部署环境:
- centos 6.X
- jdk 1.7
- elasticsearch 2.3.1 https://www.elastic.co/downloads/elasticsearch
- logstash 2.3.1 https://www.elastic.co/downloads/logstash
- Kibana 4.5.0 https://www.elastic.co/downloads/kibana
- 都需要以后台服务运行时,在更新模板或者其他配置文件后,需要重新启动服务;(自己执行时会有多个服务进程,不知操作问题还是别的,我就逐个kill掉,然后再起新的)
下载资源:
kibana:https://www.elastic.co/downloads/kibana 比如下载的是tar.gz包;根据自己习惯,可以下载rpm,或者zip 都可以。
# 解压 [root@candaotool software]# tar -zxvf kibana-4.5.0-linux-x64.tar.gz # 移动 [root@candaotool software]# mv kibana-4.5.0-linux-x64 /usr/local/ # 软连 [root@candaotool local]# ln -s kibana-4.5.0-linux-x64/ kibana
Note: Kibana 4.5.x requires Elasticsearch 2.3.x
- Extract your archive
- Open config/kibana.yml in an editor
- Set the elasticsearch.url to point at your Elasticsearch instance
- Run ./bin/kibana (orbinkibana.bat on Windows)
Point your browser athttp://yourhost.com:5601 .Check out the README.md
编辑config/kibana.yml文件,elasticsearch.url默认是http://localhost:9200,根据实际情况修改即可。
# The Elasticsearch instance to use for all your queries. elasticsearch.url: "http://192.168.87.8:9200"
编辑后的配置为:
# The host to bind the server to. # server.host: "0.0.0.0" server.host: "192.168.87.8" # kibana对外暴漏的IP地址,最终访问地址为http://192.168.87.8:5601 # If you are running kibana behind a proxy, and want to mount it at a path, # specify that path here. The basePath can't end in a slash. # server.basePath: "" # The maximum payload size in bytes on incoming server requests. # server.maxPayloadBytes: 1048576 # The Elasticsearch instance to use for all your queries. # elasticsearch.url: "http://localhost:9200" elasticsearch.url: "http://192.168.87.8:9200" # Elasticsearch 服务的IP+port
然后运行kibana:
[root@candaotool bin]# ./kibana log [17:46:25.403] [info][status][plugin:kibana] Status changed from uninitialized to green - Ready log [17:46:25.436] [info][status][plugin:elasticsearch] Status changed from uninitialized to yellow - Waiting for Elasticsearch log [17:46:25.450] [info][status][plugin:kbn_vislib_vis_types] Status changed from uninitialized to green - Ready log [17:46:25.459] [info][status][plugin:markdown_vis] Status changed from uninitialized to green - Ready log [17:46:25.465] [info][status][plugin:metric_vis] Status changed from uninitialized to green - Ready log [17:46:25.477] [info][status][plugin:spyModes] Status changed from uninitialized to green - Ready log [17:46:25.482] [info][status][plugin:statusPage] Status changed from uninitialized to green - Ready log [17:46:25.485] [info][status][plugin:elasticsearch] Status changed from yellow to green - Kibana index ready log [17:46:25.487] [info][status][plugin:table_vis] Status changed from uninitialized to green - Ready log [17:46:25.496] [info][listening] Server running at http://192.168.87.8:5601
如果以后台服务运行,那么执行(最后多个&):
[root@candaotool bin]# ./kibana & [1] 4373 [root@candaotool bin]# ls log [18:05:36.397] [info][status][plugin:kibana] Status changed from uninitialized to green - Ready log [18:05:36.437] [info][status][plugin:elasticsearch] Status changed from uninitialized to yellow - Waiting for Elasticsearch log [18:05:36.460] [info][status][plugin:kbn_vislib_vis_types] Status changed from uninitialized to green - Ready log [18:05:36.470] [info][status][plugin:markdown_vis] Status changed from uninitialized to green - Ready log [18:05:36.479] [info][status][plugin:metric_vis] Status changed from uninitialized to green - Ready log [18:05:36.494] [info][status][plugin:spyModes] Status changed from uninitialized to green - Ready log [18:05:36.499] [info][status][plugin:statusPage] Status changed from uninitialized to green - Ready log [18:05:36.503] [info][status][plugin:elasticsearch] Status changed from yellow to green - Kibana index ready log [18:05:36.505] [info][status][plugin:table_vis] Status changed from uninitialized to green - Ready log [18:05:36.514] [info][listening] Server running at http://192.168.87.8:5601
tips:如果需要重启,需要kill 4373 进程(上图进程号,但是每次数字不同,根据实际情况更改),然后再运行 ./kibana &
到此,访问http://192.168.87.8:5601/app/kibana,发现不能访问,why?
后来想起来了,需要设置一下火墙策略(Logstash默认的对外服务的端口是9292)
# vim /etc/sysconfig/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 9200 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 9292 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 5601 -j ACCEPT # service iptables restart
然后访问http://192.168.87.8:5601,就可以看到kibana的界面了。
遗留问题:
比如更新了模板,如何重启kibana服务?(是我说的那种kill方式么?还是有什么restart的 方式)
参考:
http://opsnotes.net/2015/03/03/install_ELK/
http://kibana.logstash.es/content/kibana/v4/setup.html