Elasticsearch和Logstash的安装_ealsticsearch +logstah 环境安装-优快云博客

本文链接：https://blog.youkuaiyun.com/zheyuan_xing/article/details/91965675

Elasticsearch 和 Logstash 的安装与配置

Elasticsearch 安装与配置

安装Elasticsearch

https://www.elastic.co/guide/en/elasticsearch/reference/current/install-elasticsearch.html

这是官方网址，有安装说明。在centos中，可以通过tar包安装，也可以通过RPM来安装。我这里选择通过RPM来安装Elasticsearch：
```
curl https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.1.1-x86_64.rpm -o elasticsearch-7.1.1-x86_64.rpm
yum localinstall elasticsearch-7.1.1-x86_64.rpm
```

配置Elasticsearch

修改配置文件**/etc/elasticsearch/elasticsearch.yml**：

 ...
 51 # ---------------------------------- Network -----------------------------------
 52 #
 53 # Set the bind address to a specific IP (IPv4 or IPv6):
 54 #
 55 network.host: 172.16.10.121  # elasticsearch的ip host
 56 #
 57 # Set a custom port for HTTP:
 58 #
 59 http.port: 9200  # 设置elastic的端口号
 60 #
 61 # For more information, consult the network module documentation.
 62 #
 63 # --------------------------------- Discovery ----------------------------------
 64 #
 65 # Pass an initial list of hosts to perform discovery when this node is started:
 66 # The default list of hosts is ["127.0.0.1", "[::1]"]
 67 #
 68 #discovery.seed_hosts: ["host1", "host2"]
 69 #
 70 # Bootstrap the cluster using an initial set of master-eligible nodes:
 71 #
 72 cluster.initial_master_nodes: ["node-1"]
 73 #
 74 # For more information, consult the discovery and cluster formation module documentation.
 ...

启动Elasticsearch

chkconfig --add elasticsearch
service elasticsearch start

Elasticsearch是否启动不能通过service elasticsearch status来判断，应该使用**curl -XGET “172.16.10.121：9200”**来判断，如果启动成功，GET获取的信息如下所示：

{
  "name" : "xzy1.novalocal",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "UoYwxC4TSK-npOGu8vjLkw",
  "version" : {
    "number" : "7.1.1",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "7a013de",
    "build_date" : "2019-05-23T14:04:00.380842Z",
    "build_snapshot" : false,
    "lucene_version" : "8.0.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

Elasticsearch启动需要一定的时间，如果长时间还没有启动，可以通过查看日志来获取错误信息，日志文件位于**/var/log/elasticsearch/elasticsearch.log**

如果在配置文件中没有配置cluster.initial_master_nodes，会产生以下错误信息：

[2019-06-09T21:25:26,580][WARN ][o.e.b.BootstrapChecks    ] [xzy1.novalocal] the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured
[2019-06-09T21:25:26,610][INFO ][o.e.c.c.ClusterBootstrapService] [xzy1.novalocal] no discovery configuration found, will perform best-effort cluster bootstrapping after [3s] unless existing master is discovered

Logstash 的安装与配置

安装Logstash

curl https://artifacts.elastic.co/downloads/logstash/logstash-7.1.1.rpm -o logstash-7.1.1.rpm
yum localinstall logstash-7.1.1.rpm

配置Logstash

在**/etc/logstash文件夹下添加traf-logstash.conf**文件，内容如下：

input {
    beats {
        port => "5044"
    }
}
# The filter part of this file is commented out to indicate that it is
# optional.
#filter {
#}
output {
    elasticsearch {
        hosts => [ "172.16.10.121:9200" ]
        index => "trafodion_logs-%{+YYYY.MM.dd}"
    }
}

启动Logstash
```
/usr/share/logstash/bin/logstash -f /etc/logstash/traf-logstash.conf --config.reload.automatic
```
–config.reload.automatic的作用是当修改了logstash的配置后，不需要重启logstash服务，自动加载