반응형
Ubuntu 환경에서 Elasticsearch와 Kibana를 설치하고 연동하는 방법(single node)
apt 저장소 업데이
sudo apt-get update
apt-transport-https 패키지 설치
sudo apt-get install -y apt-transport-https
Elasticsearch 공식 GPG 키 추가
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
Elasticsearch 저장소 추가
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
sudo apt-get update
Elasticsearch 설치하기
Elasticsearch 패키지 설치
sudo apt-get install -y elasticsearch
보안 자동 구성 정보
--------------------------- Security autoconfiguration information ------------------------------
Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.
The generated password for the elastic built-in superuser is : i*K-5bDjKVt6+7*74aku
If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.
You can complete the following actions at any time:
Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.
Generate an enrollment token for Kibana instances with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.
Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.
-------------------------------------------------------------------------------------------------
### NOT starting on installation, please execute the following statements to configure elasticsearch
service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
시스템 색인 자동 생성 활성화
vim /etc/elasticsearch/elasticsearch.yml
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
Elasticsearch 실행
systemctl --now enable elasticsearch.service
Elasticsearch 서비스 상태 확인
systemctl status elasticsearch.service
Elasticsearch 정보 확인
curl -k -XGET https://elastic:i*K-5bDjKVt6+7*74aku@localhost:9200
$ curl -k -XGET https://elastic:i*K-5bDjKVt6+7*74aku@localhost:9200
{
"name" : "node1",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "K6UghcRUTiCoWwimDD2Oag",
"version" : {
"number" : "8.6.2",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "2d58d0f136141f03239816a4e360a8d17b6d8f29",
"build_date" : "2023-02-13T09:35:20.314882762Z",
"build_snapshot" : false,
"lucene_version" : "9.4.2",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
Kibana 설치하기
위에서 elastic 저장소를 추가했기에 여기서는 생략하도록 하겠습니다.
Kibana 패키지 설치
apt-get install -y kibana
Kibana 실행
systemctl --now enable kibana.service
Kibana 서비스 상태 확인
- Go to http://localhost:5601/?code=453288 to get started.
systemctl status kibana
$ systemctl status kibana
● kibana.service - Kibana
Loaded: loaded (/lib/systemd/system/kibana.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2023-03-17 21:07:58 KST; 1min 0s ago
Docs: https://www.elastic.co
Main PID: 3688 (node)
Tasks: 11 (limit: 4571)
Memory: 367.0M
CPU: 17.268s
CGroup: /system.slice/kibana.service
└─3688 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli/dist
...
Mar 17 21:08:20 node1 kibana[3688]: i Kibana has not been configured.
Mar 17 21:08:20 node1 kibana[3688]: Go to http://localhost:5601/?code=453288 to get started.
kibana.yml 설정 파일 편집
- server.port: 5601
- server.host: "0.0.0.0"
- server.publicBaseUrl: "http://192.168.0.61:5601"
vim /etc/kibana/kibana.yml
...
# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"
# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""
# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# Defaults to `false`.
#server.rewriteBasePath: false
# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
server.publicBaseUrl: "http://192.168.0.61:5601"
Kibana 재실행
systemctl restart kibana.service
Elasticsearch와 Kibana 연동하기
브라우저에서 http://192.168.0.61:5601(or http://localhost:5601) 주소로 접속
token 생성
/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token --scope kibana
$ /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token --scope kibana
eyJ2ZXIiOiI4LjYuMiIsImFkciI6WyIxOTIuMTY4LjAuNjE6OTIwMCJdLCJmZ3IiOiI3Y2M0MDM2OTE5NjJkMzYzYTJlZDdlMmRhNjM4MzVmYjlkOWFiZWM0ZmQ3ZTI1ZmE4OGY3ODI0ZTQ1NGU0YWNhIiwia2V5IjoiU21PQjc0WUJ5bDFfVU9aQ050MDc6NDlpbU1kcGhTTnFuOGhkUmNDdUJXUSJ9
Kibana 서버에서 코드를 복사
/usr/share/kibana/bin/kibana-verification-code
$ /usr/share/kibana/bin/kibana-verification-code
Your verification code is: 727 916
elastic 계정의 패스워드 재설정
/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic -i
kibana_system 계정의 패스워드 재설정
/usr/share/elasticsearch/bin/elasticsearch-reset-password -u kibana_system -i
728x90
반응형
'리눅스' 카테고리의 다른 글
Siege를 설치 및 사용하는 방법 (0) | 2023.03.22 |
---|---|
CentOS 7에서 Filebeat를 설치하는 방법 (0) | 2023.03.20 |
ABRT(Automated Bug Reporting Tool)에 의한 문제(problem)를 감지 (0) | 2023.03.20 |
find 명령어 (0) | 2023.03.20 |
[리눅스] Fleet Server 호스트 추가 (0) | 2023.03.18 |