一、環境
系統 CentOS6.4x64最小化安裝
elk-search1 192.168.3.71
elk-search2 192.168.3.72
二、安裝jdk
[root@elk-search1 ~]# ll |grep tar.gz -rw-r--r-- 1 root root 28478292 Mar 17 15:36 elasticsearch-1.7.2.tar.gz -rw-r--r-- 1 root root 173271626 Mar 17 15:39 jdk-8u45-linux-x64.tar.gz -rw-r--r-- 1 root root 10675082 Mar 17 15:39 kibana-4.1.0-linux-x64.tar.gz -rw-r--r-- 1 root root 89853616 Mar 17 15:40 logstash-1.5.5.tar.gz #解壓安裝包 [root@elk-search1 ~]# tar xf jdk-8u45-linux-x64.tar.gz [root@elk-search1 ~]# cp -r jdk1.8.0_45 /usr/local/ [root@elk-search1 ~]# cat /etc/profile.d/java.sh JAVA_HOME=/usr/local/jdk1.8.0_45 JAVA_BIN=/usr/local/jdk1.8.0_45/bin JRE_HOME=/usr/local/jdk1.8.0_45/jre PATH=$PATH:/usr/local/jdk1.8.0_45/bin:/usr/local/jdk1.8.0_45/jre/bin CLASSPATH=/usr/local/jdk1.8.0_45/jre/lib:/usr/local/jdk1.8.0_45/lib:/usr/local/jdk1.8.0_45/jre/lib/charsets.jar #讓環境變量生效 [root@elk-search1 ~]# source /etc/profile.d/java.sh #測試結果 [root@elk-search1 ~]# java -version java version "1.8.0_45" Java(TM) SE Runtime Environment (build 1.8.0_45-b14) Java HotSpot(TM) 64-Bit Server VM (build 25.45-b02, mixed mode)
三、安裝Elasticsearch
[root@elk-search1 ~]# pwd
/root
[root@elk-search1 ~]# ll |grep search
-rw-r--r-- 1 root root 28478292 Mar 17 15:36 elasticsearch-1.7.2.tar.gz
[root@elk-search1 ~]# tar xf elasticsearch-1.7.2.tar.gz -C /usr/local/
#目錄結構
[root@elk-search1 ~]# cd /usr/local/elasticsearch-1.7.2/
[root@elk-search1 elasticsearch-1.7.2]# ll
total 40
drwxr-xr-x 2 root root 4096 Mar 17 15:51 bin
drwxr-xr-x 2 root root 4096 Mar 17 15:51 config
drwxr-xr-x 3 root root 4096 Mar 17 15:51 lib
-rw-rw-r-- 1 root root 11358 Sep 14 2015 LICENSE.txt
-rw-rw-r-- 1 root root 150 Sep 14 2015 NOTICE.txt
-rw-rw-r-- 1 root root 8700 Sep 14 2015 README.textile
[root@elk-search1 elasticsearch-1.7.2]# egrep -v '^#|^$' config/elasticsearch.yml
#修改集羣名稱
cluster.name: ELK-search
#修改節點名稱
node.name: "elk-search1"
#啓動Elasticsearch服務
#以後臺啓動的方式啓動Elasticsearch
[root@elk-search1 elasticsearch-1.7.2]# /usr/local/elasticsearch-1.7.2/bin/elasticsearch -d
[root@elk-search1 elasticsearch-1.7.2]# netstat -tunlp |grep 9200
tcp 0 0 :::9200 :::* LISTEN 1239/java
#檢查結果
[root@elk-search1 ~]# curl http://192.168.3.71:9200
{
"status" : 200,
"name" : "elk-search1", #自定義的節點名稱
"cluster_name" : "ELK-search", #自定義的集羣名稱
"version" : {
"number" : "1.7.2",
"build_hash" : "e43676b1385b8125d647f593f7202acbd816e8ec",
"build_timestamp" : "2015-09-14T09:49:53Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
}四、將Elasticsearch配置成系統啓動服務
[root@elk-search1 ~]# curl -L http://github.com/elasticsearch/elasticsearch-servicewrapper/tarball/master | tar -xz
[root@elk-search1 ~]# mv *servicewrapp*/service /usr/local/elasticsearch-1.7.2/bin/
[root@elk-search1 ~]# /usr/local/elasticsearch-1.7.2/bin/service/elasticsearch install
#測試啓動腳本
[root@elk-search1 ~]# ll /etc/init.d/elasticsearch
lrwxrwxrwx 1 root root 56 Mar 17 16:10 /etc/init.d/elasticsearch -> /usr/local/elasticsearch-1.7.2/bin/service/elasticsearch
[root@elk-search1 ~]# netstat -tunlp |grep 9200
tcp 0 0 :::9200 :::* LISTEN 1239/java
#關閉elasticsearch服務,直接用kill命令殺掉進程
[root@elk-search1 ~]# netstat -tunlp |grep 9200
[root@elk-search1 ~]# ps aux |grep elas |grep -v grep
#使用系統服務啓動腳本的start方法啓動Elasticsearch
[root@elk-search1 ~]# /etc/init.d/elasticsearch start
Starting Elasticsearch...
Waiting for Elasticsearch......
running: PID:2490
[root@elk-search1 ~]# netstat -tunlp |grep 9200
tcp 0 0 :::9200 :::* LISTEN 2492/java
[root@elk-search1 ~]# curl http://192.168.3.71:9200
{
"status" : 200,
"name" : "elk-search1",
"cluster_name" : "ELK-search",
"version" : {
"number" : "1.7.2",
"build_hash" : "e43676b1385b8125d647f593f7202acbd816e8ec",
"build_timestamp" : "2015-09-14T09:49:53Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
}
#使用stop方法停止Elasticsearch服務
[root@elk-search1 ~]# /etc/init.d/elasticsearch stop
Stopping Elasticsearch...
Stopped Elasticsearch.
[root@elk-search1 ~]# netstat -tunlp |grep 9200 |grep -v grep
#使用restart方法重啓Elaeticsearch服務
[root@elk-search1 ~]# /etc/init.d/elasticsearch restart
Stopping Elasticsearch...
Elasticsearch was not running.
Starting Elasticsearch...
Waiting for Elasticsearch......
running: PID:2757
[root@elk-search1 ~]# netstat -tunlp |grep 9200
tcp 0 0 :::9200 :::* LISTEN 2759/java
[root@elk-search1 ~]# curl http://192.168.3.71:9200
{
"status" : 200,
"name" : "elk-search1",
"cluster_name" : "ELK-search",
"version" : {
"number" : "1.7.2",
"build_hash" : "e43676b1385b8125d647f593f7202acbd816e8ec",
"build_timestamp" : "2015-09-14T09:49:53Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
}五、安裝head插件
[root@elk-search1 ~]# /usr/local/elasticsearch-1.7.2/bin/plugin -install mobz/elasticsearch-head #查看結果 [root@elk-search1 ~]# ll /usr/local/elasticsearch-1.7.2/plugins/ total 4 drwxr-xr-x 5 root root 4096 Mar 17 16:34 head
在瀏覽器查看結果,訪問地址http://192.168.3.71:9200/_plugin/head/
六、安裝bigdesk插件
[root@elk-search1 ~]# /usr/local/elasticsearch-1.7.2/bin/plugin -install lukas-vlcek/bigdesk #查看結果 [root@elk-search1 ~]# ll /usr/local/elasticsearch-1.7.2/plugins/ total 8 drwxr-xr-x 3 root root 4096 Mar 17 16:39 bigdesk drwxr-xr-x 5 root root 4096 Mar 17 16:34 head
瀏覽器查看結果,訪問地址http://192.168.3.71:9200/_plugin/bigdesk
七、安裝marvel插件
[root@elk-search1 ~]# /usr/local/elasticsearch-1.7.2/bin/plugin -install elasticsearch/marvel/latest [root@elk-search1 ~]# ll /usr/local/elasticsearch-1.7.2/plugins/ total 12 drwxr-xr-x 3 root root 4096 Mar 17 16:39 bigdesk drwxr-xr-x 5 root root 4096 Mar 17 16:34 head drwxr-xr-x 3 root root 4096 Mar 18 10:21 marvel
在瀏覽器查看結果,訪問地址是http://192.168.3.71:9200/_plugin/marvel
