在这里,以两台es集群为例。

es集群健康状况有三种状态,这里我们搭建的es集群,只要两台不同时挂掉,数据不会丢失。

green 所有主要分片和复制分片都可用
yellow 所有主要分片可用,但不是所有复制分片都可用
red 不是所有的主要分片都可用

举个例子:

  • 比如说现在集群节点es1位主节点,es2位复制分片节点,默认情况下,两台es都接收logstash传过来的日志,是负载均衡的。
  • 如果es1宕掉,es2会被提升为主节点,只有es2接收logstash传来得日志数据,同时整个集群状态由green转为red。
  • 修复es1,es1会作为分片节点加入集群中,es1加入到集群中后,会进行修复,es2中新增的数据同步到es1分片节点,同步过程整个集群健康状态转为yellow。
  • 当同步完成,集群状态转为green。

安装elasticsearch

官网:https://www.elastic.co/products/elasticsearch

# tar xf elasticsearch-2.3..tar.gz -C /usr/local/app/

# ln -sv /usr/local/app/elasticsearch-2.3. /usr/local/elasticsearch

# chown –R nobody.nobody /usr/local/app/elasticsearch-2.3./

# cd /usr/local/elasticsearch

编辑配置文件

es1

cluster.name: myES

node.name: es1

node.master: true

path.data: /data/elasticsearch/data

path.logs: /data/elasticsearch/log

bootstrap.mlockall: True

network.host: 10.80.2.83

http.port:

http.enabled: true

transport.tcp.port:

transport.tcp.compress: true

discovery.zen.ping.unicast.hosts: ["10.80.2.83:9300","10.80.2.84:9300"]

discovery.zen.minimum_master_nodes:

discovery.zen.ping.timeout: 3s

discovery.zen.ping.multicast.enabled: false

gateway.recover_after_nodes:

gateway.recover_after_time: 5m

gateway.expected_nodes:

cluster.routing.allocation.node_initial_primaries_recoveries:

indices.recovery.max_size_per_sec: 50mb

index :

  analysis :

    analyzer :

      default :

        tokenizer : keyword

config/elasticsearch.yml

#!/bin/sh

# check in case a user was using this mechanism

if [ "x$ES_CLASSPATH" != "x" ]; then

    cat >& << EOF

Error: Don't modify the classpath with ES_CLASSPATH. Best is to add

additional elements via the plugin mechanism, or if code must really be

added to the main classpath, add jars to lib/ (unsupported).

EOF

    exit

fi

ES_CLASSPATH="$ES_HOME/lib/elasticsearch-2.3.4.jar:$ES_HOME/lib/*"

if [ "x$ES_MIN_MEM" = "x" ]; then

    ES_MIN_MEM=8g

fi

if [ "x$ES_MAX_MEM" = "x" ]; then

    ES_MAX_MEM=8g

fi

if [ "x$ES_HEAP_SIZE" != "x" ]; then

    ES_MIN_MEM=$ES_HEAP_SIZE

    ES_MAX_MEM=$ES_HEAP_SIZE

fi

# min and max heap sizes should be set to the same value to avoid

# stop-the-world GC pauses during resize, and so that we can lock the

# heap in memory on startup to prevent any of it from being swapped

# out.

JAVA_OPTS="$JAVA_OPTS -Xms${ES_MIN_MEM}"

JAVA_OPTS="$JAVA_OPTS -Xmx${ES_MAX_MEM}"

# new generation

if [ "x$ES_HEAP_NEWSIZE" != "x" ]; then

    JAVA_OPTS="$JAVA_OPTS -Xmn${ES_HEAP_NEWSIZE}"

fi

# max direct memory

if [ "x$ES_DIRECT_SIZE" != "x" ]; then

    JAVA_OPTS="$JAVA_OPTS -XX:MaxDirectMemorySize=${ES_DIRECT_SIZE}"

fi

# set to headless, just in case

JAVA_OPTS="$JAVA_OPTS -Djava.awt.headless=true"

# Force the JVM to use IPv4 stack

if [ "x$ES_USE_IPV4" != "x" ]; then

  JAVA_OPTS="$JAVA_OPTS -Djava.net.preferIPv4Stack=true"

fi

# Add gc options. ES_GC_OPTS is unsupported, for internal testing

if [ "x$ES_GC_OPTS" = "x" ]; then

  ES_GC_OPTS="$ES_GC_OPTS -XX:+UseParNewGC"

  ES_GC_OPTS="$ES_GC_OPTS -XX:+UseConcMarkSweepGC"

  ES_GC_OPTS="$ES_GC_OPTS -XX:CMSInitiatingOccupancyFraction=75"

  ES_GC_OPTS="$ES_GC_OPTS -XX:+UseCMSInitiatingOccupancyOnly"

fi

JAVA_OPTS="$JAVA_OPTS $ES_GC_OPTS"

# GC logging options

if [ -n "$ES_GC_LOG_FILE" ]; then

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCDetails"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCTimeStamps"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCDateStamps"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintClassHistogram"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintTenuringDistribution"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCApplicationStoppedTime"

  JAVA_OPTS="$JAVA_OPTS -Xloggc:$ES_GC_LOG_FILE"

  # Ensure that the directory for the log file exists: the JVM will not create it.

  mkdir -p "`dirname \"$ES_GC_LOG_FILE\"`"

fi

# Causes the JVM to dump its heap on OutOfMemory.

JAVA_OPTS="$JAVA_OPTS -XX:+HeapDumpOnOutOfMemoryError"

# The path to the heap dump location, note directory must exists and have enough

# space for a full heap dump.

#JAVA_OPTS="$JAVA_OPTS -XX:HeapDumpPath=$ES_HOME/logs/heapdump.hprof"

# Disables explicit GC

JAVA_OPTS="$JAVA_OPTS -XX:+DisableExplicitGC"

# Ensure UTF- encoding by default (e.g. filenames)

JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF-8"

# Use our provided JNA always versus the system one

JAVA_OPTS="$JAVA_OPTS -Djna.nosys=true"

bin/elasticsearch.in.sh

es2

#集群名字

cluster.name: myES

#节点名字

node.name: es2

#是否有资格成为主节点

node.master: true

#数据目录

path.data: /data/elasticsearch/data

#日志目录

path.logs: /data/elasticsearch/log

#锁住内存

bootstrap.mlockall: True

#绑定的IP地址,可为0.0.0.

#network.bind_host: 10.80.2.84

#该节点与其他节点交互的ip地址,

#network.publish_host: 10.80.2.84

#上面两个参数集合

network.host: 10.80.2.84

#对外服务端口

http.port:

#是否使用http协议对外提供服务

http.enabled: true

#节点间交互tcp端口

transport.tcp.port:

#传输数据时压缩

transport.tcp.compress: true

#集群中主节点初始化列表,通过这些节点自动发现加入其他节点

discovery.zen.ping.unicast.hosts: ["10.80.2.83:9300","10.80.2.84:9300"]

#保证集群中节点可以知道其他N各有主节点资格,默认1,es数超过2个,可设置大一些

discovery.zen.minimum_master_nodes:

#自动发现其他节点时ping超时时间,网络环境差,提高此参数

discovery.zen.ping.timeout: 3s

#是否打开多播发现节点,默认true

discovery.zen.ping.multicast.enabled: false

#集群中几个节点启动时进行数据恢复

gateway.recover_after_nodes:

#初始化数据恢复进程超时时间

gateway.recover_after_time: 5m

#这个es集群中节点数量,一旦这些数目节点启动,进行数据恢复

gateway.expected_nodes:

#初始化数据恢复时,并发恢复的线程个数

cluster.routing.allocation.node_initial_primaries_recoveries:

#数据恢复时最大带宽

indices.recovery.max_size_per_sec: 50mb

# 禁止分词,

index :

  analysis :

    analyzer :

      default :

        tokenizer : keyword

config/elasticsearch.yml

#!/bin/sh

# check in case a user was using this mechanism

if [ "x$ES_CLASSPATH" != "x" ]; then

    cat >& << EOF

Error: Don't modify the classpath with ES_CLASSPATH. Best is to add

additional elements via the plugin mechanism, or if code must really be

added to the main classpath, add jars to lib/ (unsupported).

EOF

    exit

fi

ES_CLASSPATH="$ES_HOME/lib/elasticsearch-2.3.4.jar:$ES_HOME/lib/*"

if [ "x$ES_MIN_MEM" = "x" ]; then

    ES_MIN_MEM=8g

fi

if [ "x$ES_MAX_MEM" = "x" ]; then

    ES_MAX_MEM=8g

fi

if [ "x$ES_HEAP_SIZE" != "x" ]; then

    ES_MIN_MEM=$ES_HEAP_SIZE

    ES_MAX_MEM=$ES_HEAP_SIZE

fi

# min and max heap sizes should be set to the same value to avoid

# stop-the-world GC pauses during resize, and so that we can lock the

# heap in memory on startup to prevent any of it from being swapped

# out.

JAVA_OPTS="$JAVA_OPTS -Xms${ES_MIN_MEM}"

JAVA_OPTS="$JAVA_OPTS -Xmx${ES_MAX_MEM}"

# new generation

if [ "x$ES_HEAP_NEWSIZE" != "x" ]; then

    JAVA_OPTS="$JAVA_OPTS -Xmn${ES_HEAP_NEWSIZE}"

fi

# max direct memory

if [ "x$ES_DIRECT_SIZE" != "x" ]; then

    JAVA_OPTS="$JAVA_OPTS -XX:MaxDirectMemorySize=${ES_DIRECT_SIZE}"

fi

# set to headless, just in case

JAVA_OPTS="$JAVA_OPTS -Djava.awt.headless=true"

# Force the JVM to use IPv4 stack

if [ "x$ES_USE_IPV4" != "x" ]; then

  JAVA_OPTS="$JAVA_OPTS -Djava.net.preferIPv4Stack=true"

fi

# Add gc options. ES_GC_OPTS is unsupported, for internal testing

if [ "x$ES_GC_OPTS" = "x" ]; then

  ES_GC_OPTS="$ES_GC_OPTS -XX:+UseParNewGC"

  ES_GC_OPTS="$ES_GC_OPTS -XX:+UseConcMarkSweepGC"

  ES_GC_OPTS="$ES_GC_OPTS -XX:CMSInitiatingOccupancyFraction=75"

  ES_GC_OPTS="$ES_GC_OPTS -XX:+UseCMSInitiatingOccupancyOnly"

fi

JAVA_OPTS="$JAVA_OPTS $ES_GC_OPTS"

# GC logging options

if [ -n "$ES_GC_LOG_FILE" ]; then

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCDetails"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCTimeStamps"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCDateStamps"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintClassHistogram"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintTenuringDistribution"

  JAVA_OPTS="$JAVA_OPTS -XX:+PrintGCApplicationStoppedTime"

  JAVA_OPTS="$JAVA_OPTS -Xloggc:$ES_GC_LOG_FILE"

  # Ensure that the directory for the log file exists: the JVM will not create it.

  mkdir -p "`dirname \"$ES_GC_LOG_FILE\"`"

fi

# Causes the JVM to dump its heap on OutOfMemory.

JAVA_OPTS="$JAVA_OPTS -XX:+HeapDumpOnOutOfMemoryError"

# The path to the heap dump location, note directory must exists and have enough

# space for a full heap dump.

#JAVA_OPTS="$JAVA_OPTS -XX:HeapDumpPath=$ES_HOME/logs/heapdump.hprof"

# Disables explicit GC

JAVA_OPTS="$JAVA_OPTS -XX:+DisableExplicitGC"

# Ensure UTF- encoding by default (e.g. filenames)

JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF-8"

# Use our provided JNA always versus the system one

JAVA_OPTS="$JAVA_OPTS -Djna.nosys=true"

bin/elasticsearch.in.sh

日志分析 第六章 安装elasticsearch的更多相关文章

  1. 日志分析 第五章 安装logstash

    logstash是java应用,依赖JDK,首先需要安装JDK,在安装jdk过程中,logstash-2.3.4使用JDK-1.7版本有bug,使用JDK-1.8版本正常,因此我们安装JDK-1.8版 ...

  2. 日志分析 第七章 安装grafana

    grafana依赖mysql存储数据,首先需要安装mysql 安装mysql 解压 # groupadd mysql # useradd -s /sbin/nologin -g mysql mysql ...

  3. 日志分析 第四章 安装filebeat

    在进行前面准备之后可以开始安装了,我们的安装顺序是filebeat--->logstash--->elasticsearch filebeat安装很简单,先下载filebeat,这里我们使 ...

  4. 可视化日志分析工具Gltail的安装与使用

    可视化日志分析工具Gltail的安装与使用      GlTail.rb 是一款带有浓郁的 Geek 风格的可视化日志分析工具,它采用 Ruby 技术构建,并利用 OpenGL 图形技术进行渲染,呈现 ...

  5. 日志分析平台ELK之搜索引擎Elasticsearch集群

    一.简介 什么是ELK?ELK是Elasticsearch.Logstash.Kibana这三个软件的首字母缩写:其中elasticsearch是用来做数据的存储和搜索的搜索引擎:logstash是数 ...

  6. 日志分析工具--GoAccess的安装部署

    需求:及时得到线上用户访问日志分析统计结果,以便给开发.测试.运维.运营人员提供决策! 方案:GoAccess,图文并茂,而且速度快,每秒8W 的日志记录解析速度,websocket10秒刷新统计数据 ...

  7. 手把手教你搭建 ELK 实时日志分析平台

    本篇文章主要是手把手教你搭建 ELK 实时日志分析平台,那么,ELK 到底是什么呢? ELK 是三个开源项目的首字母缩写,这三个项目分别是:Elasticsearch.Logstash 和 Kiban ...

  8. 安装logstash+kibana+elasticsearch+redis搭建集中式日志分析平台

    安装logstash+kibana+elasticsearch+redis搭建集中式日志分析平台 2014-01-16 19:40:57|  分类: logstash |  标签:logstash   ...

  9. ELK 日志分析体系

    ELK   日志分析体系 ELK 是指 Elasticsearch.Logstash.Kibana三个开源软件的组合. logstash                       负责日志的收集,处 ...

随机推荐

  1. [转]run for a girl

    上了四个星期决不情愿的自习,终于找到了她上自习的规律, 每个星期五肯定在主教楼525第三排中间,其实第一眼看见她已经喜欢她了,在她周围坐了十天之后更觉得她是我喜欢的那种女孩, (不是每天都能见到她), ...

  2. 东大OJ-5到100000000之间的回文质数

    1217: VIJOS-P1042 时间限制: 0 Sec  内存限制: 128 MB 提交: 78  解决: 29 [提交][状态][讨论版] 题目描述         有一天,雄霸传授本人风神腿法 ...

  3. python表达式操作符【学习python必知必会】

    运算符 描述 实例 yield x 生成器函数发送协议   lambda args: expression 生成匿名函数   x if y else z 三元选择表达式(c系列有的 python也要有 ...

  4. android 随记 ContentValues

    ContentValues 和HashTable类似都是一种存储的机制 但是两者最大的区别就在于,contenvalues只能存储基本类型的数据,像string,int之类的,不能存储对象这种东西,而 ...

  5. Ubuntu14.04下MySQL的安装

    1.输入 sudo apt-get install mysql-server 2.继续执行后,需要设定MySQL密码. 3.再次输入密码. 4.之后就安装成功了,输入mysql -u root -p进 ...

  6. confluence的安装、备份和恢复(wiki)

    还有一种比较不错的wiki工具MediaWiki 安装教程参考 http://pangge.blog.51cto.com/6013757/1560249 我是按照上面的教程搭建的 还有几篇不错的文章 ...

  7. oracle中SET DEFINE意思

    et define off关闭替代变量功能 在SQL*Plus中默认的"&"表示替代变量,也就是说,只要在命令中出现该符 号,SQL*Plus就会要你输入替代值.这就意味着 ...

  8. Android获取屏幕宽度、高度的4种方法

    记录学习之用,有相同的问题可以参考 方法一: WindowManager wm = (WindowManager) this .getSystemService(Context.WINDOW_SERV ...

  9. 数据结构之二分查找(PHP)

    <?php //二分查找算法 //前提:索引数组.数组已排好顺序 $a=array(1,3,4,6,8,9,11,13,15,24,25,27,30,38); $search = 30;//要查 ...

  10. 【BZOJ-2768】冠军调查 最小割

    2768: [JLOI2010]冠军调查 Time Limit: 10 Sec  Memory Limit: 128 MBSubmit: 971  Solved: 661[Submit][Status ...