摘要:安装适合 M1 芯片的 elasticsearch、kibana、logstash,优化内存占用并设定访问密码。
安装 elasticsearch 使用 brew 安装适用 M1 芯片的 elasticsearch
1 2 3 brew install elastic/tap/elasticsearch-full
安装成功后显示使用帮助:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 ==> Installing elasticsearch-full from elastic/tap Warning: Tried to install empty array to /opt/homebrew/etc/elasticsearch/jvm.options.d ==> codesign -f -s - /opt/homebrew/Cellar/elasticsearch-full/7.17.1/libexec/modules/x-pack ==> find /opt/homebrew/Cellar/elasticsearch-full/7.17.1/libexec/jdk.app/Contents/Home/bin ==> Caveats Data: /opt/homebrew/var/lib/elasticsearch/elasticsearch_zhangminglei/ Logs: /opt/homebrew/var/log /elasticsearch/elasticsearch_zhangminglei.log Plugins: /opt/homebrew/var/elasticsearch/plugins/ Config: /opt/homebrew/etc/elasticsearch/ brew services start elastic/tap/elasticsearch-full elasticsearch
启动后台服务:
1 brew services start elastic/tap/elasticsearch-full
运行后验证,使用浏览器访问:http://localhost:9200/ ,出现以下响应内容:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 { "name" : "LegalgesMacBook.lan" , "cluster_name" : "elasticsearch_zhangminglei" , "cluster_uuid" : "fB4xhSO1TrO0yh1I4h7qaw" , "version" : { "number" : "7.17.1" , "build_flavor" : "default" , "build_type" : "tar" , "build_hash" : "e5acb99f822233d62d6444ce45a4543dc1c8059a" , "build_date" : "2022-02-23T22:20:54.153567231Z" , "build_snapshot" : false , "lucene_version" : "8.11.1" , "minimum_wire_compatibility_version" : "6.8.0" , "minimum_index_compatibility_version" : "6.0.0-beta1" }, "tagline" : "You Know, for Search" }
安装 kibana 使用 brew 安装适用 M1 芯片的 kibana
1 2 3 brew install elastic/tap/kibana-full
安装成功后提示:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 ==> Installing kibana-full from elastic/tap ==> Caveats Config: /opt/homebrew/etc/kibana/ If you wish to preserve your plugins upon upgrade, make a copy of /opt/homebrew/opt/kibana-full/plugins before upgrading, and copy it into the new keg location after upgrading. To start elastic/tap/kibana-full now and restart at login: brew services start elastic/tap/kibana-full Or, if you don't want/need a background service you can just run: kibana # 安装结果摘要 ==> Summary 🍺 /opt/homebrew/Cellar/kibana-full/7.17.1: 51,438 files, 720MB, built in 30 seconds ==> Running `brew cleanup kibana-full`... Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP. Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).
启动后台服务:
1 brew services start elastic/tap/kibana-full
浏览器访问 http://localhost:5601/ ,查看运行界面情况,将系统界面修改为中文:
1 2 3 4 5 6 7 8 cd /opt/homebrew/etc/kibana/nano kibana.yml i18n.locale: "zh-CN"
重启 brew 服务:
1 brew services restart elastic/tap/kibana-full
调整系统内存占用 ES 服务默认会占用系统一半以上的内存,可以通过修改配置文件,进行限制:
所需修改文件在服务配置路径当中:/opt/homebrew/etc/elasticsearch/
所需修改文件:jvm.options
修改前:
1 2 3 4 5 ## jvm.options.d directory containing these lines: ## ## -Xms4g ## -Xmx4g ##
修改后:
1 2 3 4 5 ## jvm.options.d directory containing these lines: ## -Xms4g -Xmx4g ##
重启 ES 服务,即可在系统的【活动监视器】看到 java 内存占用已经受限:
1 brew services restart elastic/tap/elasticsearch-full
设置密码保护 注:可参考官方文档:https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-minimal-setup.html
1 2 3 4 5 6 7 8 9 10 # 进入配置文件夹 /opt/homebrew/etc/elasticsearch/ # 编辑配置文件 elasticsearch.yml # 文件末尾追加以下2行内容: xpack.security.enabled: true discovery.type: single-node
step3 : 利用 elasticsearch 内置工具自动生成账号、密码
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 brew services start elastic/tap/elasticsearch-full /opt/homebrew/Cellar/elasticsearch-full/7.17.1/bin ./elasticsearch-setup-passwords auto 生成的账号密码示例: Changed password for user kibana_system PASSWORD kibana_system = n9zXw2UnJwvWdrJ4ZPcg Changed password for user elastic PASSWORD elastic = Lhder7yQVB8z3rzdFoKY
step4 : 将以上自动生成的账号密码配置到 Kibana ,使其可以访问 es
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 /opt/homebrew/etc/kibana/ elasticsearch.username: "kibana_system" /opt/homebrew/Cellar/kibana-full/7.17.1/bin ./kibana-keystore create ./kibana-keystore add elasticsearch.password 输入以上生成的 kibana_system 密码 brew services start elastic/tap/kibana-full
step5 : 使用以上自动生成的 elastic 账号密码登录 kibana
1 2 3 4 5 地址: http://localhost:5601/ 账号: elastic 密码: Lhder8yQVB8z3rzdFoKY *可在 kibana 当中修改密码
安装 logstash 使用 brew 安装适用 M1 芯片的 logstash:
1 2 3 brew install elastic/tap/logstash-full
安装成功日志:
1 2 3 4 5 6 7 8 9 10 11 Please read the getting started guide located at: https://www.elastic.co/guide/en/logstash/current/getting-started-with-logstash.html To start elastic/tap/logstash-full now and restart at login: brew services start elastic/tap/logstash-full Or, if you don't want/need a background service you can just run: logstash ==> Summary 🍺 /opt/homebrew/Cellar/logstash-full/7.17.1: 14,003 files, 604.8MB, built in 13 seconds ==> Running `brew cleanup logstash-full`... Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.
在 logstash.yml 中配置用户名和密码:
路径:/opt/homebrew/etc/logstash
1 2 3 4 5 6 7 8 xpack.monitoring.enabled: true xpack.monitoring.elasticsearch.username: logstash_system xpack.monitoring.elasticsearch.password: ***** xpack.monitoring.elasticsearch.hosts: ["http://127.0.0.1:9200" ]
启动服务:
1 brew services start elastic/tap/logstash-full
验证安装成功:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 cd /opt/homebrew/Cellar/logstash-full/7.17.1/binbin/logstash -e 'input { stdin { } } output { stdout { } }' { "@version" => "1" , "message" => "hello" , "@timestamp" => 2022-05-29T06:28:37.021Z, "host" => "izwz9cte3psk7ixd8kospzz" }
创建并使用管道配置文件:
1 2 3 4 5 6 7 8 9 10 11 12 13 //hello.conf input { stdin { } } output { elasticsearch { hosts => "http://127.0.0.1:9200" index => "logs" user => "elastic" password => "************" } stdout {} }
使用管道:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 logstash -f hello.conf hello world { "host" => "Legalgeeks-MacBook.local" , "@timestamp" => 2022-03-20T05:50:48.988Z, "@version" => "1" , "message" => "hello world" }