ELK 6.3.2 安装
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.4.0.rpmtar xvf jdk-8u172-linux-x64.tar.gz-C /usr/local/
cat/etc/profile.d/java.sh
JAVA_HOME=/usr/local/jdk1.8.0_172
PATH=$JAVA_HOME/bin:$PATH
. /etc/profile.d/java.sh
echo $PATH
java -version
javac -version
@timestemp是logstash产生的,而不是beats产生的
can not run elasticsearch as root
useradd elasticsearch
su - elasticsearch
/data/software/elasticsearch-6.3.2/bin/elasticsearch
chown elasticsearch.elasticsearch /data/software/elasticsearch-6.3.2/ -R
chown elasticsearch.elasticsearch /data/elasticsearch/ -R
vim /etc/security/limits.conf
End of file
elasticsearch hard nofile 65536
elasticsearch soft nofile 65536
[*]soft memlock unlimited # 用supervisor启动,必须设置为*,否则内存无法lock
[*]hard memlock unlimited # 用supervisor启动,必须设置为*,否则内存无法lock
test
elasticsearch soft nproc 65535
elasticsearchhard nproc 65535
vi /etc/sysctl.conf
vm.max_map_count=655360
sysctl -p
$ /data/software/elasticsearch-6.3.2/bin/elasticsearch
initializing ...
using data paths, mounts [[/ (rootfs)]], net usable_space , net total_space , types
heap size , compressed ordinary object pointers
node name , node ID
version, pid, build, OS, JVM
JVM arguments [-Xms1g, -Xmx1g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.io.tmpdir=/tmp/elasticsearch.MS2IhAKM, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -XX:+PrintGCDetails, -XX:+PrintGCDateStamps, -XX:+PrintTenuringDistribution, -XX:+PrintGCApplicationStoppedTime, -Xloggc:logs/gc.log, -XX:+UseGCLogFileRotation, -XX:NumberOfGCLogFiles=32, -XX:GCLogFileSize=64m, -Des.path.home=/data/software/elasticsearch-6.3.2, -Des.path.conf=/data/software/elasticsearch-6.3.2/config, -Des.distribution.flavor=default, -Des.distribution.type=zip]
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
loaded module
no plugins loaded
parsed roles from file
controller (64 bit): Version 6.3.2 (Build 903094f295d249) Copyright (c) 2018 Elasticsearch BV
Using REST wrapper from plugin org.elasticsearch.xpack.security.Security
using discovery type
initialized
starting ...
publish_address {192.168.56.71:9300}, bound_addresses {192.168.56.71:9300}
bound or publishing to a non-loopback address, enforcing bootstrap checks
zen-disco-elected-as-master ( nodes joined)[, ], reason: new_master {ip-192-168-56-71}{G1HgmzYsQuq3p3QzwC9OeQ}{XKaq507xRPiusakhR795pw}{192.168.56.71}{192.168.56.71:9300}{ml.machine_memory=1929408512, xpack.installed=true, ml.max_open_jobs=20, ml.enabled=true}
new_master {ip-192-168-56-71}{G1HgmzYsQuq3p3QzwC9OeQ}{XKaq507xRPiusakhR795pw}{192.168.56.71}{192.168.56.71:9300}{ml.machine_memory=1929408512, xpack.installed=true, ml.max_open_jobs=20, ml.enabled=true}, reason: apply cluster state (from master source nodes joined)[, ]]])
publish_address {192.168.56.71:9200}, bound_addresses {192.168.56.71:9200}
started
Failed to clear cache for realms [[]]
license mode - valid
recovered indices into cluster_state
unzip setuptools-38.5.1.zip
python setup.pyinstall
easy_install pip
pip install supervisor
mkdir /etc/supervisor/conf.d/ -p
vim/etc/supervisor/supervisord.conf
file=/var/run/supervisor.sock ; (the path to the socket file)
chmod=0700 ; sockef file mode (default 0700)
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP)
logfile_maxbytes=500MB
logfile_backups=10
loglevel=info ; (log level;default info; others: debug,warn,trace)
nodaemon=false ; (start in foreground if true;default false)
minfds=655350 ; (min. avail startup file descriptors;default 1024)
minprocs=65535 ; (min. avail process descriptors;default 200)
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
serverurl=unix:///var/run/supervisor.sock ; use a unix:// URLfor a unix socket
files = /etc/supervisor/conf.d/*.conf
mkdir /var/log/supervisor/
mkdir /data/supervisord/logs -p
supervisord-c /etc/supervisor/supervisord.conf
supervisorctl-c /etc/supervisor/supervisord.conf shutdown
directory = /data/software/elasticsearch-6.3.2
command = /data/software/elasticsearch-6.3.2/bin/elasticsearch
autostart = true
startsecs = 10
autorestart = true
startretries = 3
user = elasticsearch
stdout_logfile_maxbytes = 4096MB
stdout_logfile_backups = 10
stdout_logfile = /data/supervisord/logs/elasticsearch.log
redirect_stderr=true
如果用supervisor启动,需要重启操作系统,不然会一直报无法锁住内存
页:
[1]