Kibana线上部署的推荐架构,可以专门部署一个Coordinating Only Es Node,和Kibana在同一台机器上。这样可以使kibana的请求流量可以均衡的分发到es的多个节点上。
1、截至目前Elasticsearch 版本已经更新到了7.10.1版本了,这里先使用Kibana 6.7.1版本,给一个下载地址,如下所示:
官方下载地址:https://www.elastic.co/cn/downloads/past-releases#elasticsearch
将下载好的Kibana上传到服务器,然后解压缩进行安装操作,如下所示:
1 [root@k8s-master package]# tar -zxvf kibana-6.7.1-linux-x86_64.tar.gz -C /usr/local/elastic/
由于我是使用的root的权限,所以解压缩之后将权限赋予给elsearch用户即可,如下所示:
1 [root@k8s-master elastic]# ll 2 total 0 3 drwxr-xr-x 8 root root 143 Apr 3 2019 elasticsearch-6.7.1 4 drwxr-xr-x 13 root root 246 Jan 9 23:05 kibana-6.7.1-linux-x86_64 5 [root@k8s-master elastic]# chown -R elsearch:elsearch elasticsearch-6.7.1/ 6 [root@k8s-master elastic]# chown -R elsearch:elsearch kibana-6.7.1-linux-x86_64/ 7 [root@k8s-master elastic]# 8 [root@k8s-master elastic]# 9 [root@k8s-master elastic]# ll 10 total 0 11 drwxr-xr-x 8 elsearch elsearch 143 Apr 3 2019 elasticsearch-6.7.1 12 drwxr-xr-x 13 elsearch elsearch 246 Jan 9 23:05 kibana-6.7.1-linux-x86_64 13 [root@k8s-master elastic]#
需要修改kibana的配置,告诉kibana,elasticsearch的连接地址是什么,如下所示:
1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ll 2 total 1828 3 drwxrwxr-x 2 elsearch elsearch 64 Jan 9 23:05 bin 4 drwxrwxr-x 4 elsearch elsearch 29 Jan 9 23:05 built_assets 5 drwxrwxr-x 2 elsearch elsearch 24 Jan 9 23:05 config 6 drwxrwxr-x 2 elsearch elsearch 6 Apr 3 2019 data 7 -rw-rw-r-- 1 elsearch elsearch 13675 Apr 3 2019 LICENSE.txt 8 drwxrwxr-x 6 elsearch elsearch 108 Jan 9 23:05 node 9 drwxrwxr-x 1166 elsearch elsearch 36864 Jan 9 23:05 node_modules 10 -rw-rw-r-- 1 elsearch elsearch 1784986 Apr 3 2019 NOTICE.txt 11 drwxrwxr-x 3 elsearch elsearch 45 Jan 9 23:05 optimize 12 -rw-rw-r-- 1 elsearch elsearch 776 Apr 3 2019 package.json 13 drwxrwxr-x 2 elsearch elsearch 6 Apr 3 2019 plugins 14 -rw-rw-r-- 1 elsearch elsearch 4038 Apr 3 2019 README.txt 15 drwxrwxr-x 15 elsearch elsearch 234 Jan 9 23:05 src 16 drwxrwxr-x 3 elsearch elsearch 19 Jan 9 23:05 target 17 drwxrwxr-x 2 elsearch elsearch 309 Jan 9 23:05 webpackShims 18 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ cd config/ 19 [elsearch@k8s-master config]$ ls 20 kibana.yml 21 [elsearch@k8s-master config]$ vim kibana.yml
我这里目前只是修改了两个参数,其它的都是默认的,如下所示:
1 # Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. 2 # The default is 'localhost', which usually means remote machines will not be able to connect. 3 # To allow connections from remote users, set this parameter to a non-loopback address. 4 #server.host: "localhost" 5 server.host: "192.168.110.133" 6 7 8 # The URLs of the Elasticsearch instances to use for all your queries. 9 #elasticsearch.hosts: ["http://localhost:9200"] 10 elasticsearch.hosts: ["http://192.168.110.133:9200"]
然后使用启动命令,启动kinaba即可,如下所示:
1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ./bin/kibana 2 log [15:28:33.417] [info][status][plugin:kibana@6.7.1] Status changed from uninitialized to green - Ready 3 log [15:28:33.600] [info][status][plugin:elasticsearch@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 4 log [15:28:33.616] [info][status][plugin:xpack_main@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 5 log [15:28:33.644] [info][status][plugin:graph@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 6 log [15:28:33.722] [info][status][plugin:monitoring@6.7.1] Status changed from uninitialized to green - Ready 7 log [15:28:33.733] [info][status][plugin:spaces@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 8 log [15:28:33.755] [warning][security] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml 9 log [15:28:33.767] [warning][security] Session cookies will be transmitted over insecure connections. This is not recommended. 10 log [15:28:33.779] [info][status][plugin:security@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 11 log [15:28:33.841] [info][status][plugin:searchprofiler@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 12 log [15:28:33.848] [info][status][plugin:ml@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 13 log [15:28:33.951] [info][status][plugin:tilemap@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 14 log [15:28:33.956] [info][status][plugin:watcher@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 15 log [15:28:34.005] [info][status][plugin:grokdebugger@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 16 log [15:28:34.040] [info][status][plugin:dashboard_mode@6.7.1] Status changed from uninitialized to green - Ready 17 log [15:28:34.044] [info][status][plugin:logstash@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 18 log [15:28:34.071] [info][status][plugin:beats_management@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 19 log [15:28:34.143] [info][status][plugin:apm@6.7.1] Status changed from uninitialized to green - Ready 20 log [15:28:34.145] [info][status][plugin:tile_map@6.7.1] Status changed from uninitialized to green - Ready 21 log [15:28:34.157] [info][status][plugin:task_manager@6.7.1] Status changed from uninitialized to green - Ready 22 log [15:28:34.169] [info][status][plugin:maps@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 23 log [15:28:34.188] [info][status][plugin:interpreter@6.7.1] Status changed from uninitialized to green - Ready 24 log [15:28:34.221] [info][status][plugin:canvas@6.7.1] Status changed from uninitialized to green - Ready 25 log [15:28:34.241] [info][status][plugin:license_management@6.7.1] Status changed from uninitialized to green - Ready 26 log [15:28:34.245] [info][status][plugin:cloud@6.7.1] Status changed from uninitialized to green - Ready 27 log [15:28:34.255] [info][status][plugin:index_management@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 28 log [15:28:34.305] [info][status][plugin:console@6.7.1] Status changed from uninitialized to green - Ready 29 log [15:28:34.308] [info][status][plugin:console_extensions@6.7.1] Status changed from uninitialized to green - Ready 30 log [15:28:34.316] [info][status][plugin:notifications@6.7.1] Status changed from uninitialized to green - Ready 31 log [15:28:34.321] [info][status][plugin:index_lifecycle_management@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 32 log [15:28:34.389] [info][status][plugin:infra@6.7.1] Status changed from uninitialized to green - Ready 33 log [15:28:34.393] [info][status][plugin:rollup@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 34 log [15:28:34.412] [info][status][plugin:remote_clusters@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 35 log [15:28:34.425] [info][status][plugin:cross_cluster_replication@6.7.1] Status changed from uninitialized to yellow - Waiting for Elasticsearch 36 log [15:28:34.447] [info][status][plugin:translations@6.7.1] Status changed from uninitialized to green - Ready 37 log [15:28:34.468] [info][status][plugin:upgrade_assistant@6.7.1] Status changed from uninitialized to green - Ready 38 log [15:28:34.496] [info][status][plugin:uptime@6.7.1] Status changed from uninitialized to green - Ready 39 log [15:28:34.503] [info][status][plugin:oss_telemetry@6.7.1] Status changed from uninitialized to green - Ready 40 log [15:28:34.524] [info][status][plugin:metrics@6.7.1] Status changed from uninitialized to green - Ready 41 log [15:28:35.030] [info][status][plugin:timelion@6.7.1] Status changed from uninitialized to green - Ready 42 log [15:28:38.698] [error][status][plugin:xpack_main@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 43 log [15:28:38.762] [error][status][plugin:graph@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 44 log [15:28:38.774] [error][status][plugin:spaces@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 45 log [15:28:38.776] [error][status][plugin:security@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 46 log [15:28:38.778] [error][status][plugin:searchprofiler@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 47 log [15:28:38.807] [error][status][plugin:ml@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 48 log [15:28:38.808] [error][status][plugin:tilemap@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 49 log [15:28:38.809] [error][status][plugin:watcher@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 50 log [15:28:38.810] [error][status][plugin:grokdebugger@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 51 log [15:28:38.811] [error][status][plugin:logstash@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 52 log [15:28:38.811] [error][status][plugin:beats_management@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 53 log [15:28:38.840] [error][status][plugin:maps@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 54 log [15:28:38.840] [error][status][plugin:index_management@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 55 log [15:28:38.841] [error][status][plugin:index_lifecycle_management@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 56 log [15:28:38.843] [error][status][plugin:rollup@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 57 log [15:28:39.046] [error][status][plugin:remote_clusters@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 58 log [15:28:39.047] [error][status][plugin:cross_cluster_replication@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 59 log [15:28:39.084] [error][status][plugin:elasticsearch@6.7.1] Status changed from yellow to red - Request Timeout after 3000ms 60 log [15:28:42.071] [warning][browser-driver][reporting] Enabling the Chromium sandbox provides an additional layer of protection. 61 log [15:28:42.078] [warning][reporting] Generating a random key for xpack.reporting.encryptionKey. To prevent pending reports from failing on restart, please set xpack.reporting.encryptionKey in kibana.yml 62 log [15:28:42.689] [error][status][plugin:reporting@6.7.1] Status changed from uninitialized to red - Request Timeout after 3000ms 63 log [15:28:58.143] [info][license][xpack] Imported license information from Elasticsearch for the [data] cluster: mode: basic | status: active 64 log [15:28:58.295] [info][status][plugin:xpack_main@6.7.1] Status changed from red to green - Ready 65 log [15:28:58.339] [info][status][plugin:graph@6.7.1] Status changed from red to green - Ready 66 log [15:28:58.342] [info][status][plugin:searchprofiler@6.7.1] Status changed from red to green - Ready 67 log [15:28:58.343] [info][status][plugin:ml@6.7.1] Status changed from red to green - Ready 68 log [15:28:58.365] [info][status][plugin:tilemap@6.7.1] Status changed from red to green - Ready 69 log [15:28:58.366] [info][status][plugin:watcher@6.7.1] Status changed from red to green - Ready 70 log [15:28:58.367] [info][status][plugin:grokdebugger@6.7.1] Status changed from red to green - Ready 71 log [15:28:58.408] [info][status][plugin:logstash@6.7.1] Status changed from red to green - Ready 72 log [15:28:58.409] [info][status][plugin:beats_management@6.7.1] Status changed from red to green - Ready 73 log [15:28:58.410] [info][status][plugin:index_management@6.7.1] Status changed from red to green - Ready 74 log [15:28:58.446] [info][status][plugin:index_lifecycle_management@6.7.1] Status changed from red to green - Ready 75 log [15:28:58.447] [info][status][plugin:rollup@6.7.1] Status changed from red to green - Ready 76 log [15:28:58.448] [info][status][plugin:remote_clusters@6.7.1] Status changed from red to green - Ready 77 log [15:28:58.448] [info][status][plugin:cross_cluster_replication@6.7.1] Status changed from red to green - Ready 78 log [15:28:58.449] [info][status][plugin:reporting@6.7.1] Status changed from red to green - Ready 79 log [15:28:58.462] [info][kibana-monitoring][monitoring-ui] Starting monitoring stats collection 80 log [15:28:58.856] [info][status][plugin:security@6.7.1] Status changed from red to green - Ready 81 log [15:28:58.857] [info][status][plugin:maps@6.7.1] Status changed from red to green - Ready 82 log [15:29:00.691] [info][license][xpack] Imported license information from Elasticsearch for the [monitoring] cluster: mode: basic | status: active 83 log [15:29:01.116] [info][status][plugin:elasticsearch@6.7.1] Status changed from red to green - Ready 84 log [15:29:03.033] [info][listening] Server running at http://192.168.110.133:5601 85 log [15:29:03.189] [info][status][plugin:spaces@6.7.1] Status changed from red to green - Ready 86
此处我使用的elasticsearch是单节点的,即只有一个节点,然后elasticsearch的config/elasticsearch.yml里面的network.host: 192.168.110.133参数要配置成自己具体的ip地址,不然kibana无法访问到这个ip地址的。
切记,启动kibana之前,需要先将elasticsearch启动起来的,不然kibana会启动报错的,然后可以通过访问地址进行访问,默认端口号是5601,访问地址http://192.168.110.133:5601/,如下所示:
如果想要kibana后台启动,可以使用命令:
1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ nohup ./bin/kibana & 2 [1] 11214 3 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ nohup: ignoring input and appending output to ‘nohup.out’ 4 5 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$
如何关掉,后台启动的kibana服务呢,如下所示:
1 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ps -ef | grep kibana 2 elsearch 11958 114739 0 23:42 pts/1 00:00:00 grep --color=auto kibana 3 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ ps -ef | grep 5601 4 elsearch 12063 114739 0 23:42 pts/1 00:00:00 grep --color=auto 5601 5 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 6 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ fuser -n tcp 5601 7 Cannot stat file /proc/11841/fd/0: Permission denied 8 Cannot stat file /proc/11841/fd/1: Permission denied 9 Cannot stat file /proc/11841/fd/2: Permission denied 10 Cannot stat file /proc/11894/fd/0: Permission denied 11 Cannot stat file /proc/11894/fd/1: Permission denied 12 Cannot stat file /proc/11894/fd/2: Permission denied 13 Cannot stat file /proc/12033/fd/0: Permission denied 14 Cannot stat file /proc/12033/fd/1: Permission denied 15 Cannot stat file /proc/12033/fd/2: Permission denied 16 5601/tcp: 11214 17 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ netstat -anltp|grep 5601 18 (Not all processes could be identified, non-owned process info 19 will not be shown, you would have to be root to see it all.) 20 tcp 0 0 192.168.110.133:5601 0.0.0.0:* LISTEN 11214/./bin/../node 21 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 22 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$ 23 [elsearch@k8s-master kibana-6.7.1-linux-x86_64]$
使用命令,ps -ef|grep kibana 或者ps -ef|grep 5601,如果都找不到,可以尝试 使用 fuser -n tcp 5601 或 netstat -anltp|grep 5601,然后找到进程号,kill -9 进程号。
2、Kibana配置说明,配置位于config文件夹中。kibana.yml关键配置说明。
server.host/server.port 访问kibana的地址和端口号。如果kibana需要外网访问,就需要修改成服务器的ip地址的,端口号可以使用默认端口。 elasticsearh.host(kibana之前版本是elasticsearh.url)待访问elasticsearh的地址。
3、Kibana常用功能说明。
1)、Discover数据搜索查看。
2)、Visualize图标制作。
3)、Dashboard仪表盘制作。
4)、Timelion时序数据的高级可视化分析。
5)、DevTools开发者工具。
6)、Management配置。
4、Elasticsearch常用术语介绍与CRUD(Create创建文档、Delete删除文档、Update修改文档、Read读取文档)实际操作。
1)、Document文档数据,就是具体存在于Elasticsearch中的数据。
2)、Index索引,类比Mysql中的数据库概念。所有的Document都是存在于Index索引中的。
3)、Type索引中的数据类型,类似Mysql中数据表的概念。6.x版本以及以后版本慢慢废除此说法。
4)、Field字段,文档的属性。
5)、Query DESL查询语法。
5、如何实现Kibana的汉化,这里我使用的是kibana6.7.1版本,然而Kibana 中文本地化版本是 Elastic Stack 6.7 的一部分。所以不用再下载汉化包了,网上写的下载汉化包的地址已经没有了,wget https://github.com/anbai-inc/Kibana_Hanization/archive/master.zip,此地址已经无法进行访问,所以建议都使用6.7版本以后的版本,打开Kibana解压目录下的 config/kibana.yml文件,找到最下面这一行,将将"en"改成"zh-CN",然后重启kibana即可。
1 # Specifies locale to be used for all localizable strings, dates and number formats. 2 #i18n.locale: "en" 3 i18n.locale: "zh-CN"
重启Kibana之后,访问http://192.168.110.133:5601/地址之后,发现对自己更加友好了,不然有的功能还要琢磨一下。
6、Elasticsearch Query的查询语法,有两种形式,如下所示: