ELK之Elasticsearch2.2安装(1)

ELK Stack通常情况下：1，开发人员是不能登录线上服务器查看日志信息2，各个系统的日志繁多，日志数据分散难以查找3，日志数据量较大，查询速度慢，数据不够实时性4，一个调用会涉及到多个系统，难以在这些系统中快速定位数据

elk stack = elastic search + logstash + kibana这里的redis，松耦合，任何数据写入到redis都可以

elasticsearch配置：

1，首先需要配置好jdk配置好环境变量
[root@nginx-proxy2 local]# rpm -ivh jdk-8u73-linux-x64.rpm 
Preparing...                ########################################### [100%]
   1:jdk1.8.0_73            ########################################### [100%]
Unpacking JAR files...
    tools.jar...
    plugin.jar...
    javaws.jar...
    deploy.jar...
    rt.jar...
    jsse.jar...
    charsets.jar...
    localedata.jar...
    jfxrt.jar...
[root@nginx-proxy2 local]# cat /etc/profile.d/java.sh 
export JAVA_HOME=/usr/java/latest
export PATH=$JAVA_HOME/bin/:$PATH
[root@nginx-proxy2 local]# source /etc/profile.d/java.sh 
[root@nginx-proxy2 local]#  java -version
java version "1.8.0_73"
Java(TM) SE Runtime Environment (build 1.8.0_73-b02)
Java HotSpot(TM) 64-Bit Server VM (build 25.73-b02, mixed mode)
[root@nginx-proxy2 local]# 

elasticsearch安装：安装参考：https://www.elastic.co/guide/en/elasticsearch/reference/current/setup.html#setup-installation

[root@nginx-proxy2 local]# wget https://download.elasticsearch.org/elasticsearch/release/org/elasticsearch/distribution/tar/elasticsearch/2.2.0/elasticsearch-2.2.0.tar.gz
[root@nginx-proxy2 local]# tar xf elasticsearch-2.2.0.tar.gz 
[root@nginx-proxy2 local]# ln -sv elasticsearch-2.2.0 elasticsearch
`elasticsearch' -> `elasticsearch-2.2.0'
[root@nginx-proxy2 local]# 

配置文件

cluster.name: node1
node.name: "linux-node1"
node.master: true 这个节点是否被选举为master节点
node.data: true  这个节点是否存储数据
index.number_of_shards: 5 索引分片为5个
index.number_of_replicas:1 分片的副本默认为1
path.data: /usr/local/elasticsearch/data 数据文件位置，使用逗号，可以配置多个
path.conf: /usr/local/elasticsearch/conf 配置文件位置
path.work: /usr/local/elasticsearch/work  临时文件目录
path.logs: /usr/local/elasticsearch/conf/logs 日志文件目录
path.plugins: /usr/local/elasticsearch/plugins 插件目录，大多数js程序
bootstrap.mlockall: true  swap效率较低，锁住内存效率提高

2.0之前的修改

[root@nginx-proxy2 config]# grep "^[a-z]" elasticsearch.yml 
cluster.name: node1
node.name: "linux-node1"
node.master: true
node.data: true
index.number_of_shards: 5
index.number_of_replicas:1
path.data: /usr/local/elasticsearch/data
path.conf: /usr/local/elasticsearch/conf
path.work: /usr/local/elasticsearch/work
path.logs: /usr/local/elasticsearch/logs
path.plugins: /usr/local/elasticsearch/plugins
bootstrap.mlockall: true
[root@nginx-proxy2 config]# mkdir /usr/local/elasticsearch/conf -p
[root@nginx-proxy2 config]# mkdir /usr/local/elasticsearch/logs -p
[root@nginx-proxy2 config]# mkdir /usr/local/elasticsearch/work -p
[root@nginx-proxy2 config]# mkdir /usr/local/elasticsearch/data -p

我只修改了如下：

cluster.name: my-linuxea
node.name: "linuxea"

curl测试

[mark@nginx-proxy2 elasticsearch]# su mark
[mark@nginx-proxy2 elasticsearch]$ bin/elasticsearch -d
[root@nginx-proxy2 ~]# curl 127.0.0.1:9200
{
  "name" : "linuxea",
  "cluster_name" : "my-linuxea",
  "version" : {
    "number" : "2.2.0",
    "build_hash" : "8ff36d139e16f8720f2947ef62c8167a888992fe",
    "build_timestamp" : "2016-01-27T13:32:39Z",
    "build_snapshot" : false,
    "lucene_version" : "5.4.1"
  },
  "tagline" : "You Know, for Search"
}
[root@nginx-proxy2 ~]# 
关闭掉

[root@nginx-proxy2 ~]# jps
3515 Elasticsearch
3564 Jps
[root@nginx-proxy2 ~]# kill 3515

去gitlab官网下载服务启动脚本：

[root@nginx-proxy2 ~]# git clone https://github.com/elastic/elasticsearch-servicewrapper.git
Initialized empty Git repository in /root/elasticsearch-servicewrapper/.git/
remote: Counting objects: 184, done.
remote: Total 184 (delta 0), reused 0 (delta 0), pack-reused 184
Receiving objects: 100% (184/184), 4.55 MiB | 245 KiB/s, done.
Resolving deltas: 100% (53/53), done.
[root@nginx-proxy2 ~]# mv elasticsearch-servicewrapper/service/ /usr/local/elasticsearch/bin/
[root@nginx-proxy2 ~]# /usr/local/elasticsearch/bin/service/elasticsearch
Usage: /usr/local/elasticsearch/bin/service/elasticsearch [ console | start | stop | restart | condrestart | status | install | remove | dump ]

Commands:
  console      Launch in the current console.
  start        Start in the background as a daemon process.
  stop         Stop if running as a daemon or in another console.
  restart      Stop if running and then start.
  condrestart  Restart only if already running.
  status       Query the current status.
  install      Install to start automatically when system boots.
  remove       Uninstall.
  dump         Request a Java thread dump if running.

[root@nginx-proxy2 ~]# .
安装即可
[root@nginx-proxy2 ~]# /usr/local/elasticsearch/bin/service/elasticsearch install
Detected RHEL or Fedora:
Installing the Elasticsearch daemon..
[root@nginx-proxy2 ~]# ls /etc/init.d/elasticsearch 
/etc/init.d/elasticsearch
[root@nginx-proxy2 ~]# chkconfig --list |grep ela
elasticsearch      0:off    1:off    2:on    3:on    4:on    5:on    6:off
[root@nginx-proxy2 ~]# 

很遗憾，还不支持。gitlab上Clinton Gormley并没有为2.2更新，所有这个还是无法启动的。