一、GrayLog5.2版本的兼容性矩阵表
(图片点击放大查看)
见官方文档说明链接:
https://go2docs.graylog.org/5-2/downloading_and_installing_graylog/installing_graylog.html
GrayLog5.2.X版本(这时说的是Graylog Open开源版本)
1、5.0.7版本 <=MongoDB版本 <=6.X版本
2、Elasticsearch版本 只支持7.10.2版本
说明:如果使用OpenSearch替换ES的话, 1.1.x <= OpenSearch <= 2.9.x
二、题外话
考虑到众多人偏向于用Elasticsearch作为Graylog的日志存储组件,对OpenSearch的接受度不太高
我个人更倾向于使用OpenSearch,不过没有关系,用啥不重要,稳定好用最重要,本人不太倾向于追新,因为在软件开发中现在是“敏捷开发、频繁迭代”的理念,软件不断升级是为了改善功能、提升用户体验、修复漏洞,通过升级软件,用户可以获得更好的使用体验和更完善的功能,目的是好的,但是频繁更新,也会给用户带来负担,本人秉持“能用就行了”的至简原则,其实很多高级功能往往在生产生活中用到的几率很小,很多人会陷入”我可以选择不用,但必须有这个功能“的想法
(图片点击放大查看)
废话不多说,回到正题
在AlmaLinux 9.3 下使用一键脚本安装最新GrayLog5.2.5版本
关于AlmaLinux
-
1、AlmaLinux是一个基于Red Hat Enterprise Linux(RHEL)的克隆版本) -
2、AlmaLinux 的源代码完全兼容 RHEL
因为CentOS7 在今年6月30日即将 EOL(End Of Life ),所以选用AlmaLinux 9.3
GrayLogServer5.2.5_install.sh一键安装脚本内容如下
#!/bin/bash
#关闭SELINUX
sed -i 's/enforcing/disabled/g' /etc/selinux/config
setenforce 0
#解压安装包
mkdir -p /opt/GrayLog_install
tar -zxvf ./GrayLog5.2.5_MongoDB6.0_Elasticsearch7.10.2_EL9_RPM.tar.gz -C /opt/GrayLog_install
cat > /etc/yum.repos.d/mongodb-org.repo << EOF
[mongodb-org-6.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/9/mongodb-org/6.0/x86_64/
gpgcheck=0
enabled=1
gpgkey=https://pgp.mongodb.com/server-6.0.asc
EOF
cd /opt/GrayLog_install
#安装mongodb-server服务
rpm -ivh cyrus-sasl*.rpm
rpm -ivh mongodb*.rpm
#启动mongodb-server服务
systemctl daemon-reload
systemctl enable mongod.service
systemctl start mongod.service
systemctl --type=service --state=active | grep mongod
firewall-cmd --add-port=27017/tcp --permanent --zone=public
firewall-cmd --reload
#安装elasticsearch
rpm -ivh /opt/GrayLog_install/elasticsearch-7.10.2-x86_64.rpm
#单独创建目录用于存放elasticsearch数据
mkdir -p /data/elasticsearch/data
mkdir -p /data/elasticsearch/logs
chown -R elasticsearch:elasticsearch /data/elasticsearch
cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml_default
#修改elasticsearch相关配置文件
sed -i "s@#cluster.name: [email protected]: graylog@g" /etc/elasticsearch/elasticsearch.yml
sed -i "s#path.data: /var/lib/elasticsearch#path.data: /data/elasticsearch/data#g" /etc/elasticsearch/elasticsearch.yml
sed -i "s#path.logs: /var/log/elasticsearch#path.logs: /data/elasticsearch/logs#g" /etc/elasticsearch/elasticsearch.yml
#修改JVM内存大小
sed -i "s/-Xms1g/-Xms3g/g" /etc/elasticsearch/jvm.options
sed -i "s/-Xmx1g/-Xmx3g/g" /etc/elasticsearch/jvm.options
#启动elasticsearch服务
systemctl daemon-reload
systemctl enable elasticsearch.service
systemctl restart elasticsearch.service
firewall-cmd --add-port=9200/tcp --permanent --zone=public
firewall-cmd --reload
curl -s -XGET 'http://127.0.0.1:9200/_cluster/health?pretty=true'
curl -s -XGET 'http://127.0.0.1:9200/_cat/nodes?v'
#安装graylog-server服务
rpm -ivh /opt/GrayLog_install/graylog-server-5.2.5-1.x86_64.rpm
cp /etc/graylog/server/server.conf /etc/graylog/server/server.conf_default
#修改graylog-server相关配置文件
sed -i "s/password_secret =/password_secret = 0pAHJtPdZZUb5yHAvFbBezbWAlQwh9CbRX1rshJEVxM0kV7t0SpIgY5q9tLpVEwWLElhG3EtbvQ03mTm9i0HuvWKwlWgWiIJ/g" /etc/graylog/server/server.conf
sed -i "s/root_password_sha2 =/root_password_sha2 = 429d280c5ddad83d94770b077b22124231efc727d504b107883297304b3e2939/g" /etc/graylog/server/server.conf
sed -i "s@#root_timezone = UTC@root_timezone = Asia/Shanghai@g" /etc/graylog/server/server.conf
sed -i "s@#http_bind_address = 127.0.0.1:9000@http_bind_address = 0.0.0.0:9000@g" /etc/graylog/server/server.conf
sed -i "s/allow_highlighting = false/allow_highlighting = true/g" /etc/graylog/server/server.conf
echo "elasticsearch_hosts = http://127.0.0.1:9200" >> /etc/graylog/server/server.conf
#修改graylog-server启动时JVM内存大小
sed -i "s/-Xms1g -Xmx1g/-Xms2g -Xmx2g/g" /etc/sysconfig/graylog-server
firewall-cmd --add-port=9000/tcp --permanent --zone=public
firewall-cmd --reload
#启动graylog-server服务
systemctl daemon-reload
systemctl restart graylog-server
systemctl enable graylog-server
说明:
-
1、脚本请不要CentOS7版本系统上运行,需在RHEL9.X系列的操作系统上运行 -
2、Graylog Web登录密码 admin/Graylog@2023
一键脚本安装过程截图如下
(图片点击放大查看)
(图片点击放大查看)
(图片点击放大查看)
(图片点击放大查看)
说明
1、关于Failed to call API on node , cause: timeout 的报错
#报错日志
WARN [ProxiedResource] Failed to call API on node <55a4eda7-a6d7-46d0-9e9f-776ba8ecc4e0>, cause: timeout (duration: 5001 ms)
(图片点击放大查看)
(图片点击放大查看)
解决办法:/etc/hosts加上主机名的解析记录
(图片点击放大查看)
(图片点击放大查看)
2、GrayLog5.2的配置文件特别之处
需要手动调整elasticsearch_hosts配置 所以我在一键脚本中加了这一行命令
echo "elasticsearch_hosts = http://127.0.0.1:9200" >> /etc/graylog/server/server.conf
如果你使用的ES位于其它IP的主机或者ES集群,自行调整server.conf这行配置中参数即可
It is necessary in Graylog 5.2 to manually adjust the elasticsearch_hosts setting to include a list of comma-separated URIs to one or more valid Elasticsearch/OpenSearch nodes. A sample specification may look as follows:
elasticsearch_hosts = http://es-node-1.example.org:9200/foo,https://someuser:[email protected]:19200
Warning: If this setting is not adjusted before start up, then you will NOT be able to log into Graylog using your previously configured root password! For more information on this configuration setting, see Elasticsearch Configuration.
获取一键安装脚本与相关安装包下载链接
Graylog5.2.5版本一键安装脚本下载链接
链接:https://share.weiyun.com/1D3rV04a 密码:i6unms
!!!需在RHEL9.X系列的系统上使用,请不要在CentOS7系列系统上使用
原文始发于微信公众号(WalkingCloud):在AlmaLinux 9.3下使用一键脚本安装最新GrayLog5.2.5版本
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论