Ubuntu에 Elasticsearch 및 Kibana를 설치하는 방법
테스트 환경
$ lsb_release -d
Description: Ubuntu 22.04.1 LTSElasticsearch 설치
Elasticsearch용 공식 GPG 키 다운로드
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -$ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OKElasticsearch 패키지 저장소 추가
apt-get install -y apt-transport-httpsecho "deb https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list$ echo "deb https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
deb https://artifacts.elastic.co/packages/8.x/apt stable main패키지 업데이트 후 Elasticsearch 설치
'추천 관련글,
apt-get update && apt-get install -y elasticsearch--------------------------- Security autoconfiguration information ------------------------------
Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.
The generated password for the elastic built-in superuser is : MGNCiFpQU_9*-W5EtuLS
If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.
You can complete the following actions at any time:
Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.
Generate an enrollment token for Kibana instances with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.
Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.
-------------------------------------------------------------------------------------------------Elasticsearch 구성 파일 확인
cat /etc/elasticsearch/elasticsearch.yml | egrep -v '^$|^#'$ cat /etc/elasticsearch/elasticsearch.yml | egrep -v '^$|^#'
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
cluster.initial_master_nodes: ("node1")
http.host: 0.0.0.0Elasticsearch 시작하기 및 Elasticsearch가 부팅 시 자동으로 시작되도록 설정
systemctl --now enable elasticsearchElasticsearch 구성 파일 편집(true -> 잘못된)
- xpack.security.enabled: 거짓
- xpack.security.enrollment.enabled: 거짓
- xpack.security.http.ssl.enabled: 거짓
- xpack.security.transport.ssl.enabled: 거짓
vim /etc/elasticsearch/elasticsearch.yml...
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
...
# Enable security features
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: false
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
...Elasticsearch 다시 시작
systemctl restart elasticsearchsystemctl status elasticsearchjq 패키지 설치
apt install -y jq컬 테스트
curl -s http://127.0.0.1:9200 -k | jq$ curl -s http://127.0.0.1:9200 -k | jq
{
"name": "ip-10-201-13-131",
"cluster_name": "elasticsearch",
"cluster_uuid": "IcZQ4wjTR1e9Hym9T8RdQg",
"version": {
"number": "8.6.2",
"build_flavor": "default",
"build_type": "deb",
"build_hash": "2d58d0f136141f03239816a4e360a8d17b6d8f29",
"build_date": "2023-02-13T09:35:20.314882762Z",
"build_snapshot": false,
"lucene_version": "9.4.2",
"minimum_wire_compatibility_version": "7.17.0",
"minimum_index_compatibility_version": "7.0.0"
},
"tagline": "You Know, for Search"
}키바나 설치
Kibana 패키지 저장소 추가
echo "deb https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list패키지 업데이트 후 Kibana 설치
apt-get update && apt-get install -y kibanaKibana 구성 파일 확인
cat /etc/kibana/kibana.yml | egrep -v '^$|^#'$ cat /etc/kibana/kibana.yml | egrep -v '^$|^#'
logging:
appenders:
file:
type: file
fileName: /var/log/kibana/kibana.log
layout:
type: json
root:
appenders:
- default
- file
pid.file: /run/kibana/kibana.pidKibana 시작하기 및 키바나부팅시 자동으로 시작되도록 설정
systemctl --now enable kibanasystemctl status kibanaKibana 설정 파일 열기
- Elasticsearch에 연결하도록 Kibana 설정
vim /etc/kibana/kibana.yml...
# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"
...
# =================== System: Elasticsearch ===================
# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ("http://localhost:9200")
...
xpack.reporting.roles.enabled: false
...키바나 재시작
systemctl restart kibanasystemctl status kibana
참조 URL
– Elasticsearch 설치: https://www.elastic.co/guide/en/elasticsearch/reference/current/deb.html
– Kibana 설치: https://www.elastic.co/guide/en/kibana/current/deb.html