系统使用centos7.8
操作步骤
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.14.2-linux-x86_64.tar.gz
tar xf kibana-7.14.2-linux-x86_64.tar.gz
mv kibana-7.14.2-linux-x86_64 /data/kibana
useradd kibana -s /usr/sbin/nologin -U -M --system
mkdir /data/kibana/logs/ # 自定义日志目录
chown -R kibana.kibana /data/kibana
mkdir /run/kibana # pid存放目录
chown -R kibana.kibana /run/kibana
启动脚本配置
/etc/init.d/kibana
#!/bin/sh
# Init script for kibana
# Maintained by
# Generated by pleaserun.
# Implemented based on LSB Core 3.1:
# * Sections: 20.2, 20.3
#
### BEGIN INIT INFO
# Provides: kibana
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description:
# Description: Kibana
### END INIT INFO
#
# Source function libraries if present.
# (It improves integration with systemd)
#
# Red Hat
if [ -f /etc/rc.d/init.d/functions ]; then
. /etc/rc.d/init.d/functions
# Debian
elif [ -f /lib/lsb/init-functions ]; then
. /lib/lsb/init-functions
# SUSE
elif [ -f /etc/rc.status ]; then
. /etc/rc.status
rc_reset
fi
user="kibana"
group="kibana"
chroot="/"
chdir="/"
nice=""
KILL_ON_STOP_TIMEOUT=${KILL_ON_STOP_TIMEOUT-1}
KBN_PATH_CONF="/data/kibana/config"
RESTART_ON_UPGRADE="false"
name=kibana
program=/data/kibana/bin/kibana
args="--logging.dest=/data/kibana/logs/kibana.log"
pidfile="/var/run/kibana/$name.pid"
[ -r /etc/default/$name ] && . /etc/default/$name
[ -r /etc/sysconfig/$name ] && . /etc/sysconfig/$name
export KBN_PATH_CONF
export NODE_OPTIONS
[ -z "$nice" ] && nice=0
trace() {
logger -t "/etc/init.d/kibana" "$@"
}
emit() {
trace "$@"
echo "$@"
}
start() {
[ ! -d "/var/run/kibana/" ] && mkdir "/var/run/kibana/"
chown "$user":"$group" "/var/run/kibana/"
chmod 755 "/var/run/kibana/"
echo "$user":"$group"
chroot --userspec "$user":"$group" "$chroot" sh -c "
cd \"$chdir\"
exec \"$program\" \"$args\"
" >> /data/kibana/logs/startup.log 2>&1 &
# Generate the pidfile from here. If we instead made the forked process
# generate it there will be a race condition between the pidfile writing
# and a process possibly asking for status.
echo $! > $pidfile
emit "$name started"
return 0
}
stop() {
# Try a few times to kill TERM the program
if status ; then
pid=$(cat "$pidfile")
trace "Killing $name (pid $pid) with SIGTERM"
kill -TERM $pid
# Wait for it to exit.
for i in 1 2 3 4 5 ; do
trace "Waiting $name (pid $pid) to die..."
status || break
sleep 1
done
if status ; then
if [ "$KILL_ON_STOP_TIMEOUT" -eq 1 ] ; then
trace "Timeout reached. Killing $name (pid $pid) with SIGKILL. This may result in data loss."
kill -KILL $pid
emit "$name killed with SIGKILL."
else
emit "$name stop failed; still running."
fi
else
emit "$name stopped."
fi
fi
}
status() {
if [ -f "$pidfile" ] ; then
pid=$(cat "$pidfile")
if ps -p $pid > /dev/null 2> /dev/null ; then
# process by this pid is running.
# It may not be our pid, but that's what you get with just pidfiles.
# TODO(sissel): Check if this process seems to be the same as the one we
# expect. It'd be nice to use flock here, but flock uses fork, not exec,
# so it makes it quite awkward to use in this case.
return 0
else
return 2 # program is dead but pid file exists
fi
else
return 3 # program is not running
fi
}
force_stop() {
if status ; then
stop
status && kill -KILL $(cat "$pidfile")
fi
}
case "$1" in
force-start|start|stop|force-stop|restart)
trace "Attempting '$1' on kibana"
;;
esac
case "$1" in
force-start)
PRESTART=no
exec "$0" start
;;
start)
status
code=$?
if [ $code -eq 0 ]; then
emit "$name is already running"
exit $code
else
start
exit $?
fi
;;
stop) stop ;;
force-stop) force_stop ;;
status)
status
code=$?
if [ $code -eq 0 ] ; then
emit "$name is running"
else
emit "$name is not running"
fi
exit $code
;;
restart)
stop && start
;;
*)
echo "Usage: $SCRIPTNAME {start|force-start|stop|force-start|force-stop|status|restart}" >&2
exit 3
;;
esac
exit $?
设置nginx代理
/etc/nginx/conf.d/kibana.conf
server{
listen 443;
server_name xxxxxx.com;
ssl on;
ssl_certificate ssl/xxxxxxxxx.crt;
ssl_certificate_key ssl/xxxxxxxxxx.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:5601;
auth_basic "test";
auth_basic_user_file ".htpasswd"; # 需要手动创建密码文件
allow x.x.x.x; # 允许特定ip访问
deny all;
}
}
yum install -y httpd-tools
# 创建http密码
htpasswd -c -d /etc/nginx/.htpasswd test
# 重启nginx配置
nginx -t
nginx -s reload
修改配置文件
修改/data/kibana/config/kibana.yml
设置中文
i18n.locale: "zh-CN"
设置http地址
(好像基础免费版这个设置是无效的)
server.publicBaseUrl: "xxxxxx.com"
启动kibana
chmod 700 /etc/init.d/kibana
chkconfig --add kibana
chkconfig kibana on # 开机启动
systemctl start kibana # 启动服务
如果启动不成功可以通过systemctl status kibana -l
和查看日志/data/kibana/logs/*
来排查问题。
赏
使用支付宝打赏
使用微信打赏
若你觉得我的文章对你有帮助,欢迎点击上方按钮对我打赏