摘要:安裝適合 M1 芯片的 elasticsearch、kibana、logstash,優化內存佔用並設定訪問密碼。
安裝 elasticsearch#
使用 brew 安裝適用 M1 芯片的 elasticsearch
# brew tap elastic/tap
brew install elastic/tap/elasticsearch-full
安裝成功後顯示使用幫助:
# 安裝日誌
==> Installing elasticsearch-full from elastic/tap
Warning: Tried to install empty array to /opt/homebrew/etc/elasticsearch/jvm.options.d
==> codesign -f -s - /opt/homebrew/Cellar/elasticsearch-full/7.17.1/libexec/modules/x-pack
==> find /opt/homebrew/Cellar/elasticsearch-full/7.17.1/libexec/jdk.app/Contents/Home/bin
==> Caveats
# 相關安裝文件位置
Data: /opt/homebrew/var/lib/elasticsearch/elasticsearch_zhangminglei/
Logs: /opt/homebrew/var/log/elasticsearch/elasticsearch_zhangminglei.log
Plugins: /opt/homebrew/var/elasticsearch/plugins/
Config: /opt/homebrew/etc/elasticsearch/
# 後台運行,並開機自動啟動
brew services start elastic/tap/elasticsearch-full
# 在當前命令行運行,終端關閉後服務關閉
elasticsearch
啟動後台服務:
brew services start elastic/tap/elasticsearch-full
運行後驗證,使用瀏覽器訪問:http://localhost:9200/ ,出現以下響應內容:
// 20220315232052
// http://localhost:9200/
{
"name": "LegalgesMacBook.lan",
"cluster_name": "elasticsearch_zhangminglei",
"cluster_uuid": "fB4xhSO1TrO0yh1I4h7qaw",
"version": {
"number": "7.17.1",
"build_flavor": "default",
"build_type": "tar",
"build_hash": "e5acb99f822233d62d6444ce45a4543dc1c8059a",
"build_date": "2022-02-23T22:20:54.153567231Z",
"build_snapshot": false,
"lucene_version": "8.11.1",
"minimum_wire_compatibility_version": "6.8.0",
"minimum_index_compatibility_version": "6.0.0-beta1"
},
"tagline": "You Know, for Search"
}
安裝 kibana#
使用 brew 安裝適用 M1 芯片的 kibana
# brew tap elastic/tap
brew install elastic/tap/kibana-full
安裝成功後提示:
# 安裝過程日誌
==> Installing kibana-full from elastic/tap
==> Caveats
Config: /opt/homebrew/etc/kibana/
If you wish to preserve your plugins upon upgrade, make a copy of
/opt/homebrew/opt/kibana-full/plugins before upgrading, and copy it into the
new keg location after upgrading.
# 後台運行,並開機自動啟動
To start elastic/tap/kibana-full now and restart at login:
brew services start elastic/tap/kibana-full
# 在當前命令行運行,終端關閉後服務關閉
Or, if you don't want/need a background service you can just run:
kibana
# 安裝結果摘要
==> Summary
🍺 /opt/homebrew/Cellar/kibana-full/7.17.1: 51,438 files, 720MB, built in 30 seconds
==> Running `brew cleanup kibana-full`...
Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.
Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).
啟動後台服務:
brew services start elastic/tap/kibana-full
瀏覽器訪問 http://localhost:5601/ ,查看運行界面情況,將系統界面修改為中文:
# 切換到配置文件目錄
cd /opt/homebrew/etc/kibana/
# 編輯配置文件
nano kibana.yml
# 將最後一行修改為:
i18n.locale: "zh-CN"
重啟 brew 服務:
brew services restart elastic/tap/kibana-full
調整系統內存佔用#
ES 服務默認會佔用系統一半以上的內存,可以通過修改配置文件,進行限制:
所需修改文件在服務配置路徑當中:/opt/homebrew/etc/elasticsearch/
所需修改文件:jvm.options
修改前:
## jvm.options.d directory containing these lines:
##
## -Xms4g
## -Xmx4g
##
修改後:
## jvm.options.d directory containing these lines:
##
-Xms4g
-Xmx4g
##
重啟 ES 服務,即可在系統的【活動監視器】看到 java 內存佔用已經受限:
brew services restart elastic/tap/elasticsearch-full
設置密碼保護#
注:可參考官方文檔:https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-minimal-setup.html
-
step1:關閉運行中的 elasticsearch、kibana 2 項服務
-
step2:修改 elasticsearch.yml 文件,啟用密碼保護,設置為單節點
# 進入配置文件夾
/opt/homebrew/etc/elasticsearch/
# 編輯配置文件
elasticsearch.yml
# 文件末尾追加以下2行內容:
xpack.security.enabled: true
discovery.type: single-node
- step3: 利用 elasticsearch 內置工具自動生成帳號、密碼
#1 啟動 elasticsearch 服務:
brew services start elastic/tap/elasticsearch-full
#2 進入es可執行文件目錄:
/opt/homebrew/Cellar/elasticsearch-full/7.17.1/bin
#3 在以上目錄打開終端,執行自動生成密碼命令:
./elasticsearch-setup-passwords auto
#4 記錄下控制台輸出的帳號密碼內容,後面會用到
生成的帳號密碼示例:
Changed password for user kibana_system
PASSWORD kibana_system = n9zXw2UnJwvWdrJ4ZPcg
Changed password for user elastic
PASSWORD elastic = Lhder7yQVB8z3rzdFoKY
- step4: 將以上自動生成的帳號密碼配置到 Kibana ,使其可以訪問 es
#1 進入 Kibana 配置文件目錄:
/opt/homebrew/etc/kibana/
#2 修改 Kibana 配置文件,追加內容:
elasticsearch.username: "kibana_system"
#3 進入 Kibana 可執行文件目錄:
/opt/homebrew/Cellar/kibana-full/7.17.1/bin
#4 在以上目錄打開終端,依次執行:
./kibana-keystore create
./kibana-keystore add elasticsearch.password
輸入以上生成的 kibana_system 密碼
#5 重啟 Kibana 服務:
brew services start elastic/tap/kibana-full
- step5: 使用以上自動生成的 elastic 帳號密碼登錄 kibana
地址: http://localhost:5601/
帳號: elastic
密碼: Lhder8yQVB8z3rzdFoKY
*可在 kibana 當中修改密碼
安裝 logstash#
使用 brew 安裝適用 M1 芯片的 logstash:
# brew tap elastic/tap
brew install elastic/tap/logstash-full
安裝成功日誌:
Please read the getting started guide located at:
https://www.elastic.co/guide/en/logstash/current/getting-started-with-logstash.html
To start elastic/tap/logstash-full now and restart at login:
brew services start elastic/tap/logstash-full
Or, if you don't want/need a background service you can just run:
logstash
==> Summary
🍺 /opt/homebrew/Cellar/logstash-full/7.17.1: 14,003 files, 604.8MB, built in 13 seconds
==> Running `brew cleanup logstash-full`...
Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.
在 logstash.yml 中配置用戶名和密碼:
路徑:/opt/homebrew/etc/logstash
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: logstash_system
xpack.monitoring.elasticsearch.password: *****
xpack.monitoring.elasticsearch.hosts: ["http://127.0.0.1:9200"]
啟動服務:
brew services start elastic/tap/logstash-full
驗證安裝成功:
# 進入logstash目錄
cd /opt/homebrew/Cellar/logstash-full/7.17.1/bin
# 執行如下命令,等待輸入光標出現
bin/logstash -e 'input { stdin { } } output { stdout { } }'
# 輸入hello後系統的反饋:
{
"@version" => "1",
"message" => "hello",
"@timestamp" => 2022-05-29T06:28:37.021Z,
"host" => "izwz9cte3psk7ixd8kospzz"
}
創建並使用管道配置文件:
一個 Logstash 管理通常有一個或多個 input, filter 和 output 插件,例如:
//hello.conf
input { stdin { } }
output {
elasticsearch {
hosts => "http://127.0.0.1:9200"
index => "logs"
user => "elastic"
password => "************"
}
stdout {}
}
使用管道:
# 執行
logstash -f hello.conf
# 輸入:
hello world
# 反饋:
{
"host" => "Legalgeeks-MacBook.local",
"@timestamp" => 2022-03-20T05:50:48.988Z,
"@version" => "1",
"message" => "hello world"
}