以下是在docker和docker-compose安装完毕下进行
docker-compose.yaml
version: '2.2'
services:
cerebro:
image: lmenezes/cerebro:0.8.3
container_name: cerebro
ports:
- "9000:9000"
command:
- -Dhosts.0.host=http://elasticsearch:9200
networks:
- es7net
kibana:
image: kibana:7.1.0
container_name: kibana7
environment:
- I18N_LOCALE=zh-CN
- XPACK_GRAPH_ENABLED=true
- TIMELION_ENABLED=true
- XPACK_MONITORING_COLLECTION_ENABLED="true"
ports:
- "5601:5601"
networks:
- es7net
elasticsearch:
image: pengliwds/elasticsearch-analysis:7.1.0
container_name: es7_01
environment:
- cluster.name=geektime
- node.name=es7_01
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- discovery.seed_hosts=es7_01,es7_02
- cluster.initial_master_nodes=es7_01,es7_02
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- es7data1:/usr/share/elasticsearch/data
ports:
- 9200:9200
networks:
- es7net
elasticsearch2:
image: pengliwds/elasticsearch-analysis:7.1.0
container_name: es7_02
environment:
- cluster.name=geektime
- node.name=es7_02
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- discovery.seed_hosts=es7_01,es7_02
- cluster.initial_master_nodes=es7_01,es7_02
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- es7data2:/usr/share/elasticsearch/data
networks:
- es7net
volumes:
es7data1:
driver: local
es7data2:
driver: local
networks:
es7net:
driver: bridge
以上分别安装了kibana:7.1.0和连个es:7.1.0节点,截止目前es版本已更新至7.6.2,最新版也不错,就是分词器的更新有点慢,更不上es的节奏。es节点中的镜像包含分词器:
- analysis-hanlp
- analysis-ik
- analysis-pinyin
拿走不谢!也可以直接配置纯净版:imgae: kibana:7.1.0,其中
注意kibana和es版本的必须一致
因为es7只有内置了JDK,所以以上不需要新增java配置,仅在docker和docker-comse下配置。
启动命令:
docker-compose up
关闭命令:可以直接ctrl-c也可以使用
docker-compose down
首次安装会拉取镜像,后续开启便不用重新拉取。
对于安装失败的同学,可以使用:
docker-compose down
停止容器并且移除数据
安装成功效果
效果截图:
kibana:
localhost:5601
image.png
es:
localhost:9200
image.png
出现以上则安装成功,就可以快乐的玩耍了。以上还安装了cerebro,端口9000,感兴趣可以试用下
logstash
[https://www.elastic.co/cn/downloads/past-releases](https://www.elastic.co/cn/downloads/past-releases)
使用上述地址下载使用和es版本相同的logstash
下载需要导入的数据集
修改config/logstash.conf文件
input {
file {
path => "数据集所在的地址"
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
filter {
csv {
separator => ","
columns => ["id","content","genre"]
}
mutate {
split => { "genre" => "|" }
remove_field => ["path", "host","@timestamp","message"]
}
mutate {
split => ["content", "("]
add_field => { "title" => "%{[content][0]}"}
add_field => { "year" => "%{[content][1]}"}
}
mutate {
convert => {
"year" => "integer"
}
strip => ["title"]
remove_field => ["path", "host","@timestamp","message","content"]
}
}
output {
elasticsearch {
hosts => "http://localhost:9200"
index => "movies"
document_id => "%{id}"
}
stdout {}
}
上面是在下载的电影数据集修改的配置文件
(https://grouplens.org/datasets/movielens/)
执行:
sudo bin/logstash -f /YOUR_PATH_of_logstash.conf
注意使用sudo
总结
以上是ELK集群安装在本地mac机器上的学习记录。
网友评论