当前位置: 首页 > 科技观察

基于Centos7系统一键部署EFK服务,值得收藏

时间:2023-03-21 19:26:20 科技观察

近期平台升级EFK版本,平台采用EFK(ElasticSearch-7.6.2+FileBeat-7.6.2+Kibana-7.6.2)架构。建议三个组件的主次版本保持一致。考虑到服务器比较多,所以写成脚本来批量部署。脚本的内容,看函数就知道了。架构EFK采用集中式日志管理架构elasticsearch:开源的分布式搜索引擎,提供收集、分析、存储数据三种功能。其特点是:分布式、零配置、自动发现、索引自动分片、索引复制机制、restful风格接口、多数据源、自动搜索加载等。kibana:可以为Logstash、Beats和ElasticSearch,可以帮助汇总、分析和搜索重要的数据日志。filebeat:轻量级日志收集器。需要在各个应用服务器配置filebeat,收集日志输出到elasticsearch,实现一键部署KIBANA脚本函数install_es7_el7(){echo""echo-e"\033[33m******************************************************************************************************************************************************************************************\033[0m"#action"********初始化JAVA环境*********"/bin/true#install_jdk#下载包if[-f/opt/elasticsearch-7.6.2-x86_64.rpm]&&[-f/opt/elasticsearch-analysis-ik-7.6.2.zip];thenecho"*****已有ElasticSearch7.6.2安装包,无需下载*****"elseping-c4artifacts.elastic.co>/dev/null2>&1if[$?-eq0];thenwgethttps://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.2-x86_64.rpm-O/opt/elasticsearch-7.6.2-x86_64.rpmwgethttps://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.6.2/elasticsearch-analysis-ik-7.6.2.zip-O/opt/elasticsearch-analysis-ik-7.6.2.zipelseecho"pleasedownloadES7packagemanual!"exit$?fifi#Installes7.6action"*********安装ElasticSearch7.6.2服务*********"/bin/truechmodu+x/opt/elasticsearch-7.6.2-x86_64.rpm&&rpm-ivh/opt/elasticsearch-7.6.2-x86_64.rpm#创建目录并授权mkdir-p$ES_HOME/data&&mkdir-p$ES_HOME/logchown-Relasticsearch:elasticsearch$ES_HOME&&chmod-R755$ES_HOME#修改ES配置文件cp/etc/elasticsearch/elasticsearch.yml/etc/elasticsearch/elasticsearch.yml_bak&>/dev/nullcat>/etc/elasticsearch/elasticsearch.yml</dev/nullchown-Relasticsearch:elasticsearch/usr/share/elasticsearch/plugins/&&c??hmod-R755/usr/share/elasticsearch/plugins/sleep2#在filebeat中的index模板中添加defaulttokenizer属性配置文件。以后新建的索引都会引用这个属性:#setup.template.settings:#index.analysis.analyzer.default.type:"ik_max_word"#index.analysis.analyzer.default_search.type:"ik_max_word"#setup。模板。overwrite:true#在Linux终端中执行以下命令为所有现有索引设置默认分词器属性:#curl-XPOST"172.16.20.143:9200/_all/_close"#curl-XPUT-H'Content-Type:application/json''http://172.16.20.143:9200/_all/_settings?preserve_existing=true'-d'{#"index.analysis.analyzer.default.type":"ik_max_word",#"index.analysis.analyzer.default_search.type":"ik_max_word"#}'#curl-XPOST"172.16.20.143:9200/_all/_open"#启动ES并初始化数据action"*********启动es并初始化数据******"/bin/truesystemctldaemon-reload&&systemctlenableelasticsearch.servicesystemctlrestartelasticsearch.servicees_version=`curl-XGET${ES_IP}:${ES_PORT}`echo-e"\033[33m****************************************************完成ElasticSearch7.6.2安装*********************************************************\033[0m"cat>/tmp/es7.log</dev/null2>&1if[$?-eq0];thenwgethttps://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.2-x86_64.rpm-O/opt/elasticsearch-7.6.2-x86_64.rpmwgethttps://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.6.2/elasticsearch-analysis-ik-7.6.2.zip-O/opt/elasticsearch-analysis-ik-7.6.2.zipelseecho"pleasedownloadES7packagemanual!"exit$?fifi#installes7.6action"*********安装ElasticSearch7.6.2Service*********"/bin/truechmodu+x/opt/elasticsearch-7.6.2-x86_64.rpm&&rpm-ivh/opt/elasticsearch-7.6.2-x86_64.rpm#创建目录并授权mkdir-p$ES_HOME/data&&mkdir-p$ES_HOME/logchown-Relasticsearch:elasticsearch$ES_HOME&&chmod-R755$ES_HOME#修改ES配置文件cp/etc/elasticsearch/elasticsearch.yml/etc/elasticsearch/elasticsearch.yml_bak&>/dev/nullcat>/etc/elasticsearch/elasticsearch.yml</dev/nullchown-Relasticsearch:elasticsearch/usr/share/elasticsearch/plugins/&&c??hmod-R755/usr/share/elasticsearch/plugins/sleep2#在filebeat配置文件中的index模板中添加defaulttokenizer属性。以后新建的索引都会引用这个属性:#setup.template.settings:#index.analysis.analyzer.default.type:"ik_max_word"#index.analysis.analyzer.default_search.type:"ik_max_word"#setup。模板。overwrite:true#在Linux终端中执行以下命令为所有现有索引设置默认分词器属性:#curl-XPOST"172.16.20.143:9200/_all/_close"#curl-XPUT-H'Content-Type:application/json''http://172.16.20.143:9200/_all/_settings?preserve_existing=true'-d'{#"index.analysis.analyzer.default.type":"ik_max_word",#"index.analysis.analyzer.default_search.type":"ik_max_word"#}'#curl-XPOST"172.16.20.143:9200/_all/_open"#启动ES并初始化数据action"*********启动es并初始化数据******"/bin/truesystemctldaemon-reload&&systemctlenableelasticsearch.servicesystemctlrestartelasticsearch.servicees_version=`curl-XGET${ES_IP}:${ES_PORT}`echo-e"\033[33m****************************************************完成ElasticSearch7.6.2安装*********************************************************\033[0m"cat>/tmp/es7.log</dev/null2>&1if[$?-eq0];thenwgethttps://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.6.2-x86_64.rpm-O/opt/filebeat-7.6.2-x86_64.rpmelseecho"pleasedownloadFilebeat7.6packagemanual!"exit$?fifi#安装filebeat7.6动作“********安装filebeat7.6.2服务********”/bin/truechmodu+x/opt/filebeat-7.6.2-x86_64.rpm&&rpm-ivh/opt/filebeat-7.6.2-x86_64.rpm#修改kibana配置文件cp/etc/filebeat/filebeat.yml/etc/filebeat/filebeat.yml_bakcat>/etc/filebeat/filebeat.yml</dev/null2>&1&echo-e"\033[33m***************************************************完全的Filebeat7.6.2安装********************************************************\033[0m"cat>/tmp/filebeat7.log<

基于Centos7系统一键部署EFK服务,值得收藏相关文章
最新推荐
猜你喜欢

Copyright © 2012-2022 程序源 版权所有豫ICP备2022028201号

重要申明:本站所有的文章、图片、评论等,均由网友发表或上传并维护或收集自网络,属个人行为,与本站立场无关。 如果侵犯了您的权利,请与我们联系,我们将在24小时内进行处理、任何非本站因素导致的法律后果,本站均不负任何责任。