graylog日志平台搭建 (二) 部署elasticsearch集群

2024-02-04 12:20:52

二、elasticsearch集群部署(单机版也可以)

本次部署的elasticsearch版本是7.11.2

1、配置环境

系统优化,内核优化 
# vim /etc/sysctl.conf
fs.file-max=655360
vm.max_map_count=655360
vm.swappiness = 0


# vim /etc/security/limits.conf
* soft nproc 655350
* hard nproc  655350
* soft nofile 655350
* hard nofile 655350
* hard memlock unlimited
* soft memlock unlimited

添加普通用户

groupadd tomcat
useradd tomcat  -s /sbin/nologin -g tomcat

安装jdk

yum install -y java-1.8.0-openjdk-devel.x86_64

# vim /etc/profile
export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.282.b08-1.el7_9.x86_64/       #java目录根据实际情况填写
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$PATH:$JAVA_HOME/bin

2、部署elasticsearch

下载压缩包并解压

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.11.2-linux-x86_64.tar.gz

tar zxvf elasticsearch-7.11.2-linux-x86_64.tar.gz -C /usr/local/
chown -R tomcat:tomcat /usr/local/elasticsearch-7.11.2

mkdir /data0/elasticsearch/{data,logs}  -p
chown -R tomcat:tomcat  /data0/elasticsearch

修改配置

# vim /usr/local/elasticsearch-7.11.2/config/elasticsearch.yml
cluster.name: graylog-cluster
node.name: ${HOSTNAME}    #这里写主机名,或者自定义节点的名称
path.data: /data0/elasticsearch/data
path.logs: /data0/elasticsearch/logs
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
transport.tcp.port: 9300
discovery.seed_hosts: ["192.168.1.10:9300","192.168.1.11:9300","192.168.1.12:9300"] #单机版就写本机 
cluster.initial_master_nodes: ["192.168.1.10:9300","192.168.1.11:9300","192.168.1.12:9300"]  #单机版就写本机 
http.cors.enabled: true 
http.cors.allow-origin: "*"

#修改堆内存大小,因为我服务器资源限制邮箱,我这里改成了4g
vim /usr/local/elasticsearch-7.11.2/config/jvm.options
-Xms4g 
-Xmx4g

使用 systemd 管理服务

# vim /usr/lib/systemd/system/elasticsearch.service
[Unit]
Description=elasticsearch server daemon
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
User=es
Group=es
LimitMEMLOCK=infinity
LimitNPROC=655350
ExecStart=/usr/local/elasticsearch-7.11.2/bin/elasticsearch
Restart=always

[Install]
WantedBy=multi-user.target

启动elasticsearch并设置开机自启

systemctl daemon-reload
systemctl enable elasticsearch
systemctl start elasticsearch

3、验证一下集群状态

# curl -XGET http://127.0.0.1:9200/_cluster/health?pretty
{
  "cluster_name" : "graylog-cluster",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 1,
  "active_shards" : 2,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

 

elasticsearch集群部署完成了。

   

 

 

上一篇:centos7安装graylog


下一篇:Graylog安装入门