start.sh $kfk_home/config/zookeeper.properties 1> /dev/null 2>&1
$kfk_home/bin/zookeeper-server-start.sh -daemon $kfk_home/config/zookeeper.properties
echo 'start kafka server---------'
$kfk_home/bin/kafka-server-start.sh -daemon $kfk_home/config/server.properties
ps -ef|grep zookeeper
ps -ef|grep kafka
echo '-----set evn,but not setting-----'
# #ENV_PROFILE="/etc/profile"
# #echo $ENV_PROFILE "ulimit -n 999999"
# ENV_LIMITS_FILE="/etc/security/limits.conf"
# echo "* soft memlock unlimited" >> $ENV_LIMITS_FILE
# echo "* hard memlock unlimited" >> $ENV_LIMITS_FILE
# echo "* soft nofile 65536" >> $ENV_LIMITS_FILE
# echo "* hard nofile 131072" >> $ENV_LIMITS_FILE
# echo "* soft nproc 2048" >> $ENV_LIMITS_FILE
# echo "* hard nproc 4096" >> $ENV_LIMITS_FILE
# #ENV_SYCCTL="/etc/sysctl.conf"
# #echo "vm.max_map_count=655360" >> /etc/sysctl.conf
# ##关闭IP路由功能
# #echo "net.inet.ip.forwarding=0" >> /etc/sysctl.conf
# #echo 0 > /proc/sys/net/ipv4/ip_forward
# #命令设置vm.max_map_count=655360
# sysctl -w vm.max_map_count=262144
sysctl -w vm.max_map_count=655360
# #sysctl -w net.inet.ip.forwarding=0
# #sysctl -p
# more /proc/sys/vm/max_map_count
sysctl -a|grep vm.max_map_count
if [ -d "/var/log/elasticsearch" ]; then
echo "directory \"/var/log/elasticsearch\" exists"
else
mkdir /var/log/elasticsearch
fi
chmod -R 777 /var/log/elasticsearch
whoami
if [ -d "/var/lib/elasticsearch" ]; then
echo "directory \"/var/lib/elasticsearch\" exists"
else
mkdir /var/lib/elasticsearch
fi
chmod -R 777 /var/lib/elasticsearch
whoami
# 如果已经有了安装包,再次安装的时候,为了防止配置未知修改被覆盖,请手动进行备份再重置,若明确无改动则直接重置
time_f=$(date "+%Y-%m-%d_%H:%M:%S")
echo $time_f
# 更新elasticsearch.yml 信息,
FIND_FILE=$res_home"/elasticsearch-7.14.1/config/elasticsearch.yml"
name_bak=$elk_home"/elasticsearch.yml"_"$time_f"
if [ -f $FIND_FILE ];then
cp -rf $FIND_FILE $name_bak
fi
echo '-----edit logstash.conf------------'
cd $res_home || exit
tar -zxvf logstash-7.14.1-linux-x86_64.tar.gz
sleep 10
logstash_home=$res_home/logstash-7.14.1
echo '-----reset logstash jvm param--------------'
jvm=$logstash_home/config/jvm.options
sed -i 's/-Xms1g/-Xms2g/g' $jvm
sed -i 's/-Xmx1g/-Xmx2g/g' $jvm
echo '-----reset logstash init service conf---------'
cp -rf $elk_home/kfk2ES_360.conf $logstash_home/config
kfk2ES_360=$logstash_home/config/kfk2ES_360.conf
echo '-----start logstash server---------------'
$logstash_home/bin/logstash -f $kfk2ES_360 >/dev/null 2>&1 &
echo '-----check logstash status---------------'
ps -ef|grep logstash
echo '-----edit kibana.conf------------'
cd $res_home || exit
tar -zxvf kibana-7.14.1-linux-x86_64.tar.gz
sleep 10
kibana_home=$res_home/kibana-7.14.1-linux-x86_64
echo '-----reset kibana jvm param--------------'
kibana=$kibana_home/config/kibana.yml
# sed -i 's/-Xms1g/-Xms2g/g' $kibana
# sed -i 's/-Xmx1g/-Xmx2g/g' $kibana
# server.port: 5601
# server.host: "0.0.0.0"
# elasticsearch.hosts: ["http://localhost:9201"]
echo -e "server.port: 5601" >> $kibana
echo -e "server.host: "0.0.0.0"" >> $kibana
echo -e "elasticsearch.hosts: ["http://localhost:9201"]" >> $kibana
echo 'elasticsearch magic'
echo 'edit elasticsearch--------------'
# whoami
# # 如果已经有了安装包,再次安装的时候,为了防止配置未知修改被覆盖,请手动进行备份再重置,若明确无改动则直接重置
# time_f=$(date "+%Y-%m-%d_%H:%M:%S")
# echo $time_f
# # 更新elasticsearch.yml 信息,
# FIND_FILE="/home/elk/elasticsearch-7.14.1/config/elasticsearch.yml"
# name_bak="/home/elk/elasticsearch.yml"_"$time_f"
# if [ -f $FIND_FILE ];then
# cp -rf $FIND_FILE $name_bak
# fi
cd $res_home
tar -zxvf elasticsearch-7.14.1-linux-x86_64.tar.gz
sleep 10
es_home=$res_home/elasticsearch-7.14.1
es_yml=$es_home"/config/elasticsearch.yml"
# sed -i "2anode.name: node-1" $es_yml
# sed -i "3apath.data: /var/lib/elasticsearch" $es_yml
# sed -i "4apath.logs: /var/log/elasticsearch" $es_yml
# sed -i "5anetwork.host: 0.0.0.0" $es_yml
# sed -i "6ahttp.port: 9200" $es_yml
# sed -i "7acluster.initial_master_nodes: \"node-1\"" $es_yml
echo -e "node.name: node-1" >> $es_yml
echo -e "path.data: /var/lib/elasticsearch" >> $es_yml
echo -e "path.logs: /var/log/elasticsearch" >> $es_yml
echo -e "network.host: 0.0.0.0" >> $es_yml
echo -e "http.port: 9201" >> $es_yml
echo -e "cluster.initial_master_nodes: \"node-1\"" >> $es_yml
# ./es_diy_yml.sh
echo 'start elasticsearch-------------'
# $ELASTICSEARCH_HOME/bin/elasticsearch -Epath.conf=$ELASTICSEARCH_HOME/config -p /tmp/elasticsearch-.pid -d >/dev/null 2>&1 &
# $es_home/config/elasticsearch.yml
# nohup $es_home/bin/elasticsearch >/dev/null 2>&1 &
# su - elk -c "/home/elk/res/elasticsearch-7.14.1/bin/elasticsearch -d"
chmod -R 777 $es_home
mkdir -p /var/lib/elasticsearch
chmod -R 777 /var/lib/elasticsearch
mkdir -p /var/log/elasticsearch
chmod -R 777 /var/log/elasticsearch
su - elk -c $es_home"/bin/elasticsearch -d"
# $es_home/bin/elasticsearch -d
ps -ef|grep elasticsearch
##########################################################################################
echo "************************creat index***********************"
sleep 5
echo "************sleep finish***************************"
#su elasticsearch -c "curl -XPUT http://127.0.0.1:9201/_template/original -d '@template/original.json'"
cd $elk_home || exit
# curl -XPOST http://127.0.0.1:9201/_template/original -H 'Content-Type: application/json' -d '@template/index_pattern_360.json'
curl -XPOST http://127.0.0.1:9201/_template/original?include_type_name=true -H 'Content-Type: application/json' -d '@/home/elk/index_pattern_3607x.json'
curl -XPUT http://localhost:9201/original-`date --date='0 days ago' +%Y.%m.%d`
##########################################################################################
whoami
echo '------finish---------------'
一站式 AI 云服务平台
更多推荐
1
0- 0
已为社区贡献1条内容
所有评论(0)