怎样安装Elastic&Kibana

2020年1月17日 | 分类: 【技术】

【安装:环境】

参考:https://cn.linux-console.net/?p=29534

环境:Ubuntu 24.04

sudo apt-get install build-essential make libtool libtool-bin m4 autoconf automake libtool git aptitude htop dos2unix bzip2 libbz2-dev zip unzip build-essential g++ libicu-dev zlib1g-dev -y
sudo apt-get update -y && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y

安装Java:

由于Elasticsearch是基于Java的,因此需要在服务器上安装 Java JDK:

apt install default-jdk -y

查询 Java 版本:

java --version

输出:

openjdk 21.0.6 2025-01-21
OpenJDK Runtime Environment (build 21.0.6+7-Ubuntu-124.04.1)
OpenJDK 64-Bit Server VM (build 21.0.6+7-Ubuntu-124.04.1, mixed mode, sharing)

【安装:Elasticsearch】

添加 Elasticsearch 存储库:

安装所需的依赖项:

apt install curl wget gnupg2 wget -y

添加 Elasticsearch GPG 密钥:

curl -fsSL https://artifacts.elastic.co/GPG-KEY-elasticsearch | gpg --dearmor -o /usr/share/keyrings/elastic.gpg

将 Elasticsearch 存储库添加到 APT:

echo "deb [signed-by=/usr/share/keyrings/elastic.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-7.x.list

更新存储库的缓存:

apt update -y

安装 Elasticsearch 包:

apt install elasticsearch -y

编辑:/etc/elasticsearch/elasticsearch.yml

network.host: localhost
xpack.security.enabled: false

注册 Elasticsearch 服务:

systemctl enable elasticsearch

启动 Elasticsearch 服务:

systemctl start elasticsearch

检查 Elasticsearch 的状态:

systemctl status elasticsearch

输出:

● elasticsearch.service - Elasticsearch
     Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; preset: enabled)
     Active: active (running) since Fri 2025-03-28 09:50:40 UTC; 12s ago

验证 Elasticsearch 安装:

curl -X GET 'http://localhost:9200'

输出:

{
  "name" : "vultr",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "MKsQXeSyQRKzDY2anzmRJQ",
  "version" : {
    "number" : "7.17.28",
    "build_flavor" : "default",
    "build_type" : "deb",
    "build_hash" : "139cb5a961d8de68b8e02c45cc47f5289a3623af",
    "build_date" : "2025-02-20T09:05:31.349013687Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.3",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

【使用 Elasticsearch】

使用curl 命令创建、读取、更新和删除数据。

要将条目添加到 Elasticsearch:

curl -XPOST -H "Content-Type: application/json" 'http://localhost:9200/tutorial/helloworld/1' -d '{ "message": "Hello World!" }'

输出:

{"_index":"tutorial","_type":"helloworld","_id":"1","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":1}

检索添加的条目:

curl -X GET -H "Content-Type: application/json" 'http://localhost:9200/tutorial/helloworld/1'

输出:

{"_index":"tutorial","_type":"helloworld","_id":"1","_version":1,"_seq_no":0,"_primary_term":1,"found":true,"_source":{ "message": "Hello World!" }}

要修改现有条目,使用 put 命令:

curl -X PUT -H "Content-Type: application/json" 'localhost:9200/tutorial/helloworld/1?pretty' -d ' { "message": "Hello, People!" }'

输出:

{
  "_index" : "tutorial",
  "_type" : "helloworld",
  "_id" : "1",
  "_version" : 2,
  "result" : "updated",
  "_shards" : {
    "total" : 2,
    "successful" : 1,
    "failed" : 0
  },
  "_seq_no" : 1,
  "_primary_term" : 1
}

以更易读的格式检索添加的条目:

curl -X GET -H "Content-Type: application/json" 'http://localhost:9200/tutorial/helloworld/1?pretty'

输出:

{
  "_index" : "tutorial",
  "_type" : "helloworld",
  "_id" : "1",
  "_version" : 2,
  "_seq_no" : 1,
  "_primary_term" : 1,
  "found" : true,
  "_source" : {
    "message" : "Hello, People!"
  }
}

【安装:Kibana】

参考:https://zhuanlan.zhihu.com/p/336560713

安装 kibana 。

sudo apt install kibana

注册 Kibana 服务:

sudo systemctl enable kibana

启动 Kibana 服务:

sudo systemctl start kibana

查看 Kibana 服务状态:

sudo systemctl status kibana

如果在本机跑 ES 和 Kibana 的话,那么可以直接检查

http://localhost:5601

如果需要外部端口访问:

sudo ufw allow 5601/tcp && sudo ufw reload

编辑:/etc/kibana/kibana.yml

server.port: 5601
server.host: "localhost" 
server.publicBaseUrl: "http://localhost:5601"
i18n.locale: "zh-CN"

源码存储位置:/usr/share/kibana
语言文件位置:/usr/share/kibana/x-pack/plugins/translations/translations/zh-CN.json

【安装:Nginx】

apt-get install libpcre3 libpcre3-dev -y
cd /root && wget http://nginx.org/download/nginx-1.27.4.tar.gz && tar zxf nginx-1.27.4.tar.gz
cd /root/nginx-1.27.4 && wget https://github.com/openssl/openssl/releases/download/openssl-3.0.13/openssl-3.0.13.tar.gz && tar zxvf openssl-3.0.13.tar.gz
cd /root/nginx-1.27.4 && ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-http_v2_module  --with-openssl=./openssl-3.0.13
make
make install

添加端口:

sudo ufw allow 80 && sudo ufw allow 443 && sudo ufw reload
[shell]

增加权限:

[shell]
chown -R nginx:nginx /usr/local/nginx/html

设置开机启动:

在系统服务目录里创建文件:/lib/systemd/system/nginx.service

[Unit]
Description=nginx
After=network.target
   
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true
  
[Install]
WantedBy=multi-user.target

注册 Nginx 服务:

systemctl enable nginx.service

启动 Nginx 服务:

systemctl start nginx.service

查看 Nginx 服务状态:

systemctl status nginx.service

重新启动服务

systemctl restart nginx.service

查看所有已启动的服务

systemctl list-units --type=service

配置 SSL 证书:

参考:https://amon.org/certbot-cloudflare

sudo snap install certbot-dns-cloudflare && sudo apt-get install python3-certbot-dns-cloudflare && sudo apt-get install certbot

在需要运行Certbot的主机上创建一个文件:/etc/letsencrypt/certbot-dns-cloudflare.ini

dns_cloudflare_api_token = _yourToken_

签发证书:

certbot certonly --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/certbot-dns-cloudflare.ini -d catch.chat -d *.catch.chat

【配置:Nginx 代理 Kibana】

配置文件:/usr/local/nginx/conf/nginx.conf

user nginx;
worker_processes 1;
pid logs/nginx.pid;

events {
	worker_connections 1024;
	}

http {
	include mime.types;
	default_type  application/octet-stream;
	charset utf-8;
	sendfile on;
	server_tokens off;
	keepalive_timeout 65;
	client_max_body_size 20m;

	# Enable Gzip compression
	gzip on;
	gzip_comp_level 5;
	gzip_min_length 256;
	gzip_types
	    application/atom+xml
	    application/javascript
	    application/json
	    application/rss+xml
	    application/vnd.ms-fontobject
	    application/x-font-ttf
	    application/x-font-opentype
	    application/x-font-truetype
	    application/x-javascript
	    application/x-web-app-manifest+json
	    application/xhtml+xml
	    application/xml
	    font/eot
	    font/opentype
	    font/otf
	    image/svg+xml
	    image/x-icon
	    image/vnd.microsoft.icon
	    text/css
	    text/plain
	    text/javascript
	    text/x-component;
	gzip_disable "MSIE [1-6]\.(?!.*SV1)";

	server	{
		listen 80;
		listen 443 ssl;
		server_name data.catch.chat;

		ssl_certificate /etc/letsencrypt/live/catch.chat/fullchain.pem;
		ssl_certificate_key /etc/letsencrypt/live/catch.chat/privkey.pem;
		ssl_session_timeout 5m;
		ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
		ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
		ssl_prefer_server_ciphers on;

		location / {
			proxy_pass http://localhost:5601;
			proxy_set_header Host $host:$server_port;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			rewrite ^/(.*)$ /$1 break;
		}

		error_page 404 403 401 402 500 502 503 504 /50x.html;
		location = /50x.html {
			root /usr/local/nginx/html;
			}

		}

}

重启服务器。

在浏览器中输入:https://data.catch.chat

输出:正常访问 Kibana。

报错:Elastic did not load properly. Check the server output for more information.

刷新后,恢复正常。

Configuration missing
server.publicBaseUrl is missing and should be configured when running in a production environment. Some features may not behave correctly.
https://www.elastic.co/guide/en/kibana/7.17/settings.html#server-publicBaseUrl

参考:https://gitee.com/zhengqingya/docker-compose/pulls/1
参考:https://blog.csdn.net/qq_29752857/article/details/141183445

server.publicBaseUrl: “http://localhost:5601

【访问认证】

参考:https://www.cnblogs.com/caoweixiong/p/14874997.html

【应用:怎样使用???】

【前端:Search-UI】

参考:https://github.com/elastic/search-ui
参考:https://github.com/ProjectOpenSea/search-ui

演示:https://search-ui-stable.netlify.com/?size=n_20_n

应用:https://opensea.io
介绍:https://www.jianshu.com/p/644b9cc3d7d6
采访:http://www.sohu.com/a/366597208_100217347

【前端:Dejavu】

参考:https://www.ctolib.com/appbaseio-dejavu-browser.html
参考:https://www.extfans.com/web-development/jopjeaiilkcibeohjdmejhoifenbnmlh/

【应用:用ELK(ElasticSearch, Logstash, Kibana)搭建实时日志分析】

参考:https://www.elastic.co/cn/what-is/elk-stack
参考:https://www.ibm.com/developerworks/cn/opensource/os-cn-elk-filebeat/index.html
参考:https://yq.aliyun.com/articles/590431
参考:https://www.cnblogs.com/aresxin/p/8035137.html