在EC2上构建Elasticsearch环境
摘要
将Elasticsearch安装在AWS EC2实例上。
Elasticsearch的版本是8.5.3。
文献引用
Elasticsearch 官方指南:https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html
Logstash 官方参考资料:https://www.elastic.co/guide/en/logstash/current/index.html
Kibana 官方指南:https://www.elastic.co/guide/en/kibana/current/index.html
目錄
1. EC2实例SSH连接
2. 安装Amazon Corretto
3. 安装Logstash
4. 安装Elasticsearch
5. 安装Kibana
6. 浏览器确认
1. EC2实例的SSH连接
使用Tera Term在AWS EC2实例上进行SSH连接。
我們需要在啟動Tera Term之後,將EC2實例的IP地址指定給主機(T)。
2. 安装亚马逊Corretto
这次为了使用Elasticsearch和Logstash,需要Java 17。我们将安装Amazon Corretto 17,这是一个OpenJDK发行版。
切换为特权用户,并执行以下安装步骤。
sudo su -
Amazon Corretto 17的安装
yum install java-17-amazon-corretto
查看安装版本
java -version
只要在回应中提供以下版本信息就可以。
openjdk version "17.0.2" 2022-01-18 LTS
OpenJDK Runtime Environment Corretto-17.0.2.8.1 (build 17.0.2+8-LTS)
OpenJDK 64-Bit Server VM Corretto-17.0.2.8.1 (build 17.0.2+8-LTS, mixed mode, sharing)
3. 安装Logstash
请参考以下网址:https://www.elastic.co/guide/en/logstash/current/installing-logstash.html
弹性GPG密钥的导入(标准输出没有任何输出,但没有问题)
sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
在/etc/yum.repos.d/目录下创建一个名为“logstash.repo”的.repo文件,内容如下:
※通过enabled=1来激活仓库(可选)
在安装时不需要指定仓库。
vi /etc/yum.repos.d/logstash.repo
[logstash-8.x]
name=Elastic repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
安裝 Logstash
如果需要指定版本(版本 8.1.2)
yum install -y logstash-8.1.2
要安装最新版本的Logstash的话
yum install logstash
Logstash启动和自动启动配置
systemctl daemon-reload
systemctl enable logstash
响应
Created symlink from /etc/systemd/system/multi-user.target.wants/logstash.service to /etc/systemd/system/logstash.service.
systemctl start logstash
systemctl status logstash
如果状态的Active项目处于active(运行)状态,那就是OK。
● logstash.service - logstash
Loaded: loaded (/etc/systemd/system/logstash.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2021-12-17 01:35:57 UTC; 1min 19s ago
4. 安装Elasticsearch
请参考以下网址:https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
在/etc/yum.repos.d/目录下,以”elasticsearch.repo”为文件名,创建一个.repo文件,并按照以下内容填写。
vi /etc/yum.repos.d/elasticsearch.repo
在安装过程中,需要指定仓库并将其设置为禁用模式(可选)。
[elasticsearch]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=0
autorefresh=1
type=rpm-md
安装 Elasticsearch
sudo yum install --enablerepo=elasticsearch elasticsearch
部分回应:
从版本8.0开始,使用yum安装时,如下所示,
elastic(超级用户)的初始密码已设置。
在设置安全性时,请务必记下初始密码,因为在Vol.3中使用内置超级用户:XXXXXXXXX 初期密码。
--------------------------- Security autoconfiguration information ------------------------------
Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.
The generated password for the elastic built-in superuser is : Bn6r0mHRu23fBxeuvuVL <------初期パスワード!!
If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.
You can complete the following actions at any time:
Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.
Generate an enrollment token for Kibana instances with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.
Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.
编辑jvm.options文件
vi /etc/elasticsearch/jvm.options
在堆大小的注释之后添加两行
################################################################
## IMPORTANT: JVM heap size
################################################################
##
## The heap size is automatically configured by Elasticsearch
## based on the available memory in your system and the roles
## each node is configured to fulfill. If specifying heap is
## required, it should be done through a file in jvm.options.d,
## and the min and max should be set to the same value. For
## example, to set the heap to 4 GB, create a new file in the
## jvm.options.d directory containing these lines:
##
## -Xms4g
## -Xmx4g
##
## See https://www.elastic.co/guide/en/elasticsearch/reference/7.15/heap-size.html
## for more information
##
################################################################
-Xms1g
-Xmx1g
设置elasticsearch.yml文件中的discovery.type参数。
vi /etc/elasticsearch/elasticsearch.yml
#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 01-01-2023 13:37:00
#
# --------------------------------------------------------------------------------
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
#cluster.initial_master_nodes: ["ip-172-31-21-144.ap-northeast-1.compute.internal"]
discovery.type: single-node <------------◆◆追記◆◆
# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0
# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
#transport.host: 0.0.0.0
#----------------------- END SECURITY AUTO CONFIGURATION -------------------------
Elasticsearch的启动和自动启动设置。
systemctl daemon-reload
systemctl enable elasticsearch
systemctl start elasticsearch
systemctl status elasticsearch
5. 安装Kibana
参考链接:https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
请参考该网址获取更多信息:https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
在/etc/yum.repos.d/目录下创建一个名为”kibana.repo”的文件,文件内容如下:
vi /etc/yum.repos.d/kibana.repo
※设为1以启用存储库(可选)
在安装时无需指定仓库。
[kibana-8.x]
name=Kibana repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
安装 Kibana
yum install kibana
编辑 kibana.yml
vi /etc/kibana/kibana.yml
# For more configuration options see the configuration guide for Kibana in
# https://www.elastic.co/guide/index.html
# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"
# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""
# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# Defaults to `false`.
#server.rewriteBasePath: false
# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
server.publicBaseUrl: "http://localhost:5601"
# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576
# The Kibana server's name. This is used for display purposes.
#server.name: "your-hostname"
# =================== System: Kibana Server (Optional) ===================
# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key
# =================== System: Elasticsearch ===================
# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["http://localhost:9200"]
kibana.yml的修改总结
server.port: 5601
server.host: "0.0.0.0"
server.publicBaseUrl: "http://localhost:5601"
elasticsearch.hosts: ["http://localhost:9200"]
启动Kibana和自动启动设置
systemctl daemon-reload
systemctl enable kibana
systemctl start kibana
systemctl status kibana
6. 浏览器确认
