Preface:
1. The deployed Elk Architecture is elasticsearch (hereinafter referred to as ES) +logstash+kibana+filebeat
The 2.Filebeat deployment is responsible for collecting logs on the nodes that need to collect the logs. The Logstash and ES are then filtered for analysis, and then transferred and focused on the Kibana system for visual display.
3. Non-cluster deployment None-cluster
4. The elasticsearch,kibana are made up of 5.5.2→6.0.0, while Logstash is 5.5.2→6.0.1;filebeat 5.5.2→5.6.5→6.0.1
4. The following command is too long to be saved as a SH script file and added execution permission execution
1.Eleasticsearch part:
(refer to the official website document: Click me)
To modify the cluster configuration parameters by using curl to initiate a put request on the ES server:
(1) Stop fragmentation distribution
Curl-xput ' 10.0.7.227:9200/_cluster/settings?pretty '-h ' content-type:application/json '-d '
{
"persistent" : {
"cluster.routing.allocation.enable": "None"
}
}
'
(2) Pausing the index and then refreshing the synchronization state
Curl-xpost ' 10.0.7.227:9200/_flush/synced?pretty '
(3) Suspend all nodes, where no system-level service is made at deployment time, kill the process directly
Kill-9 $ (cat pid)
(4) Upgrading the software version
Unzip the tar or ZIP package into a new directory, do not overwrite the old version of the directory
Then modify the Path.data and Path.logs in the configuration file config/elasticsearch.yml to point to the original data and log directory
(5) Upgrade all plugins to compatible versions
(6) Start ES, if deployed as a cluster, start all nodes es
Use the following command to view the node status
Curl-xget ' Localhost:9200/_cat/health?pretty ' curl-xget ' Localhost:9200/_cat/nodes?pretty '
Waits for node status to be displayed as yellow (completes the state of local data recovery)
(8) Restore the fragmentation distribution and resume normal use
Curl-h "Content-type:application/json"-xput 10.0.7.227:9200/_cluster/settings-d ' {
"persistent": {
" Cluster.routing.allocation.enable ":" All "
}
} 'Execution results are as follows
2.Kibana part:
(official website upgrade document)
(1) Unzip the ZIP or tar package to the new directory, do not overwrite the previous version of the configuration and data directory
(2) Migrate Profile directory config to the new version of the directory, and check and upgrade the configuration file related items, delete obsolete items
(3) Migrating ES on and Kibana related index item settings
Set the index space for. Kibana to read-only
Curl-xput ' 10.0.7.227:9200/.kibana/_settings?pretty '-h ' content-type:application/json '-d '
{
" Index.blocks.write ": True
}
'Creates a new index space. kibana-6
Curl-xput ' 10.0.7.227:9200/.kibana-6?pretty '-h ' content-type:application/json '-d ' {"Settings": {"Number_of_sh
Ards ": 1," index.mapper.dynamic ": false}," mappings ": {" Doc ": {" Properties ": {" type ": {
"Type": "Keyword"}, "Updated_at": {"type": "Date"}, "config": {
"Properties": {"Buildnum": {"type": "Keyword"}}},
"Index-pattern": {"Properties": {"Fieldformatmap": {"type": "Text"}, "Fields": {"type": "Text"}, "Intervalname": {"type": " Keyword "}," Notexpandable ": {" type ":" Boolean "}," Sourcef
Ilters ": {" type ":" Text "}," Timefieldname ": {" type ":" Keyword " },
"Title ": {" type ":" Text "}}}," visualization ": {" Properti
Es ": {" description ": {" type ":" Text "}," Kibanasavedobjectmeta ": {
"Properties": {"Searchsourcejson": {"type": "Text"} }}, "Savedsearchid": {"type": "Keyword"}, "title"
: {"type": "Text"}, "Uistatejson": {"type": "Text"}, "Version": {"type": "Integer"}, "Visstate": {"type": "Te
XT "}}}," search ": {" Properties ": {" columns ": {
"Type": "Keyword"}, "description": {"type": "Text"},
"Hits": {"Type": "Integer"}, "Kibanasavedobjectmeta": {"Properties": {"sea
Rchsourcejson ": {" type ":" Text "}}}," Sort ": {
"Type": "Keyword"}, "title": {"type": "Text"}, "Version": {"type": "Integer"}}}, "Dashboard": {"PR
Operties ": {" description ": {" type ":" Text "}," hits ": { "Type": "Integer"}, "Kibanasavedobjectmeta": {"Properties": {"sea Rchsourcejson ": {" type ":" Text "}}}," Optionsjs
On ": {" type ":" Text "}," Panelsjson ": {" type ":" Text "}, "RefreshintErval ": {" Properties ": {" display ": {" type ":" Keyword "}
, "pause": {"type": "Boolean"}, "section": {
"Type": "Integer"}, "value": {"type": "Integer" }}}, "Timefrom": {"type": "Keyword"}, "
Timerestore ": {" type ":" Boolean "}," Timeto ": {" type ":" Keyword "
}, "title": {"type": "Text"}, "Uistatejson": { "Type": "Text"}, "version": {"type": "Integer"}}}
, "url": {"Properties": {"Accesscount": {"type": "Long"},
"accessdate": { "Type": "Date"}, "CreateDate": {"type": "Date"}, "url": {"type": "Text", "fields": {"keyword": {"Typ
E ":" Keyword "," Ignore_above ": 2048}}}
}, "server": {"Properties": {"uuid": {"type": "Keyword"} }}, "Timelion-sheet": {"Properties": {"description": {"type": "Text"}, "hits": {"type": "Integer"}, "Kibanasavedobject
Meta ": {" Properties ": {" Searchsourcejson ": {" type ":" Text "
}}}, "Timelion_chart_height": {"type": "Integer"}, "Timelion_cOlumns ": {" type ":" Integer "}," Timelion_interval ": {" type ":" Keywor D "}," Timelion_other_interval ": {" type ":" Keyword "}," Tim
Elion_rows ": {" type ":" Integer "}," Timelion_sheet ": {" type ":" Text "
}, "title": {"type": "Text"}, "version": {
"Type": "Integer"}}, "Graph-workspace": {"Properties": { "description": {"type": "Text"}, "Kibanasavedobjectmeta": {"Propert
ies ": {" Searchsourcejson ": {" type ":" Text "}}
}, "Numlinks": {"type": "Integer"}, "Numvertices": {
' type ': ' Integer ' }, "title": {"type": "Text"}, "version": {"type":
"Integer"}, "Wsstate": {"type": "Text"}}}
}
}
}
}
'
Curl-xpost ' Localhost:9200/_reindex?pretty '-h ' content-type:application/json '-d '
{
"source": {
"index ":". Kibana "
},
" Dest ": {
" index ":". kibana-6 "
},
" script ": {
" inline ":" Ctx._source = [ctx._ Type:ctx._source]; Ctx._source.type = Ctx._type; ctx._id = Ctx._type + \ ": \" + ctx._id; Ctx._type = \ "Doc\"; ",
" lang ":" Painless "
}
}
'
Curl-xpost ' Localhost:9200/_aliases?pretty '-h ' content-type:application/json '-d '
{
"actions": [
{" Add ": {" index ":". Kibana-6 "," Alias ":". Kibana "}},
{" Remove_index ": {" index ":". Kibana "}}
]
}
'
(4) Same (2), migrate data directory to the new directory
(5) Update plugin plugin to compatible version
(6) Stop the old Kibana,kill kill process, etc.
(7) Start a new version
3.Logstash Part
(official documents)
Official website document does not have a good description of the specific upgrade steps, currently directly overwrite the data and Config directory, try to start, success, no error
4.Filebeat Part
(official documents)
Download RPM Package upgrade directly (RPM-UVH xxxxxx.rpm)
As the official website document mentions, Filebeat 6.0 is more compatible with 5.6, so upgrade to Filebeat 5.6 First, then upgrade to Filebeat 6.0
When I upgraded from 5.5 to 5.6, everything was fine.
When upgrading from 5.6 to 6.0, the prompt profile has been backed up, proving that the configuration file has changed, that a new configuration item has occurred, or that an old configuration item has been deprecated
It is time to compare the old and new profiles filebeat.yml.rpmnew and filebeat.yml, and update the old configuration to the new configuration file, overwriting the original file filebeat.yml
Here you try to enable the original profile filebeat.yml directly, and then start the service filebeat start
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
