如何基于Oracle Linux 9.x部署Kibana?

Elastic Stack

1 基础知识

Kibana是一个开源的分析和可视化平台,Kibana设计用于与Elasticsearch一起工作
Kibana支持搜索、查看存储在Elasticsearch索引中的数据
Kibana支持执行高级的数据分析和创建各种可视化数据
Kibana使得理解大量的数据变得容易、简单、基于浏览器界面使你能欧快速创建和共享动态仪表板并实时显示Elasticsearch的查询。

2 最佳实践

2.1 环境信息

2.1.1 主机信息

Host Name = elasticsearch[01-03].cmdschool.org
IP Address = 10.168.0.[100 – 102] OS = Oracle Linux 9.x x86_64
Elasticsearch Version = 8.11.3
另外,如果你需要部署Elasticsearch集群环境,请参阅以下文档,

如何部署Elasticsearch 8.x集群?

Host Name = kibana.cmdschool.org
OS = Oracle Linux 9.x x86_64
IP Address = 10.168.0.99

Host Name = client.cmdschool.org
OS = Oracle Linux 9.x x86_64如何基于Oracle Linux 9.x部署Kibana?
IP Address = any

2.2.2 配置名称解析

In All,

vim /etc/hosts

加入如下配置,

10.168.0.100 elasticsearch01 elasticsearch01.cmdschool.org
10.168.0.101 elasticsearch02 elasticsearch02.cmdschool.org
10.168.0.102 elasticsearch03 elasticsearch03.cmdschool.org
10.168.0.99 kibana kibana.cmdschool.org

注:以上配置仅用于测试,正式环境请使用DNS代替

2.2 安装前的准备

In Kibana,

2.2.1 基本环境配置

如何完成CentOS 7.x的基本服务?

2.2.2 配置安装源

vim /etc/yum.repos.d/elasticsearc.repo

加入如下配置,

[elasticsearch]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

2.3 安装kibana

2.3.1 安装指定的版本

dnf install -y kibana-8.11.3

2.3.2 启动服务并设置自启动

systemctl start kibana.service
systemctl enable kibana.service

另外,建议你使用如下命令检查服务状态,

systemctl status kibana.service

可见如下提示,

● kibana.service - Kibana
     Loaded: loaded (/usr/lib/systemd/system/kibana.service; enabled; vendor preset: disabled)
     Active: active (running) since Wed 2024-01-10 15:13:03 CST; 26s ago
       Docs: https://www.elastic.co
   Main PID: 1493 (node)
      Tasks: 11 (limit: 23316)
     Memory: 413.3M
        CPU: 19.289s
     CGroup: /system.slice/kibana.service
             └─1493 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli/dist

Jan 10 15:13:19 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:19.690+08:00][INFO ][plugins-service] Plugin "securitySolutionServerless" is disabled.
Jan 10 15:13:19 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:19.690+08:00][INFO ][plugins-service] Plugin "serverless" is disabled.
Jan 10 15:13:19 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:19.690+08:00][INFO ][plugins-service] Plugin "serverlessObservability" is disabled.
Jan 10 15:13:19 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:19.690+08:00][INFO ][plugins-service] Plugin "serverlessSearch" is disabled.
Jan 10 15:13:19 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:19.930+08:00][INFO ][http.server.Preboot] http server running at http://localhost:5601
Jan 10 15:13:20 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:20.074+08:00][INFO ][plugins-system.preboot] Setting up [1] plugins: [interactiveSetup]
Jan 10 15:13:20 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:20.077+08:00][INFO ][preboot] "interactiveSetup" plugin is holding setup: Validating Elasticsearch connection configuration…
Jan 10 15:13:20 kibana.cmdschool.org kibana[1493]: [2024-01-10T15:13:20.109+08:00][INFO ][root] Holding setup until preboot stage is completed.
Jan 10 15:13:20 kibana.cmdschool.org kibana[1493]: i Kibana has not been configured.
Jan 10 15:13:20 kibana.cmdschool.org kibana[1493]: Go to http://localhost:5601/?code=338700 to get started.

如果需要查询运行的进程号,可使用如下命令,

pgrep -u kibana node -a

可见如下显示,

1493 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli/dist

然后,服务倾听的端口可使用如下命令,

for i in `pgrep -u kibana node`; do netstat -anp | grep $i; done

可见如下显示,

tcp        0      0 127.0.0.1:5601          0.0.0.0:*               LISTEN      1493/node           
unix  3      [ ]         STREAM     CONNECTED     31087    1493/node

根据倾听的端口,你需要使用如下命令开放防火墙,

firewall-cmd --permanent --add-port 5601/tcp
firewall-cmd --reload
firewall-cmd --list-all

2.3.3 修改配置文件

cp /etc/kibana/kibana.yml /etc/kibana/kibana.yml.default
vim /etc/kibana/kibana.yml

配置修改如下,

server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://elasticsearch01:9200", "http://elasticsearch02:9200", "http://elasticsearch03:9200"]
logging:
  appenders:
    file:
      type: file
      fileName: /var/log/kibana/kibana.log
      layout:
        type: json
  root:
    appenders:
      - default
      - file

重启服务使配置生效,

systemctl restart kibana.service

2.3.4 测试Kibana

In Client,
http://kibana.cmdschool.org:5601

参阅文档
================

软件下载
——————–
https://www.elastic.co/cn/downloads/kibana

安装方法
——————–
https://www.elastic.co/guide/en/kibana/current/rpm.html

Kibana配置文件
——————–
https://www.elastic.co/guide/en/kibana/8.11/settings.html

没有评论

发表回复

Elastic Stack
如何部署带安全认证的WinLogBeat?

1 前言 一个问题,一篇文章,一出故事。 由于笔者需要收集Windows的日志,于是本章将整理Win …

Elastic Stack
如何部署带安全认证的Filebeat与logstash集成?

1 前言 一个问题,一篇文章,一出故事。 本章将整理Filebeat与Logstash集成,然后通过 …

Elastic Stack
如何部署带安全认证的Logstash?

1 基础知识 1.1 软件简介 – Logstash是免费且开放的服务器端实时数据处理管 …