首页 > Linux操作系统 > Linux操作系统 > Linux架构:ELK安装


原创 Linux操作系统 作者:1向2飞 时间:2017-08-09 14:13:48 0 删除 编辑

Installationedit --5.5.1

Elasticsearch requires at least Java 8. Specifically(特别) as of this writing, it is recommended that you use the Oracle JDK version 1.8.0_131. Java installation varies(变化的) from platform to platform so we won’t go into those details here. Oracle’s recommended installation documentation can be found on Oracle’s website. Suffice to say(只要…就够了), before you install Elasticsearch, please check your Java version first by running (and then install/upgrade accordingly(于是) if needed):

java -version


Once we have Java set up, we can then download and run Elasticsearch. The binaries are available from along with(随着) all the releases that have been made in the past(以往). For(对于) each release, you have a choice among a zip or tar archive, a DEB or RPM package, or a Windows MSI installation package.

Installation example with taredit

For(为了) simplicity(简单起见), let’s use the tar file.

Let’s download the Elasticsearch 5.5.1 tar as follows:

curl -L -O

Then extract it as follows:

tar -xvf elasticsearch-5.5.1.tar.gz

It will then create a bunch of(一堆的) files and folders in your current directory. We then go into the bin directory as follows:

cd elasticsearch-5.5.1/bin

And now we are ready to start our node and single cluster:


Installation example with MSI Windows Installeredit

For Windows users, we recommend using the MSI Installer package. The package contains a graphical user interface (GUI) that guides you through the installation process.

First, download the Elasticsearch 5.5.1 MSI from

Then double-click the downloaded file to launch the GUI. Within the first screen, select the deployment directories:

Then select whether to install as a service or start Elasticsearch manually as needed. To align with the tar example, choose not to install as a service:


For configuration, simply leave the default values:


Again, to align with the tar example, uncheck all plugins to not install any plugins:


After clicking the install button, Elasticsearch will be installed:


By default, Elasticsearch will be installed at %PROGRAMFILES%\Elastic\Elasticsearch. Navigate here and go into the bin directory as follows:

with Command Prompt:

cd %PROGRAMFILES%\Elastic\Elasticsearch\bin

with PowerShell:

cd $env:PROGRAMFILES\Elastic\Elasticsearch\bin

And now we are ready to start our node and single cluster:


Successfully running nodeedit

If everything goes well with installation, you should see a bunch of messages that look like below:

[2016-09-16T14:17:51,251][INFO ][o.e.n.Node               ] [] initializing ...

[2016-09-16T14:17:51,329][INFO ][o.e.e.NodeEnvironment    ] [6-bjhwl] using [1] data paths, mounts [[/ (/dev/sda1)]], net usable_space [317.7gb], net total_space [453.6gb], spins? [no], types [ext4]

[2016-09-16T14:17:51,330][INFO ][o.e.e.NodeEnvironment    ] [6-bjhwl] heap size [1.9gb], compressed ordinary object pointers [true]

[2016-09-16T14:17:51,333][INFO ][o.e.n.Node               ] [6-bjhwl] node name [6-bjhwl] derived from node ID; set [] to override

[2016-09-16T14:17:51,334][INFO ][o.e.n.Node               ] [6-bjhwl] version[5.5.1], pid[21261], build[f5daa16/2016-09-16T09:12:24.346Z], OS[Linux/4.4.0-36-generic/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_60/25.60-b23]

[2016-09-16T14:17:51,967][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [aggs-matrix-stats]

[2016-09-16T14:17:51,967][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [ingest-common]

[2016-09-16T14:17:51,967][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [lang-expression]

[2016-09-16T14:17:51,967][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [lang-groovy]

[2016-09-16T14:17:51,967][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [lang-mustache]

[2016-09-16T14:17:51,967][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [lang-painless]

[2016-09-16T14:17:51,967][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [percolator]

[2016-09-16T14:17:51,968][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [reindex]

[2016-09-16T14:17:51,968][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [transport-netty3]

[2016-09-16T14:17:51,968][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded module [transport-netty4]

[2016-09-16T14:17:51,968][INFO ][o.e.p.PluginsService     ] [6-bjhwl] loaded plugin [mapper-murmur3]

[2016-09-16T14:17:53,521][INFO ][o.e.n.Node               ] [6-bjhwl] initialized

[2016-09-16T14:17:53,521][INFO ][o.e.n.Node               ] [6-bjhwl] starting ...

[2016-09-16T14:17:53,671][INFO ][o.e.t.TransportService   ] [6-bjhwl] publish_address {}, bound_addresses {{}

[2016-09-16T14:17:53,676][WARN ][o.e.b.BootstrapCheck     ] [6-bjhwl] max virtual memory areas vm.max_map_count [65530] likely too low, increase to at least [262144]

[2016-09-16T14:17:56,731][INFO ][o.e.h.HttpServer         ] [6-bjhwl] publish_address {}, bound_addresses {[::1]:9200}, {}

[2016-09-16T14:17:56,732][INFO ][o.e.g.GatewayService     ] [6-bjhwl] recovered [0] indices into cluster_state

[2016-09-16T14:17:56,748][INFO ][o.e.n.Node               ] [6-bjhwl] started

Without going(没有) too much into detail, we can see that our node named "6-bjhwl" (which will be a different set of characters in your case) has started and elected(选举) itself as a master in a single cluster. Don’t worry yet at the moment what master means. The main thing that is important here is that we have started one node within one cluster.

As mentioned(提到) previously(前边)(如前所述), we can override(覆盖、修改) either the cluster or node name. This can be done from the command line when starting Elasticsearch as follows:


Also note(注意) the line marked http with information about the HTTP address ( and port (9200) that our node is reachable(可达) from. By default, Elasticsearch uses port 9200 to provide access to its REST API. This port is configurable if necessary.


Installing and Running Elasticsearchedit--2.x

The easiest(最简单) way to understand what Elasticsearch can do for you is to play with it, so let’s get started!

The only requirement for installing Elasticsearch is a recent version of Java. Preferably(最好), you should install the latest version of the official Java from

You can get the latest version of Elasticsearch from

To install Elasticsearch, download and extract the archive file for your platform. For more information, see the Installation topic in the Elasticsearch Reference.


When installing Elasticsearch in production, you can choose to use the Debian or RPM packages provided on the downloads page. You can also use the officially supportedPuppet module or Chef cookbook.

Once you’ve extracted the archive file, Elasticsearch is ready to run. To start it up in the foreground:

cd elasticsearch-<version>


Add -d if you want to run it in the background as a daemon.

If you’re running Elasticsearch on Windows, simply run bin\elasticsearch.bat instead.

Test it out by opening another terminal window and running the following:

curl 'http://localhost:9200/?pretty'


If you’re running Elasticsearch on Windows, you can download cURL from cURL provides a convenient way to submit requests to Elasticsearch and installing cURL enables you to copy and paste many of the examples in this book to try them out.

You should see a response like this:


  "name" : "Tom Foster",

  "cluster_name" : "elasticsearch",

  "version" : {

    "number" : "2.1.0",

    "build_hash" : "72cd1f1a3eee09505e036106146dc1949dc5dc87",

    "build_timestamp" : "2015-11-18T22:40:03Z",

    "build_snapshot" : false,

    "lucene_version" : "5.3.1"


  "tagline" : "You Know, for Search"



This means that you have an Elasticsearch node up and running, and you can start experimenting with it. A node is a running instance of Elasticsearch. A cluster is a group of nodes with the same that are working together to share data and to provide(提供) failover(故障切换) and scale(缩放). (A single node, however, can form a cluster all by itself.) You can change the in the elasticsearch.yml configuration file that’s loaded when you start a node. More information about this and other Important Configuration Changes is provided in the Production Deployment section at the end of this book.


See that View in Sense link at the bottom of the example? Install the Sense console to run the examples in this book against your own Elasticsearch cluster and view the results.

When Elasticsearch is running in the foreground, you can stop it by pressing Ctrl-C.

Installing Senseedit

Sense is a Kibana app that provides an interactive(交互式) console for submitting (提交)requests to Elasticsearch directly from your browser. Many of the code examples in the online version of this book include a View in Sense link. When clicked, it opens up a working example of the code in the Sense console. You do not have to install Sense, but it will make this book much more interactive by allowing you to experiment(实验) with the code samples on your local Elasticsearch cluster.

To install and run Sense:

  1. Run the following command in the Kibana directory to download and install the Sense app:

./bin/kibana plugin --install elastic/sense

Windows: bin\kibana.bat plugin --install elastic/sense.


You can download Sense from to install it on an offline machine.

  1. Start Kibana.


Windows: bin\kibana.bat.

  1. Open Sense your web browser by going to http://localhost:5601/app/sense.


来自 “ ITPUB博客 ” ,链接:,如需转载,请注明出处,否则将追究法律责任。



  • 博文量
  • 访问量