[리눅스] elasticsearch, kibana 설치

elasticsearch, kibana 설치

elasticsearch 삭제

apt --purge autoremove -y elasticsearch

rm -rf /etc/elasticsearch /var/lib/elasticsearch

elasticsearch 설치

apt install -y elasticsearch

$ apt install -y elasticsearch
...
--------------------------- Security autoconfiguration information ------------------------------

Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : nlF7GuNl4x29UBAfCezQ

If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.

You can complete the following actions at any time:

Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.

Generate an enrollment token for Kibana instances with
 '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.

Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.

-------------------------------------------------------------------------------------------------
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
 sudo systemctl start elasticsearch.service

systemctl status elasticsearch.service

elasticsearch.yml 편집

vim /etc/elasticsearch/elasticsearch.yml

$ vim /etc/elasticsearch/elasticsearch.yml
cluster.name: elasticsearch
node.name: node-1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
cluster.initial_master_nodes: ["uk-221"]
http.host: 0.0.0.0
  #discovery.type=single-node

jvm.options 편집

vim /etc/elasticsearch/jvm.options

$ vim /etc/elasticsearch/jvm.options
-XX:+UseG1GC
-Djava.io.tmpdir=${ES_TMPDIR}
-XX:+HeapDumpOnOutOfMemoryError
-XX:HeapDumpPath=/var/lib/elasticsearch
-XX:ErrorFile=/var/log/elasticsearch/hs_err_pid%p.log
-Xlog:gc*,gc+age=trace,safepoint:file=/var/log/elasticsearch/gc.log:utctime,pid,tags:filecount=32,filesize=64m

systemctl daemon-reload

systemctl enable elasticsearch.service

systemctl start elasticsearch.service

systemctl status elasticsearch.service

curl -Ss --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic:Rp4MWwXmVrZ1-wQNjF** https://localhost:9200 | jq .

curl -Ssk -u elastic:Rp4MWwXmVrZ1-wQNjF** https://localhost:9200 | jq .

$ curl -Ssk -u elastic:Rp4MWwXmVrZ1-wQNjF** https://localhost:9200 | jq .
{
  "name": "node-1",
  "cluster_name": "elasticsearch",
  "cluster_uuid": "JLHxrhzWT2isDki6TGqmjQ",
  "version": {
    "number": "8.2.1",
    "build_flavor": "default",
    "build_type": "deb",
    "build_hash": "db223507a0bd08f8e84a93e329764cc39b0043b9",
    "build_date": "2022-05-19T16:34:08.043347449Z",
    "build_snapshot": false,
    "lucene_version": "9.1.0",
    "minimum_wire_compatibility_version": "7.17.0",
    "minimum_index_compatibility_version": "7.0.0"
  },
  "tagline": "You Know, for Search"
}

728x90

 

 

kibana 삭제

apt --purge autoremove -y kibana

rm -rf /etc/kibana /var/lib/kibana

kibana 설치

/usr/share/kibana/bin/kibana-encryption-keys generate

$ /usr/share/kibana/bin/kibana-encryption-keys generate
## Kibana Encryption Key Generation Utility

The 'generate' command guides you through the process of setting encryption keys for:

xpack.encryptedSavedObjects.encryptionKey
    Used to encrypt stored objects such as dashboards and visualizations
    https://www.elastic.co/guide/en/kibana/current/xpack-security-secure-saved-objects.html#xpack-security-secure-saved-objects

xpack.reporting.encryptionKey
    Used to encrypt saved reports
    https://www.elastic.co/guide/en/kibana/current/reporting-settings-kb.html#general-reporting-settings

xpack.security.encryptionKey
    Used to encrypt session information
    https://www.elastic.co/guide/en/kibana/current/security-settings-kb.html#security-session-and-cookie-settings


Already defined settings are ignored and can be regenerated using the --force flag.  Check the documentation links for instructions on how to rotate encryption keys.
Definitions should be set in the kibana.yml used configure Kibana.

Settings:
xpack.encryptedSavedObjects.encryptionKey: f03de5bd3fadd5bced83d765be6eeb37
xpack.reporting.encryptionKey: c5fd7cab40d539150aa0c8f318697b9a
xpack.security.encryptionKey: f6f241465315670003a5c752ecee5244

$ echo -e "xpack.encryptedSavedObjects.encryptionKey: f03de5bd3fadd5bced83d765be6eeb37
xpack.reporting.encryptionKey: c5fd7cab40d539150aa0c8f318697b9a
xpack.security.encryptionKey: f6f241465315670003a5c752ecee5244" >> /etc/kibana/kibana.yml

웹 브라우저 접근

http://localhost:5601/?code=917177

 

/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana --url "https://localhost:9200"

 

/usr/share/kibana/bin/kibana-verification-code

-----

systemd configuration 편집(elasticsearch.service)

- LimitMEMLOCK=infinity 추가

vim /etc/systemd/system/multi-user.target.wants/elasticsearch.service

$ vim /etc/systemd/system/multi-user.target.wants/elasticsearch.service
[Service]
...
LimitMEMLOCK=infinity

systemctl daemon-reload && systemctl restart elasticsearch