Elk System Series 1--elasticsearch cluster Build __elasticsearch

elasticsearch Cluster Setup background:

We're going to build a elk system with the goal of retrieving systems and user portrait systems. The selected version is elasticsearch5.5.0+logstash5.5.0+kibana5.5.0. elasticsearch Cluster setup steps: 1. Install the Java 8 version of the JDK. from http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html Download and install more than 1.8 jdk from this web site (note: In the ES update, see the JDK version required on the website). See the installation steps for this article: http://blog.csdn.net/rchm8519/article/details/48721913 If you have a single server to install the environment without consideration, But if you're just a user on this server, you need to be aware of that. (Modify/etc/profile and modify ~/.BASHRC difference) 2. Download elasticsearch5.5.0 && Modify profile from ES website. See Figure 1, Figure 2.

Parameter description: Cluster.name: All Cluster.name Consistent es instances are added to a cluster. Node.name: The name of the node in the cluster. Path.data: The location where index data is stored. Note that you want to mount to a large disk space, if you want to index the amount of data is large enough. Path.log: Store index log location. Note that you want to mount to a large disk space, if you want to index the amount of data is large enough. Network.host: If there are multiple nodes in the cluster, it needs to be represented in IP form. Http.port: The default port number is 9200, you specify, the port does not conflict. Discovery.zen.ping.unicast.hosts: node Discovery function.

Figure 1

Figure 2 3. Since elasticsearch cannot run with root privileges, you need to create directory permissions that users can use to run Elasticsearch & give users the needs they need. 3.1 Create User: useradd yongjia.sang 3.2 Give users permissions to certain directories: chown yongjia.sang/sangyongjia-r: $home directory Chown Yongjia.sang/srv/data-r: Directory to write index data chown yongjia.sang/srv/logs-r: directory 3.3 of the write index log modify configuration /etc/sysctl.conf Add a sentence to the file : Vm.max_map_count = 262144 and execute command: sysctl-p Run command under Yongjia.sang User: Ulimit-v Unlimited change virtual memory to infinity (not knowing which file to configure, Solve the problem in an ordered manner for the time being. Note: There are other configuration errors that need to be resolved by Google.

After each machine in the cluster is configured in the way described above, the cluster can be started directly by running the./bin/elasticsearch file, so that a elasticsearch cluster will run. The parameter configuration of ES cluster is really streamlined.