🐡

OracleLinux8にElasticsearch/Kibana/Logstashをインストールしてみる

2022/05/17に公開約6,800字

yumのアップデートを実施

yum update -y

OpenJDKのインストール

yum install java-1.8.0-openjdk-devel -y

JDKのバージョン確認

[root@ekl ~]# java -version
openjdk version "1.8.0_332"
OpenJDK Runtime Environment (build 1.8.0_332-b09)
OpenJDK 64-Bit Server VM (build 25.332-b09, mixed mode)
[root@ekl ~]#

Elasticsearch PGPキーのインストール

[root@ekl ~]# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

リポジトリの登録

[root@ekl ~]# vi /etc/yum.repos.d/elasticsearch.repo
[root@ekl ~]# cat /etc/yum.repos.d/elasticsearch.repo
[elasticsearch]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=0
autorefresh=1
type=rpm-md
[root@ekl ~]#

Elasticsearch/Kibana/Logstashのインストール

[root@ekl ~]# yum install --enablerepo=elasticsearch  elasticsearch kibana logstash

Elastricsearchに利用するIPアドレスの設定

network.host: 0.0.0.0をelasticsearch.ymlに追記する

[root@ekl ~]# vi /etc/elasticsearch/elasticsearch.yml
[root@ekl ~]# cat /etc/elasticsearch/elasticsearch.yml | grep "network.host"
#network.host: 192.168.0.1
network.host: 0.0.0.0
[root@ekl ~]#

Kibanaに利用するIPアドレスの設定

server.host: 0.0.0.0をkibana.ymlに追記する

[root@ekl ~]# vi /etc/kibana/kibana.yml
[root@ekl ~]# cat /etc/kibana/kibana.yml| grep "server.host"
#server.host: "localhost"
server.host: "0.0.0.0"
[root@ekl ~]#

FireWallのポート開放

[root@ekl ~]# firewall-cmd --add-port=5601/tcp --zone=public --permanent
success
[root@ekl ~]# firewall-cmd --add-port=9200/tcp --zone=public --permanent
success
[root@ekl ~]# firewall-cmd --add-port=9600/tcp --zone=public --permanent
success
[root@ekl ~]# firewall-cmd --reload
success

起動

[root@ekl ~]# systemctl restart elasticsearch kibana logstash
Job for elasticsearch.service failed because the control process exited with error code.
See "systemctl status elasticsearch.service" and "journalctl -xe" for details.

どれかが起動失敗してしまいました。

[root@ekl ~]# systemctl status kibana
● kibana.service - Kibana
   Loaded: loaded (/etc/systemd/system/kibana.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-05-17 05:00:13 GMT; 1min 16s ago
     Docs: https://www.elastic.co
 Main PID: 117831 (node)
    Tasks: 11 (limit: 100054)
   Memory: 255.2M
   CGroup: /system.slice/kibana.service
           mq117831 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli/dist --logging.dest=/var/>

May 17 05:00:13 ekl systemd[1]: Started Kibana.
[root@ekl ~]# systemctl status logstash
● logstash.service - logstash
   Loaded: loaded (/etc/systemd/system/logstash.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-05-17 05:01:40 GMT; 23s ago
 Main PID: 118515 (java)
    Tasks: 19 (limit: 100054)
   Memory: 498.2M
   CGroup: /system.slice/logstash.service
           mq118515 /usr/share/logstash/jdk/bin/java -Xms1g -Xmx1g -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancy>

May 17 05:01:40 ekl systemd[1]: Started logstash.
May 17 05:01:40 ekl logstash[118515]: Using bundled JDK: /usr/share/logstash/jdk
May 17 05:01:40 ekl logstash[118515]: OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in v>
May 17 05:02:02 ekl logstash[118515]: Sending Logstash logs to /var/log/logstash which is now configured via log4j2.p>
May 17 05:02:02 ekl logstash[118515]: [2022-05-17T05:02:02,150][INFO ][logstash.runner          ] Log4j configuration>
May 17 05:02:02 ekl logstash[118515]: [2022-05-17T05:02:02,159][INFO ][logstash.runner          ] Starting Logstash {>
May 17 05:02:02 ekl logstash[118515]: [2022-05-17T05:02:02,161][INFO ][logstash.runner          ] JVM bootstrap flags>
May 17 05:02:03 ekl logstash[118515]: [2022-05-17T05:02:03,826][INFO ][logstash.agent           ] Successfully starte>
May 17 05:02:03 ekl logstash[118515]: [2022-05-17T05:02:03,858][INFO ][logstash.config.source.local.configpathloader]>
May 17 05:02:03 ekl logstash[118515]: [2022-05-17T05:02:03,875][ERROR][logstash.config.sourceloader] No configuration>
[root@ekl ~]#

kibanaとlogstashは起動しているのでElasticsearchが起動に失敗していると思うので確認してみる。

[root@ekl ~]# systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Tue 2022-05-17 05:00:59 GMT; 2min 22s ago
     Docs: https://www.elastic.co
  Process: 117832 ExecStart=/usr/share/elasticsearch/bin/systemd-entrypoint -p ${PID_DIR}/elasticsearch.pid --quiet (>
 Main PID: 117832 (code=exited, status=78)

May 17 05:00:13 ekl systemd[1]: Starting Elasticsearch...
May 17 05:00:59 ekl systemd-entrypoint[117832]: ERROR: [1] bootstrap checks failed. You must address the points descr>
May 17 05:00:59 ekl systemd-entrypoint[117832]: bootstrap check failure [1] of [1]: the default discovery settings ar>
May 17 05:00:59 ekl systemd-entrypoint[117832]: ERROR: Elasticsearch did not exit normally - check the logs at /var/l>
May 17 05:00:59 ekl systemd[1]: elasticsearch.service: Main process exited, code=exited, status=78/CONFIG
May 17 05:00:59 ekl systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
May 17 05:00:59 ekl systemd[1]: Failed to start Elasticsearch.
[root@ekl ~]#

やっぱりElasticsearchが起動失敗しています。
エラーログより

[1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.
bootstrap check failure [1] of [1]: the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured

このエラーは下記記事を参照し解決しました。
こちらの記事

[root@ekl ~]# vi /etc/elasticsearch/elasticsearch.yml
[root@ekl ~]# cat /etc/elasticsearch/elasticsearch.yml | grep "transport"
transport.host: localhost
transport.tcp.port: 9300
[root@ekl ~]# systemctl stop elasticsearch
[root@ekl ~]# systemctl start elasticsearch
[root@ekl ~]#

Elasticsearchへアクセス確認

[root@ekl ~]# curl http://localhost:9200
{
  "name" : "ekl",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "1cfwFXA1SgmhqHsEFxu9uw",
  "version" : {
    "number" : "7.17.3",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "5ad023604c8d7416c9eb6c0eadb62b14e766caff",
    "build_date" : "2022-04-19T08:11:19.070913226Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}
[root@ekl ~]#

Kibanaへアクセス確認

ブラウザで http://<Server IP Address>:5601 と入力しアクセス出来るか確認してみます。

Discussion

ログインするとコメントできます