環境
一鍵部署ELK環境,適用於:
系統:CentOS 7.X
ELK版本:7.XX
前置條件
jdk:
yum -y install java-1.8.0-openjdk.x86_64
所有安裝包路徑:/root/InstallELKB-Shell/
腳本
elk.sh
#!/usr/bin/env bash # ****************************Elasticsearch Deplay Script****************** ************************************ clear # ELK版本號 VER=7.XX ESIP=`ip addr | grep "inet" | grep -v "127.0.0.1" | grep -v "inet6" | awk -F/ '{print $1}' | awk '{print $2}' ` echo -e "\033[32m ########################################## ################################### \033[0m" echo -e "\033[32m # Auto Install ELK. ## \033[0m" echo -e "\033[32m # Press Ctrl + C to cancel ## \033[0m" echo -e "\033[32m # Any key to continue ## \033[ 0m" echo -e "\033[32m # Softwae:elasticsearch- ${VER} /logstash- ${VER} /filebeat- ${VER} /kibana- ${VER} ## \033[0m" echo -e"\033[32m ############################################# ################################ \033[0m" Read_Input () { echo -e "\033[32m Please Input You Kibana Pass Key IP: \033[0m" read -p "Please Input You HOST Pass Key IP:[192.168.10.55]" KibanaIP read -p "Please Input You HOST Pass Key IP: Password:" KibanaPass echo -e "\033[32m Please Input You Filebeat Pass Key IP: \033[0m" read -p "Please Input You HOST Pass Key IP:[192.168.10.56]" FilebeatIP read -p "Please Input You HOST Pass Key IP: Password:" FilebeatPass } Init_Yumsource() { if ! ping -c2 www.baidu.com &>/dev/null then echo "您無法上外網,不能配置yum源" exit fi echo "配置阿里雲yum源" if [ ! -d / etc/yum.repos.d/backup ]; then mkdir /etc/yum.repos.d/backup mv /etc/yum.repos.d/* /etc/yum.repos.d/backup 2>/dev/null curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo &>/dev/null curl -o /etc/yum.repos. d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo &>/dev/null fi } # ************************************************* ************************************************** ********** Init_Hostname() { hostnamectl set -hostname elk-1 echo " $ESIP elk-1" >> /etc/hosts } # ************************************************* ************************************************** ********** Init_SElinux() { echo "關閉防火牆" systemctl stop firewalld systemctl disable firewalld echo "關閉selinux" setenforce 0 sed -ri '/^SELINUX=/ s/enforcing/disabled/' /etc /selinux/config echo "解決sshd遠程連接慢的問題" sed -ri '/^GSSAPIAu/ s/yes/no/' /etc/ssh/sshd_config sed -ri '/^#UseDNS/ {s/^#/ /;s/yes/no/}' /etc/ssh/sshd_config systemctl enable sshd crond &> /dev/null } # ************************************************* ************************************************** *********** Create_UserLogFile() { groupadd elk useradd elk -g elk mkdir -pv /data/elk/{data,logs} chown -R elk:elk /data/ } # **** ************************************************** ************************************************** ****** Unpackaged_Authorization() { yum -y install ntpdate tar xvf /root/InstallELKB-Shell/elasticsearch- ${VER} -linux-x86_64.tar.gz -C /opt/ chown -R elk:elk /opt/elasticsearch- ${ VER} / ntpdate -b ntp1.aliyun.com } # ************************************************* ************************************************** *********** Set_System_Parameter() { cat >> /etc/security/limits.conf <<EOF * soft nproc 2048 * hard nproc 4096 * soft nofile 65536 * hard nofile 131072 EOF echo "vm.max_map_count = 262144" >> /etc/sysctl.conf && sysctl -p cat >> /etc/profile <<EOF export HISTTIMEFORMAT= "%Y-%m-%d %H:%M:%S " EOF source /etc/profile cat >> /opt/elasticsearch- ${VER} /config/elasticsearch.yml <<EOF cluster.name: elk node.name: node-1 bootstrap.memory_lock: false path.data: /data/elk/data path. logs: /data/elk/logs network.host: 0.0.0.0 http.port: 9200 discovery.seed_hosts: [ "elk-1" ] cluster.initial_master_nodes: [ "node-1" ] EOF runuser -l elk -c " /bin/bash /opt/elasticsearch- ${VER} /bin/elasticsearch " &> /opt/elasticsearch.log & } Test_Service() { esport=`ss -antp |grep :::9200 | awk -F::: '{print $2}' ` if [ $esport -eq 9200 ]; then echo -e "\033[32m Elasticsearch is OK... \033[0m " fi } # **********************PublicKeyKibana************************** ************************************************** ** PublicKeyKibana() { if [ ! -f /usr/bin/expect ]; then yum -y install expect fi sed -i 's/# *StrictHostKeyChecking *ask/StrictHostKeyChecking no/g' /etc/ssh/ssh_config systemctl restart sshd cd /root/.ssh/ ssh-keygen -t rsa -N '' -f id_rsa -q if [ $? -eq 0 ]; then /usr/bin/expect <<-EOF set timeout 10 spawn ssh-copy- id $KibanaIP expect { "yes/no" { send "yes\r" ; exp_continue } "password:" { send " $KibanaPass \r" } } expect eof EOF fi } # **********************Kibana Deploy Script************************ ******************************************** Install_Kibana() { echo $ ESIP > /root/InstallELKB-Shell/ESIP.txt scp /root/InstallELKB-Shell/kibana- ${VER} -linux-x86_64.tar.gz $KibanaIP : scp /root/InstallELKB-Shell/ESIP.txt $KibanaIP : scp /root/InstallELKB-Shell/InstallKibana.sh $KibanaIP : ssh root@ $KibanaIP ' bash /root/InstallKibana.sh ' } # *******************************************Filebeat Deploy Script*** ************************************************ PublicFilebeat( ) { if [ ! -f /usr/bin/expect ]; then yum -y install expect fi sed -i 's/# *StrictHostKeyChecking *ask/StrictHostKeyChecking no/g' /etc/ssh/ssh_config systemctl restart sshd cd / root/.ssh/ rm -rf /root/.ssh/* ssh-keygen -t rsa -N '' -f id_rsa -q if [ $? -eq 0 ]; then /usr/bin/expect <<-EOF set timeout 10 spawn ssh-copy-id $FilebeatIP expect { "yes/no" { send "yes\r" ; exp_continue } "password:" { send " $FilebeatPass \r" } } expect eof EOF fi } Install_Filebeat() { scp /root/InstallELKB-Shell/filebeat- ${VER} -x86_64.rpm $FilebeatIP : scp /root/InstallELKB-Shell/InstallFilebeat.sh $FilebeatIP : ssh root@ $FilebeatIP 'bash /root/InstallFilebeat .sh' scp /root/InstallELKB-Shell/filebeat.yml $FilebeatIP :/etc/filebeat/ ssh root@ $FilebeatIP 'systemctl restart filebeat && systemctl disable filebeat && rm -rf /root/InstallFilebeat.sh' } # ********************************************Logstash**** ************************************************** ************ Install_logstash() { tar xvf /root/InstallELKB-Shell/logstash- ${VER} .tar.gz -C /opt/ cp /root/InstallELKB-Shell/nginx. yml /opt/logstash- ${VER} / /opt/logstash- ${VER} /bin/logstash -f /opt/logstash- ${VER} /nginx.yml &>/opt/logstash.log & } ES-StartUp_SelfStart() { cat >> /etc/init.d/elasticsearch.sh <<EOF nohup runuser -l elk -c "" /bin/bash /opt/elasticsearch- ${VER} /bin/elasticsearch " & nohup /opt/logstash- ${VER} /bin/logstash -f /opt/nginx.yml & EOF echo " /etc/init.d/elasticsearch.sh " >> /etc/rc.d/rc.local chmod +x /etc/init.d/elasticsearch.sh chmod +x /etc/rc.d/rc.local } main() { #######Elasticsearch####### Read_Input Init_Yumsource Init_Hostname Init_SElinux Create_UserLogFile Unpackaged_Authorization Set_System_Parameter Test_Service #########Kibana########### PublicKeyKibana Install_Kibana ########Filebeat######### PublicFilebeat Install_Filebeat ES-StartUp_SelfStart Kibana-StartUp_SelfStart #######Logstash######### Install_logstash } main
InstallKibana.sh
#!/usr/bin/env bash # ELK版本號 VER=7.XX elastip=$(cat /root/ESIP.txt ) if [ ! -d /opt/kibana- ${VER} -linux-x86_64 ]; then tar xvf /root/kibana- $ {VER} -linux-x86_64.tar.gz -C /opt/ fi # ******************************** ************************************************** ***************** init_yumsource() { if ! ping -c2 www.baidu.com &>/dev/null then echo "您無法上外網,不能配置yum源" exit fi echo "配置阿里雲yum源" if [ ! -d / etc/yum.repos.d/backup ]; then mkdir /etc/yum.repos.d/backup mv /etc/yum.repos.d/* /etc/yum.repos.d/backup 2>/dev/null curl -o curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo &>/dev/null curl -o /etc/yum .repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo &>/dev/null yum -y install ntpdate ntpdate -b ntp1.aliyun.com fi } # ************************************************* ************************************************** init_SElinux() { echo "關閉防火牆" systemctl stop firewalld systemctl disable firewalld echo "關閉selinux" setenforce 0 sed -ri '/^SELINUX=/ s/enforcing/disabled/' /etc/selinux/config echo "解決sshd遠程連接慢的問題" sed -ri '/^GSSAPIAu/ s/yes/no/' /etc/ssh/sshd_config sed -ri '/^#UseDNS/ {s/^#//;s/yes/no/}' /etc/ssh/sshd_config systemctl enable sshd crond &> /dev/null } # ************************************************* ************************************************** SetKibanaParameter() { cat >> /opt/kibana- ${VER} -linux-x86_64/config/kibana.yml <<EOF server.host: "0.0.0.0" server.port: 5601 elasticsearch.hosts: [ "http :// $elastip :9200" ] EOF } # ************************************************* ************************************************** StartKibana() { /opt/kibana- ${VER} -linux-x86_64/bin/kibana --allow-root &>/opt/kibana.log & } Test_Service() { KibanaPort=` ss -antp | grep 5601 | awk '{print $4}' | awk -F*: '{print $NF}' ` if [ $KibanaPort -eq 5601 ]; then echo -e "\ 033[32m Kibana is OK... \033[0m " fi } DeleteUselessFiles() { rm -rf /root/kibana- ${VER} -linux-x86_64.tar.gz rm -rf /root/InstallKibana.sh rm -rf /root/ESIP.txt } Kibana-StartUp_SelfStart() { echo "nohup /opt/kibana- ${VER} -linux-x86_64/bin/kibana --allow-root &" >> /etc/init.d/kibana.sh echo "/bin/ bash /etc/init.d/kibana.sh" >> /etc/rc.local chmod +x /etc/init.d/kibana.sh chmod +x /etc/rc.local } init_SElinux SetKibanaParameter StartKibana Test_Service DeleteUselessFiles Kibana-StartUp_SelfStart
InstallFilebeat.sh
#!/usr/bin/env bash # ELK版本號 VER=7.XX Init_Yumsource() { if ! ping -c2 www.baidu.com &>/dev/null then echo "您無法上外網,不能配置yum源" exit fi echo "配置阿里雲yum源" if [ ! -d / etc/yum.repos.d/backup ]; then mkdir /etc/yum.repos.d/backup mv /etc/yum.repos.d/* /etc/yum.repos.d/backup 2>/dev/null curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo &>/dev/null curl -o /etc/yum.repos. d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo &>/dev/null yum -y install ntpdate ntpdate -b ntp1.aliyun.com fi } Init_SElinux() { echo "關閉防火牆" systemctl stop firewalld systemctl disable firewalld echo "關閉selinux" setenforce 0 sed -i '/^SELINUX=/ s/enforcing/disabled/' /etc/selinux/config echo "解決sshd遠程連接慢的問題" sed -i '/^GSSAPIAu/ s/yes/no/' /etc/ssh/sshd_config sed -i '/^#UseDNS/ {s/^#//;s/yes/no/}' /etc/ssh/sshd_config systemctl enable sshd crond &> /dev/null } Install_Filebeat() { yum -y install ntpdate ntpdate -b ntp1.aliyun.com rpm -ivh /root/filebeat- ${VER} -x86_64.rpm rm -rf /root/filebeat- ${VER} -x86_64.rpm } Init_Yumsource Init_SElinux Install_Filebeat
來源網址:https://k8sdev.com/2019/11/01/ELK%EF%BC%9A%E4%B8%80%E9%94%AE%E9%83%A8%E7%BD%B2/