본문 바로가기

리눅스

[리눅스] Ubuntu 환경에서 Elasticsearch와 Kibana를 설치하고 연동하는 방법(single node)

728x90

Ubuntu 환경에서 Elasticsearch와 Kibana를 설치하고 연동하는 방법(single node)

apt 저장소 업데이트

sudo apt-get update

apt-transport-https 패키지 설치

sudo apt-get install -y apt-transport-https

Elasticsearch 공식 GPG 키 추가

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg

Elasticsearch 저장소 추가

echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
sudo apt-get update

Elasticsearch 설치하기

Elasticsearch 패키지 설치

sudo apt-get install -y elasticsearch

보안 자동 구성 정보

--------------------------- Security autoconfiguration information ------------------------------

Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : i*K-5bDjKVt6+7*74aku

If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.

You can complete the following actions at any time:

Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.

Generate an enrollment token for Kibana instances with
 '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.

Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.

-------------------------------------------------------------------------------------------------
### NOT starting on installation, please execute the following statements to configure elasticsearch 
service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
 sudo systemctl start elasticsearch.service

시스템 색인 자동 생성 활성화

vim /etc/elasticsearch/elasticsearch.yml
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*

Elasticsearch 실행

systemctl --now enable elasticsearch.service

Elasticsearch 서비스 상태 확인

systemctl status elasticsearch.service

Elasticsearch 정보 확인

curl -k -XGET https://elastic:i*K-5bDjKVt6+7*74aku@localhost:9200
$ curl -k -XGET https://elastic:i*K-5bDjKVt6+7*74aku@localhost:9200
{
  "name" : "node1",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "K6UghcRUTiCoWwimDD2Oag",
  "version" : {
    "number" : "8.6.2",
    "build_flavor" : "default",
    "build_type" : "deb",
    "build_hash" : "2d58d0f136141f03239816a4e360a8d17b6d8f29",
    "build_date" : "2023-02-13T09:35:20.314882762Z",
    "build_snapshot" : false,
    "lucene_version" : "9.4.2",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

Kibana 설치하기

위에서 elastic 저장소를 추가했기에 여기서는 생략하도록 하겠습니다.

Kibana 패키지 설치

apt-get install -y kibana

Kibana 실행

systemctl --now enable kibana.service

Kibana 서비스 상태 확인

  • Go to http://localhost:5601/?code=453288 to get started.
systemctl status kibana
$ systemctl status kibana
● kibana.service - Kibana
     Loaded: loaded (/lib/systemd/system/kibana.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2023-03-17 21:07:58 KST; 1min 0s ago
       Docs: https://www.elastic.co
   Main PID: 3688 (node)
      Tasks: 11 (limit: 4571)
     Memory: 367.0M
        CPU: 17.268s
     CGroup: /system.slice/kibana.service
             └─3688 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli/dist

...
Mar 17 21:08:20 node1 kibana[3688]: i Kibana has not been configured.
Mar 17 21:08:20 node1 kibana[3688]: Go to http://localhost:5601/?code=453288 to get started.

kibana.yml 설정 파일 편집

  • server.port: 5601
  • server.host: "0.0.0.0"
  • server.publicBaseUrl: "http://192.168.0.61:5601"
vim /etc/kibana/kibana.yml
...
# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"

# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""

# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# Defaults to `false`.
#server.rewriteBasePath: false

# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
server.publicBaseUrl: "http://192.168.0.61:5601"

Kibana 재실행

systemctl restart kibana.service
728x90

Elasticsearch와 Kibana 연동하기

브라우저에서 http://192.168.0.61:5601(or http://localhost:5601) 주소로 접속

 

token 생성

/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token --scope kibana
$ /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token --scope kibana
eyJ2ZXIiOiI4LjYuMiIsImFkciI6WyIxOTIuMTY4LjAuNjE6OTIwMCJdLCJmZ3IiOiI3Y2M0MDM2OTE5NjJkMzYzYTJlZDdlMmRhNjM4MzVmYjlkOWFiZWM0ZmQ3ZTI1ZmE4OGY3ODI0ZTQ1NGU0YWNhIiwia2V5IjoiU21PQjc0WUJ5bDFfVU9aQ050MDc6NDlpbU1kcGhTTnFuOGhkUmNDdUJXUSJ9

 

Kibana 서버에서 코드를 복사

/usr/share/kibana/bin/kibana-verification-code
$ /usr/share/kibana/bin/kibana-verification-code
Your verification code is:  727 916

 

 

 

elastic 계정의 패스워드 재설정

/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic -i

kibana_system 계정의 패스워드 재설정

/usr/share/elasticsearch/bin/elasticsearch-reset-password -u kibana_system -i

 

728x90