環境
一鍵部署ELK環境,適用於:

系統:CentOS 7.X
ELK版本:7.XX
前置條件
jdk:

yum -y install java-1.8.0-openjdk.x86_64

所有安裝包路徑:/root/InstallELKB-Shell/

腳本
elk.sh

#!/usr/bin/env bash

# ****************************Elasticsearch Deplay Script****************** ************************************
 clear 
# ELK版本號
VER=7.XX 
ESIP=`ip addr | grep "inet" | grep -v "127.0.0.1" | grep -v "inet6" | awk -F/ '{print $1}' | awk '{print $2}' `

echo -e "\033[32m ########################################## ################################### \033[0m" 
echo -e "\033[32m # Auto Install ELK. ## \033[0m" 
echo -e "\033[32m # Press Ctrl + C to cancel ## \033[0m" 
echo -e "\033[32m # Any key to continue ## \033[ 0m" 
echo -e "\033[32m # Softwae:elasticsearch- ${VER} /logstash- ${VER} /filebeat- ${VER} /kibana- ${VER}    ## \033[0m"
echo -e"\033[32m ############################################# ################################ \033[0m"

Read_Input () {
 echo -e "\033[32m Please Input You Kibana Pass Key IP: \033[0m" 
read -p "Please Input You HOST Pass Key IP:[192.168.10.55]" KibanaIP
 read -p "Please Input You HOST Pass Key IP: Password:" KibanaPass

echo -e "\033[32m Please Input You Filebeat Pass Key IP: \033[0m" 
read -p "Please Input You HOST Pass Key IP:[192.168.10.56]" FilebeatIP 
read -p "Please Input You HOST Pass Key IP: Password:" FilebeatPass 
}

Init_Yumsource() 
{ if ! ping -c2 www.baidu.com &>/dev/null then echo "您無法上外網,不能配置yum源" exit fi echo "配置阿里雲yum源" if [ ! -d / etc/yum.repos.d/backup ]; then         	mkdir /etc/yum.repos.d/backup 		mv /etc/yum.repos.d/* /etc/yum.repos.d/backup 2>/dev/null	 		curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo &>/dev/null     	curl -o /etc/yum.repos. d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo &>/dev/null fi }
  
  

# ************************************************* ************************************************** **********
 Init_Hostname() 
{ 
  hostnamectl set -hostname elk-1 echo " $ESIP elk-1" >> /etc/hosts	 }
   

# ************************************************* ************************************************** **********
 Init_SElinux() 
{ echo "關閉防火牆" 	systemctl stop firewalld 	systemctl disable firewalld echo "關閉selinux" 	setenforce 0 	sed -ri '/^SELINUX=/ s/enforcing/disabled/'   /etc /selinux/config echo "解決sshd遠程連接慢的問題" 	sed -ri '/^GSSAPIAu/ s/yes/no/' /etc/ssh/sshd_config 	sed -ri '/^#UseDNS/ {s/^#/ /;s/yes/no/}' /etc/ssh/sshd_config 	systemctl enable sshd crond &> /dev/null }
   

# ************************************************* ************************************************** ***********
 Create_UserLogFile() 
{ 
  groupadd elk 
  useradd elk -g elk 
  mkdir -pv /data/elk/{data,logs} 
  chown -R elk:elk /data/ 
} 
# **** ************************************************** ************************************************** ******

Unpackaged_Authorization() 
{ 
  yum -y install ntpdate 
  tar xvf /root/InstallELKB-Shell/elasticsearch- ${VER} -linux-x86_64.tar.gz -C /opt/ 
  chown -R elk:elk /opt/elasticsearch- ${ VER} / 
  ntpdate -b ntp1.aliyun.com 
}

# ************************************************* ************************************************** ***********
 Set_System_Parameter() 
{ 
cat >> /etc/security/limits.conf <<EOF 
* soft nproc 2048 
* hard nproc 4096 
* soft nofile 65536 
* hard nofile 131072 
EOF

echo  "vm.max_map_count = 262144" >> /etc/sysctl.conf && sysctl -p 
cat >> /etc/profile <<EOF 
export HISTTIMEFORMAT= "%Y-%m-%d %H:%M:%S "
 EOF 
source /etc/profile

cat >> /opt/elasticsearch- ${VER} /config/elasticsearch.yml <<EOF 
cluster.name: elk 
node.name: node-1 
bootstrap.memory_lock: false
 path.data: /data/elk/data 
path. logs: /data/elk/logs 
network.host: 0.0.0.0 
http.port: 9200 
discovery.seed_hosts: [ "elk-1" ] 
cluster.initial_master_nodes: [ "node-1" ] 
EOF 
runuser -l elk -c " /bin/bash /opt/elasticsearch- ${VER} /bin/elasticsearch " &> /opt/elasticsearch.log & 
}

Test_Service() 
{ 
  esport=`ss -antp |grep :::9200 | awk -F::: '{print $2}' ` if [ $esport -eq 9200 ]; then echo -e   "\033[32m Elasticsearch is OK... \033[0m " fi }
  
    
  


# **********************PublicKeyKibana************************** ************************************************** **


PublicKeyKibana() 
{ 
if [ ! -f /usr/bin/expect ]; then
 	yum -y install expect 
fi
 sed -i 's/# *StrictHostKeyChecking *ask/StrictHostKeyChecking no/g' /etc/ssh/ssh_config 
systemctl restart sshd

cd /root/.ssh/ 
ssh-keygen -t rsa -N '' -f id_rsa -q 
if [ $? -eq 0 ]; then
 /usr/bin/expect <<-EOF 
set timeout 10 
spawn ssh-copy- id $KibanaIP
 expect { "yes/no" { send "yes\r" ; exp_continue } "password:" { send " $KibanaPass \r" } } expect eof EOF fi
    
  

}

# **********************Kibana Deploy Script************************ ********************************************
 Install_Kibana() 
{ 
echo  $ ESIP > /root/InstallELKB-Shell/ESIP.txt 
scp /root/InstallELKB-Shell/kibana- ${VER} -linux-x86_64.tar.gz $KibanaIP : 
scp /root/InstallELKB-Shell/ESIP.txt $KibanaIP : 
scp /root/InstallELKB-Shell/InstallKibana.sh $KibanaIP : 
ssh root@ $KibanaIP  ' 
bash /root/InstallKibana.sh '
 }



# *******************************************Filebeat Deploy Script*** ************************************************
 PublicFilebeat( ) 
{ 
if [ ! -f /usr/bin/expect ]; then
 	yum -y install expect 
fi
 sed -i 's/# *StrictHostKeyChecking *ask/StrictHostKeyChecking no/g' /etc/ssh/ssh_config 
systemctl restart sshd 
cd / root/.ssh/ 
rm -rf /root/.ssh/* 
ssh-keygen -t rsa -N '' -f id_rsa -q 
if [ $? -eq 0 ]; then
 /usr/bin/expect <<-EOF 
set timeout 10 
spawn ssh-copy-id $FilebeatIP
 expect { "yes/no" { send
    "yes\r" ; exp_continue } "password:" { send " $FilebeatPass \r" } } expect eof EOF fi }
    

Install_Filebeat() 
{ 
  scp /root/InstallELKB-Shell/filebeat- ${VER} -x86_64.rpm   $FilebeatIP : 
  scp /root/InstallELKB-Shell/InstallFilebeat.sh $FilebeatIP : 
  ssh root@ $FilebeatIP  'bash /root/InstallFilebeat .sh'
 	scp /root/InstallELKB-Shell/filebeat.yml $FilebeatIP :/etc/filebeat/ 
  ssh root@ $FilebeatIP  'systemctl restart filebeat && systemctl disable filebeat && rm -rf /root/InstallFilebeat.sh' 
 }


# ********************************************Logstash**** ************************************************** ************
 Install_logstash() 
{ 
  tar xvf /root/InstallELKB-Shell/logstash- ${VER} .tar.gz -C /opt/ 
  cp /root/InstallELKB-Shell/nginx. yml /opt/logstash- ${VER} / 
  /opt/logstash- ${VER} /bin/logstash -f /opt/logstash- ${VER} /nginx.yml &>/opt/logstash.log &	 
}


ES-StartUp_SelfStart() 
{ 
cat >> /etc/init.d/elasticsearch.sh <<EOF 
nohup runuser -l elk -c "" /bin/bash /opt/elasticsearch- ${VER} /bin/elasticsearch " & 
nohup /opt/logstash- ${VER} /bin/logstash -f /opt/nginx.yml & 
EOF 
  echo " /etc/init.d/elasticsearch.sh " >> /etc/rc.d/rc.local 
  chmod +x /etc/init.d/elasticsearch.sh 
  chmod +x /etc/rc.d/rc.local 
}

main() { 
#######Elasticsearch####### 
Read_Input 
Init_Yumsource 
Init_Hostname 
Init_SElinux 
Create_UserLogFile 
Unpackaged_Authorization 
Set_System_Parameter 
Test_Service 
#########Kibana########### 
PublicKeyKibana 
Install_Kibana

########Filebeat######### 
PublicFilebeat 
Install_Filebeat

ES-StartUp_SelfStart 
Kibana-StartUp_SelfStart 
#######Logstash######### 
Install_logstash 
} 
main

InstallKibana.sh

#!/usr/bin/env bash

# ELK版本號
VER=7.XX 
elastip=$(cat /root/ESIP.txt ) 
if [ ! -d /opt/kibana- ${VER} -linux-x86_64 ]; then
 	tar xvf /root/kibana- $ {VER} -linux-x86_64.tar.gz -C /opt/ 
fi 
# ******************************** ************************************************** *****************


init_yumsource() 
{ 
if ! ping -c2 www.baidu.com &>/dev/null 
then echo "您無法上外網,不能配置yum源" exit fi echo "配置阿里雲yum源" if [ ! -d / etc/yum.repos.d/backup ]; then mkdir /etc/yum.repos.d/backup 	mv /etc/yum.repos.d/* /etc/yum.repos.d/backup 2>/dev/null 	curl -o curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo &>/dev/null 	curl -o /etc/yum .repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo &>/dev/null 	yum -y install ntpdate     ntpdate -b ntp1.aliyun.com fi }
         
        

# ************************************************* **************************************************
 init_SElinux() 
{ echo "關閉防火牆" 	systemctl stop firewalld 	systemctl disable firewalld echo "關閉selinux" 	setenforce 0 	sed -ri '/^SELINUX=/ s/enforcing/disabled/'   /etc/selinux/config echo "解決sshd遠程連接慢的問題" 	sed -ri '/^GSSAPIAu/ s/yes/no/' /etc/ssh/sshd_config 	sed -ri '/^#UseDNS/ {s/^#//;s/yes/no/}' /etc/ssh/sshd_config 	systemctl enable sshd crond &> /dev/null }
   


# ************************************************* **************************************************
 SetKibanaParameter() 
{ 
cat >> /opt/kibana- ${VER} -linux-x86_64/config/kibana.yml <<EOF 
server.host: "0.0.0.0"
 server.port: 5601 
elasticsearch.hosts: [ "http :// $elastip :9200" ] 
EOF 
}

# ************************************************* **************************************************
 StartKibana() 
{ 
  /opt/kibana- ${VER} -linux-x86_64/bin/kibana --allow-root &>/opt/kibana.log & 
}

Test_Service() 
{ 
  KibanaPort=` ss -antp | grep 5601 | awk '{print $4}' | awk -F*: '{print $NF}' ` if [ $KibanaPort -eq 5601 ]; then echo -e   "\ 033[32m Kibana is OK... \033[0m " fi }
    
    	
    

DeleteUselessFiles() 
{ 
  rm -rf /root/kibana- ${VER} -linux-x86_64.tar.gz 
  rm -rf /root/InstallKibana.sh 
  rm -rf /root/ESIP.txt 
}

Kibana-StartUp_SelfStart() 
{ echo "nohup /opt/kibana- ${VER} -linux-x86_64/bin/kibana --allow-root &" >> /etc/init.d/kibana.sh echo "/bin/ bash /etc/init.d/kibana.sh" >> /etc/rc.local         chmod +x /etc/init.d/kibana.sh         chmod +x /etc/rc.local }
         
         

init_SElinux 
SetKibanaParameter 
StartKibana 
Test_Service 
DeleteUselessFiles 
Kibana-StartUp_SelfStart

InstallFilebeat.sh

#!/usr/bin/env bash

# ELK版本號
VER=7.XX

Init_Yumsource() 
{ if ! ping -c2 www.baidu.com &>/dev/null then echo "您無法上外網,不能配置yum源" exit fi echo "配置阿里雲yum源" if [ ! -d / etc/yum.repos.d/backup ]; then         mkdir /etc/yum.repos.d/backup         mv /etc/yum.repos.d/* /etc/yum.repos.d/backup 2>/dev/null         curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo &>/dev/null         curl -o /etc/yum.repos. d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo &>/dev/null 	    yum -y install ntpdate 	    ntpdate -b ntp1.aliyun.com fi }
  
  
Init_SElinux() 
{ echo "關閉防火牆" 	systemctl stop firewalld 	systemctl disable firewalld echo "關閉selinux" 	setenforce 0 	sed -i '/^SELINUX=/ s/enforcing/disabled/'   /etc/selinux/config echo "解決sshd遠程連接慢的問題" 	sed -i '/^GSSAPIAu/ s/yes/no/' /etc/ssh/sshd_config 	sed -i '/^#UseDNS/ {s/^#//;s/yes/no/}' /etc/ssh/sshd_config 	systemctl enable sshd crond &> /dev/null }
   

Install_Filebeat() 
{ 
  yum -y install ntpdate 
  ntpdate -b ntp1.aliyun.com 
  rpm -ivh /root/filebeat- ${VER} -x86_64.rpm 
  rm -rf /root/filebeat- ${VER} -x86_64.rpm 
}

Init_Yumsource 
Init_SElinux 
Install_Filebeat

來源網址:https://k8sdev.com/2019/11/01/ELK%EF%BC%9A%E4%B8%80%E9%94%AE%E9%83%A8%E7%BD%B2/

By tony

自由軟體愛好者~喜歡不斷的思考各種問題,有新的事物都會想去學習嘗試 做實驗並熱衷研究 沒有所謂頂天的技術 只有謙虛及不斷的學習 精進專業,本站主要以分享系統及網路相關知識、資源而建立。 Github http://stnet253.github.io

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

這個網站採用 Akismet 服務減少垃圾留言。進一步了解 Akismet 如何處理網站訪客的留言資料