两台机器都安装,因为之前安装了一台,这次直接配置即可在前面ELK5.5安装和配置这里介绍的是单机的安装,我们这次引入haproxy和基于x-pack,x-pack激活后面会介绍方式两台elasticsearch配置后会冗余,基于recovery机制:参考这里当elasticsearch出现故障会通过haproxy转到另外一台正常的elasticsearch中,从filebeat-->redis--->logstash--->elasticsearch--->haproxy---->kibana,如下图:
安装elasticsearch和x-pack
[root@linuxea-Node61 ~]# yum install -y jdk-8u131-linux-x64.rpm
[root@linuxea-Node61 ~]# yum install -y elasticsearch-5.5.1.rpm
[root@linuxea-Node61 ~]# /usr/share/elasticsearch/bin/elasticsearch-plugin install x-pack
-> Downloading x-pack from elastic
[=================================================] 100%
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: plugin requires additional permissions @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
* java.io.FilePermission \.pipe* read,write
* java.lang.RuntimePermission accessClassInPackage.com.sun.activation.registries
* java.lang.RuntimePermission getClassLoader
* java.lang.RuntimePermission setContextClassLoader
* java.lang.RuntimePermission setFactory
* java.security.SecurityPermission createPolicy.JavaPolicy
* java.security.SecurityPermission getPolicy
* java.security.SecurityPermission putProviderProperty.BC
* java.security.SecurityPermission setPolicy
* java.util.PropertyPermission * read,write
* java.util.PropertyPermission sun.nio.ch.bugLevel write
* javax.net.ssl.SSLPermission setHostnameVerifier
See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html
for descriptions of what these permissions allow and the associated risks.
Continue with installation? [y/N]y
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: plugin forks a native controller @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
This plugin launches a native controller that is not subject to the Java
security manager nor to system call filters.
Continue with installation? [y/N]y
-> Installed x-pack
[root@linuxea-Node61 ~]#
这里的用户和密码建议保持一致(如果是x-pack,则都需要安装x-pack)
[root@linuxea-Node61 ~]# curl -u elastic -XPUT '10.0.1.61:9200/_xpack/security/user/elastic/_password?pretty' -H 'Content-Type: application/json' -d'
{
"password": "linuxea"
}
'
Enter host password for user 'elastic':
node1
master配置文件:elasticsearch配置完成启动时有启动顺序的,先启动主,在启动副
[root@linuxea-Node49 ~]# cat /etc/elasticsearch/elasticsearch.yml
cluster.name: linuxea-app
node.name: master
path.data: /elk/data
path.logs: /elk/logs
bootstrap.system_call_filter: false
bootstrap.memory_lock: false
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
network.host: 10.0.1.49
http.port: 9200
node.master: true
node.data: true
discovery.zen.ping.unicast.hosts: ["10.0.1.49"]
[root@linuxea-Node49 ~/elk]# mkdir /elk/{logs,data} -p && chown elasticsearch.elasticsearch -R /elk/
node2
slave配置文件:
[root@linuxea-Node61 ~]# cat /etc/elasticsearch/elasticsearch.yml
cluster.name: linuxea-app
node.name: slave
path.data: /elk/data
path.logs: /elk/logs
bootstrap.system_call_filter: false
bootstrap.memory_lock: false
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
network.host: 10.0.1.61
http.port: 9200
node.master: true
node.data: true
discovery.zen.ping.unicast.hosts: ["10.0.1.49"]
[root@linuxea-Node61 ~/elk]# mkdir /elk/{logs,data} -p && chown elasticsearch.elasticsearch -R /elk/
启动顺序先启动node1,在启动node2,启动后会有日志抛出
安装haproxy
tcp层代理即可
defaults
mode tcp
log global
option dontlognull
option httpclose
option httplog
option forwardfor
option abortonclose
option redispatch
timeout connect 5000ms
timeout client 500000
timeout server 500000
maxconn 100000
retries 3
listen stats
mode http
bind *:1080
stats refresh 30s
stats uri /stats
stats realm Haproxy Manager
stats auth admin:admin
#stats hide-version
frontend frontend-web.com
bind *:2900
mode tcp
# option httplog
# log global
default_backend elk.linuxea.com
backend elk.linuxea.com
# option forwardfor header X-REALL-IP
# option httpchk HEAD / HTTP/1.0
balance roundrobin
server node1 10.0.1.61:9200 check inter 2000 rise 30 fall 15
server node2 10.0.1.49:9200 check inter 2000 rise 30 fall 15
kibana配置
kibana连接haproxy
[root@linuxea-Node49 /elk/data]# egrep -v "^$|^#" /etc/kibana/kibana.yml
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.url: "http://10.10.240.20:2900"
kibana.index: ".kibana"
elasticsearch.username: "elastic"
elasticsearch.password: "linuxea"
logging.dest: stdout
logging.silent: false
logging.quiet: false
尝试启动输入用户和密码即可进入登录完成查看下集群状态机器负载状态详细状态以及index等状态