elk 可观测性平台(Observability Platform)架构指令
2025-12-26 17:22:16 0 举报elk 可观测性平台(Observability Platform)架构
作者其他创作
大纲/内容
es搭建指令简洁
142 wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.17.3-x86_64.rpm146 history | tail -n 10yum -y localinstall filebeat-7.17.3-x86_64.rpmfilebeat -Vroot@elk153:~ # systemctl cat filebeat# /usr/lib/systemd/system/filebeat.service[Unit]Description=Filebeat sends log files to Logstash or directly to Elasticsearch.Documentation=https://www.elastic.co/beats/filebeatWants=network-online.targetAfter=network-online.target[Service]Environment=\"GODEBUG='madvdontneed=1'\"Environment=\"BEAT_LOG_OPTS=\"Environment=\"BEAT_CONFIG_OPTS=-c /etc/filebeat/filebeat.yml\"Environment=\"BEAT_PATH_OPTS=--path.home /usr/share/filebeat --path.config /etc/filebeat --path.data /var/lib/filebeat --path.logs /var/log/filebeaExecStart=/usr/share/filebeat/bin/filebeat --environment systemd $BEAT_LOG_OPTS $BEAT_CONFIG_OPTS $BEAT_PATH_OPTSRestart=always[Install]WantedBy=multi-user.target重启策略Restart=always —— 只要 filebeat 异常退出,systemd 会立即重新拉起。依赖After=network-online.target 保证网络就绪后再启动,避免启动阶段找不到 Elasticsearch/Logstash。环境变量GODEBUG='madvdontneed=1' 减少内存占用;其余 BEAT_*_OPTS 供用户通过 drop-in 覆盖。cp /etc/filebeat/filebeat.yml /etc/filebeat/filebeat.yml-$(date +%F)root@elk153:/etc/filebeat # filebeat -e -c /etc/filebeat/filebeat.yml2025-12-19T17:12:33.060+0800 INFO instance/beat.go:685 Home path: [/usr/share/filebeat] Config path: [/etc/filebeat] Data path: [/var/lib/filebeat] Logs path: [/var/log/filebeat] Hostfs Path: [/]2025-12-19T17:12:33.063+0800 INFO [stdin.harvester] log/harvester.go:309 Harvester started for paths: [] {\"harvester_id\": \"a021ed23-b5d7-4fdd-a90c-ea71805d8a46\"}333{\"@timestamp\":\"2025-12-19T09:12:36.272Z\
143 nginx -t 144 vim nginx.conf 145 nginx -t 146 rpm -qi nginx 147 nginx -V 2>&1 | head -n 1 148 find / -name modules.d 149 find / -name modules.d |grep /etc 150 cd /etc/filebeat/modules.d 157 egrep -v \"^*#|^$\" nginx.yml.disabled 158 cat nginx.yml.disabled 159 cd ~ 160 wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.50/bin/apache-tomcat-10.1.50.tar.gz 161 ll 162 cd es 163 ll 164 cd .. 165 cd var 166 cd /var/ 167 ll 168 cd .. 169 cd /usr/ 170 ll 171 cd .. 172 cd /root 173 ll 174 tar apache-tomcat-10.1.50.tar.gz -C /var/tomcat-soft 175 tar xf apache-tomcat-10.1.50.tar.gz -C /var/tomcat-soft 176 mkdir /var/tomcat-soft -pv 177 tar xf apache-tomcat-10.1.50.tar.gz -C /var/tomcat-soft 178 cd /var/tomcat-soft 179 ll 180 cd apache-tomcat-10.1.50/ 181 ll 182 cd .. 183 ln -sv apache-tomcat-10.1.50/ tomcat 184 ll 185 vim /etc/profile.d/elk.sh 186 ll 187 source /etc/profile.d/elk.sh 188 vim /etc/profile.d/elk.sh 189 source /etc/profile.d/elk.sh 190 vim /etc/profile.d/elk.sh 191 source /etc/profile.d/elk.sh 192 java --version 193 cat /etc/profile.d/elk.sh 194 nginx -V 2>&1 | head -n 1 195 egrep -v \"^*#|^$\" nginx.yml.disabled 196 find / -name modeles.d 197 find / -name modules.d 198 ll /usr/lib/dracut/modules.d 199 find / -name modules.d 200 cd /etc/filebeat/modules.d 201 ll 202 vim nginx.yml.disabled # 161 cd /etc/filebeat/ 162 cp filebeat-index3.yml filebeat-nginx.yml 163 filebeat -e -c /etc/filebeat/filebeat-nginx.yml 164 filebeat -e -c /etc/filebeat/filebeat-nginx2.yml 165 set +o history; 166 cd /etc/filebeat/modules.d/ 167 ll 168 ss tln 169 ss -tln 170 ss -uln# 155 cp filebeat-nginx.yml filebeat-nginx2.yml 156 ll 157 filebeat -e -c filebeat-nginx2.yml 158 filebeat -e -c /etc/filebeat-nginx2.yml 159 filebeat -e -c /etc/filebeat/filebeat-nginx2.yml 160 set +o history; 161 cd /etc/filebeat/ 162 cp filebeat-index3.yml filebeat-nginx.yml 163 filebeat -e -c /etc/filebeat/filebeat-nginx.yml 164 filebeat -e -c /etc/filebeat/filebeat-nginx2.yml 165 set +o history; 166 cd /etc/nginx/ 167 nginx -t 168 systemctl restart nginx 169 crul -I 127.0.0.1 170 curl -I 127.0.0.1 171 cat /var/log/nginx/ 172 cat /var/log/nginx/access.log 173 > /var/log/nginx/access.log 174 cat /var/log/nginx/access.log 175 curl -I 127.0.0.1 176 cat /var/log/nginx/error.log 177 > /var/log/nginx/error.log 178 cat /var/log/nginx/error.log # 167 systemctl stop filebeat 168 filebeat -e -c /etc/filebeat/filebeat-nginx2.yml 169 systemctl stop filebeat 170 filebeat -e -c /etc/filebeat/filebeat-nginx2.yml 171 systemctl stop filebeat 172 systemctl start filebeat 173 filebeat -e -c /etc/filebeat/filebeat-nginx2.yml 174 systemctl stop filebeat 175 journalctl -u filebeat -f 176 ps aux | grep filebeat 177 kill -9 10652 178 ps aux | grep filebeat 179* 180 ll 181 rm -rf /var/lib/filebeat/* 182 ll 183 ll /var/lib/filebeat/* 184 ll /var/lib/filebeat/ 185 filebeat -e -c /etc/filebeat/filebeat-nginx2.yml 186 cd /etc/filebeat/ 187 cp filebeat-nginx2.yml filebeat-nginx-modules.yml 188 filebeat modules 189 filebeat modules list 190 filebeat -c /etc/filebeat modules list 191 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules 192 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules ;ist 193 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules list 194 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules enable nginx 195 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules list 196 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules list | head 197 filebeat -e -c /etc/filebeat/filebeat-nginx-modules.yml 198* cp filebeat-nginx-modules.yml filebeat-tomcat-mo 199 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules disable nginx 200 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules enable tomcat 201 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules list | head 202 filebeat -e -c /etc/filebeat/filebeat-tomcat-modules.yml 203 filebeat -c /etc/filebeat/filebeat-nginx-modules.yml modules list | head 204 filebeat -e -c /etc/filebeat/filebeat-tomcat-modules.yml # 161 systemctl cat elasticsearch 162 /usr/share/elasticsearch 163 cd /usr/share/elasticsearch 164 ll 165 cd jdk/ 166 cd /var/tomcat-soft/ 167 cd apache-tomcat-10.1.50/ 168 ll 169 cd bin/ 170 ll 171 ./catalina.sh 172 java --version 173 source /etc/profile.d/elk.sh 174 java --version 175 ./catalina.sh 176 ss -nlt 177 ./catalina.sh run 178 ./catalina.sh start 179 ss -nlt 180 rm -rf /var/lib/filebeat/* 181 cd .. 182 cd log 183 ll 184 cd logs/ 185 ll 186 rm -rf /var/lib/filebeat/* 187 rm -rf /var/lib/filebeat/*\\ 188 rm -rf /var/lib/filebeat/* 189 ll paths: 190 ll /var/tomcat-soft/apache-tomcat-10.1.50/logs/*.txt 191 rm -rf /var/lib/filebeat/*
sudo tee /etc/yum.repos.d/nginx.repo << 'EOF'[nginx-stable]name=nginx stable repobaseurl=http://nginx.org/packages/centos/$releasever/$basearch/gpgcheck=1enabled=1gpgkey=https://nginx.org/keys/nginx_signing.keymodule_hotfixes=true[nginx-mainline]name=nginx mainline repobaseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/gpgcheck=1enabled=0gpgkey=https://nginx.org/keys/nginx_signing.keymodule_hotfixes=trueEOFsudo yum clean all && sudo yum makecachesudo yum install -y nginxsudo yum-config-manager --disable nginx-stablesudo yum-config-manager --enable nginx-mainlinesudo yum upgrade -y nginxsystemctl enable nginx # 设置开机自启systemctl status nginx # 查看服务状态sudo systemctl enable --now nginxlog_format oldboyedu_nginx_json '{ \"timestamp\":\"$time_iso8601\
https://www.elastic.co/cn/elastic-stack#%E7%BB%88%E7%AB%AF数据源(应用服务)轻量级采集器(Filebeat)消息队列(Kafka 集群)数据处理层(Logstash)核心存储与搜索(Elasticsearch 分布式集群)可视化与监控(Kibana / Grafana / Superset)其他数据库(ClickHouse / MySQL / PostgreSQL)云存储或备份(如 S3 或 HDFS)① 业务容器/宿主机 → ② Filebeat(轻量托运)→ ③ Kafka(Topic 分区)→ ④ Logstash(解析、IP 转地理、字段脱敏)→ ⑤ Elasticsearch(热温冷分层)→ ⑥ Kibana/Grafana(仪表盘、告警)同时:④’ Logstash 的另一路消费 → ClickHouse(宽表)→ Superset(BI 大屏)⑤’ 大数据团队直接消费 Kafka → Spark/Flink → 离线数仓或实时风控ELK + Metricbeat与日志统一平台、Kibana 体验好、部署简单高级告警需付费许可Prometheus + Grafana开源免费、生态强大、适合云原生与日志系统分离,需维护两套平台Zabbix / Nagios传统监控强项、告警成熟可视化较弱,扩展性差Lucene 是“发动机”,Solr 和 Elasticsearch(ES)都是在 Lucene 之上封装好的“整车”;Solr 偏向传统企业级搜索,ES 主打分布式实时分析与云原生。Elasticsearch 是现代搜索与数据分析的主流选择,尤其在日志、监控、实时分析、可观测性领域占据绝对优势。Solr 依然有价值,尤其是在需要处理富文本文档、复杂查询逻辑的企业级环境中。
es 指令1
file内置模板
file beat.yml
Last login: Thu Dec 25 08:49:06 2025 from 10.0.0.1root@elk151:~ # yum install -y epel-releaseroot@elk151:~ # yum install -y redisroot@elk151:/etc # systemctl status redisroot@elk151:/etc # ss -ntlState Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:6379 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 :::9200 :::* LISTEN 0 128 :::9300 :::* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25root@elk151:/etc # egrep -v \"^#|^$\" ./redis.conf bind 0.0.0.0protected-mode yesport 6379tcp-backlog 511timeout 0tcp-keepalive 300daemonize nosupervised nopidfile /var/run/redis_6379.pidloglevel noticelogfile /var/log/redis/redis.logdatabases 16save 900 1save 300 10save 60 10000stop-writes-on-bgsave-error yesrdbcompression yesrdbchecksum yesdbfilename dump.rdbdir /var/lib/redisslave-serve-stale-data yesslave-read-only yesrepl-diskless-sync norepl-diskless-sync-delay 5repl-disable-tcp-nodelay noslave-priority 100 requirepass redisappendonly noappendfilename \"appendonly.aof\"appendfsync everysecno-appendfsync-on-rewrite noauto-aof-rewrite-percentage 100auto-aof-rewrite-min-size 64mbaof-load-truncated yeslua-time-limit 5000slowlog-log-slower-than 10000slowlog-max-len 128latency-monitor-threshold 0notify-keyspace-events \"\"hash-max-ziplist-entries 512hash-max-ziplist-value 64list-max-ziplist-size -2list-compress-depth 0set-max-intset-entries 512zset-max-ziplist-entries 128zset-max-ziplist-value 64hll-sparse-max-bytes 3000activerehashing yesclient-output-buffer-limit normal 0 0 0client-output-buffer-limit slave 256mb 64mb 60client-output-buffer-limit pubsub 32mb 8mb 60hz 10aof-rewrite-incremental-fsync yesroot@elk151:/etc # redis-cli -a redis -h 10.0.0.151 --raw10.0.0.151:6379> key *ERR unknown command 'key'10.0.0.151:6379> keys *10.0.0.151:6379> set ab 111OK10.0.0.151:6379> get ab11110.0.0.151:6379> keys *ab10.0.0.151:6379> root@elk151:/etc # redis-cli -a redis -h 10.0.0.151 -n 1 --raw10.0.0.151:6379[1]> keys *filebeat-redis10.0.0.151:6379[1]> keys *filebeat-redis10.0.0.151:6379[1]> LRANGE 0 -1ERR wrong number of arguments for 'lrange' command10.0.0.151:6379[1]> LRANGE filebeat-redis 0 -1{\"@timestamp\":\"2025-12-25T09:20:01.806Z\
linux系统日志
/var/log; rsyslog
kibanna指令
tcp/udp/file
# CentOS/RHELyum install nc -y # 或 nmap-ncat(功能更全)# Ubuntu/Debianapt install netcat -ytelnet 10.0.0.150 8080nc -vz 10.0.0.150 9200# 输出:Connection to 10.0.0.150 9200 port [tcp/*] succeeded!telnet vs nc 对比功能telnetnc (netcat)TCP 端口测试✅ 支持✅ 支持(-vz)UDP 端口测试❌ 不支持✅ 支持(-u)监听端口❌ 不能✅ 支持(-l)文件传输❌ 不能✅ 支持脚本友好❌ 需交互退出✅ 可管道、重定向加密(TLS)❌ 不支持❌ 原生不支持(但 ncat 支持 --ssl)# 安装 rsyslog(兼容所有主流发行版)sudo yum install -y rsyslog # RHEL/CentOSsudo apt install -y rsyslog # Ubuntu/Debian# 启用并启动sudo systemctl enable --now rsyslog# 测试logger \"Hello from $(hostname)\"tail /var/log/messages # 或 /var/log/syslogroot@elk153:/etc # wc -l ./filebeat/rsyslog.yml19 ./filebeat/rsyslog.ymlfilebeat test config -c /etc/filebeat/rsyslog.ymlfilebeat test output -c /etc/filebeat/rsyslog.yml权限数字含义(Octal)数字含义0600rw------- → 只有所有者可读写0644rw-r--r-- → 所有人可读,只有所有者可写0755rwxr-xr-x → 所有人可读执行,只有所有者可写0777rwxrwxrwx → 所有人均可读写执行(危险!) 736 nc -vzu 10.0.0.150 53 # 测试 DNS 737 nc -vzu 10.0.0.150 743 ll | grep lib/ 745 journalctl -f 756 journalctl -u nginx --output json-pretty | head -10 763 ll -h filebeat/ 765 wc -l ./filebeat/rsyslog.yml 766 cd filebeat/ 767 filebeat test config -c /etc/filebeat/rsyslog.yml 768 filebeat test output -c /etc/filebeat/rsyslog.yml 769 nc -vz 10.0.0.150 9200
nginx配置
logstash
tomcat
/etc/elasticsearch/elasticsearch.ymlyum install -y telnettelnet elk150 9200# 或nc -zv elk150 9200sudo lsof -i :9200yum install lsof -y # CentOS 7# 1. 查看监听地址ss -tuln ss -tuln | grep 9200-l:--listening,只看“监听”状态的套接字(即服务端端口)。-p:--processes,把“哪个进程占用了这个端口”一起打印出来(需要 sudo)。-n:--numeric,禁止反查 /etc/services,直接显示数字端口,加快输出并避免歧义。sudo ss -lpn 'sport = :9200'如果还想看 UDP 也扫一下,再加 -u:sudo ss -plnu 'sport = :9200'# 2. 获取 elk150 解析的 IP(确认是否本机)ping -c1 elk150# 假设返回 10.0.0.150# 3. 用真实 IP 测试curl http://10.0.0.150:9200# 4. 如果失败,但 localhost 成功 → 肯定是 network.host 问题curl http://localhost:9200::ffff:127.0.0.1 是 IPv6 表示的 IPv4 回环地址(127.0.0.1)::1 是 IPv6 的回环地址没有 0.0.0.0:9200 或 :::9200(即监听所有接口)✅ 结论:Elasticsearch 仍然只绑定在 127.0.0.1(localhost),没有监听外部网络接口grep -v \"^#\" /etc/elasticsearch/elasticsearch.yml | grep -E \"network.host|initial_master|node.name\"sudo tail -f /var/log/elasticsearch/elasticsearch.logsudo tail -n 50 /var/log/elasticsearch/elasticsearch.logegrep -v \"^#|^$\
filebeat.inputs:- type: stdin enabled: true#output.elasticsearch: #hosts: [\"https://myEShost:9200\"] output.console: preety: truefilebeat.inputs:- type: log paths: - /tmp/text.txtoutput.console: preety: true#### 2025-12-19T17:42:02.999+0800 INFO memlog/store.go:119 Loading data file of '/var/lib/filebeat/registry/filebeat' succeeded. Active transaction id=02025-12-19T17:42:02.999+0800 INFO memlog/store.go:124 Finished loading transaction log file for '/var/lib/filebeat/registry/filebeat'. Active transaction id=7root@elk153:/tmp # cat text.txt111root@elk153:/tmp # ll '/var/lib/filebeat/registry/filebeat> ^Croot@elk153:/tmp # ll /var/lib/filebeat/registry/filebeat总用量 8-rw------- 1 root root 2584 12月 19 17:43 log.json-rw------- 1 root root 15 12月 19 16:29 meta.json# 删除或者修改最后一条的偏移量root@elk153:/tmp # rm -rf /var/lib/filebeat/*167 systemctl enable elasticsearch --now 172 ll /etc/kibana/ 173 systemctl enable kibana --now 174 ss -ltn 177 vim /etc/hosts 178 cat /etc/hosts 179 ping tomcat.games.com 180 which data_rsync.sh 181 vim /usr/local/sbin/data_rsync.sh 182 data_rsync.sh /usr/local/sbin/data_rsync.sh 183 data_rsync.sh /etc/hosts 184 vim /usr/local/sbin/data_rsync.sh 185 for ((host_id=151;host_id<=153;host_id++)); do ssh-copy-id elk$((host_id)); done 187 vim /etc/hosts 188 data_rsync.sh /etc/hosts373 ss -tnl 374 ps aux | grep tomcat 375 tail -f /var/tomcat-soft/apache-tomcat-10.1.50/logs/catalina.out 376 java -version 394 curl -I http://tomcat.games.com:8080 395 cat /etc/hosts 396 tail -f /var/tomcat-soft/apache-tomcat-10.1.50/logs/catalina.out
nginx 源
redis
root@elk150:~ # yum -y localinstall kibana-7.17.3-x86_64.rpm 已加载插件:fastestmirror正在检查 kibana-7.17.3-x86_64.rpm: kibana-7.17.3-1.x86_64kibana-7.17.3-x86_64.rpm 将被安装正在解决依赖关系--> 正在检查事务---> 软件包 kibana.x86_64.0.7.17.3-1 将被 安装--> 解决依赖关系完成依赖关系解决================================================================================================================================================== Package 架构 版本 源 大小==================================================================================================================================================正在安装: kibana x86_64 7.17.3-1 /kibana-7.17.3-x86_64 646 M事务概要==================================================================================================================================================安装 1 软件包总计:646 M安装大小:646 MDownloading packages:Running transaction checkRunning transaction testTransaction test succeededRunning transaction 正在安装 : kibana-7.17.3-1.x86_64 1/1 Creating kibana group... OKCreating kibana user... OKCreated Kibana keystore in /etc/kibana/kibana.keystore 验证中 : kibana-7.17.3-1.x86_64 1/1 已安装: kibana.x86_64 0:7.17.3-1 完毕!root@elk150:~ # ll /etc/kibana/总用量 16-rw-rw---- 1 root kibana 130 12月 19 13:46 kibana.keystore-rw-rw---- 1 root kibana 5243 4月 19 2022 kibana.yml-rw-r--r-- 1 root kibana 305 4月 19 2022 node.optionsroot@elk150:~ # cd /etc/kibana/root@elk150:/etc/kibana # ll总用量 16-rw-rw---- 1 root kibana 130 12月 19 13:46 kibana.keystore-rw-rw---- 1 root kibana 5243 4月 19 2022 kibana.yml-rw-r--r-- 1 root kibana 305 4月 19 2022 node.optionsroot@elk150:/etc/kibana # cd ..root@elk150:/etc # cd kibana/root@elk150:/etc/kibana # ll总用量 16-rw-rw---- 1 root kibana 130 12月 19 13:46 kibana.keystore-rw-rw---- 1 root kibana 5243 4月 19 2022 kibana.yml-rw-r--r-- 1 root kibana 305 4月 19 2022 node.optionsroot@elk150:/etc/kibana # egrep -v \"^#|^$\" kibana.yml server.host: \"0.0.0.0\"server.name: \"elk150-kibana\"elasticsearch.hosts: [\"http://10.0.0.150:9200\
指令
filebeat
ela配置
redis指令
# CentOS / RHEL / Rocky Linux# 1. 安装 EPEL 仓库(Redis 在 EPEL 中)sudo yum install -y epel-release# 2. 安装 Redissudo yum install -y redis# 3. 启动并设置开机自启sudo systemctl enable --now redis# 4. 检查状态systemctl status redis2. Ubuntu / Debianbash编辑# 1. 更新包列表sudo apt update# 2. 安装 Redissudo apt install -y redis-server# 3. 启动并设置开机自启(通常已默认启用)sudo systemctl enable --now redis-server# 4. 检查状态systemctl status redis-server#### 源码编译安装(适合需要最新版)# 1. 安装依赖# CentOSsudo yum install -y gcc make jemalloc-devel# Ubuntusudo apt install -y build-essential tcl# 2. 下载 Redis(去 https://redis.io 找最新版)cd /tmpwget https://download.redis.io/releases/redis-7.2.4.tar.gztar xzf redis-7.2.4.tar.gzcd redis-7.2.4# 3. 编译make# 4. 安装到 /usr/local/binsudo make install# 5. 创建配置目录和用户sudo mkdir /etc/redissudo cp redis.conf /etc/redis/sudo useradd --system --shell /sbin/nologin --no-create-home redis# 6. 修改配置(同上,设密码、bind 等)sudo chown -R redis:redis /etc/redis# 7. 创建 systemd 服务(可选)sudo tee /etc/systemd/system/redis.service <<EOF[Unit]Description=Redis In-Memory Data StoreAfter=network.target[Service]User=redisGroup=redisExecStart=/usr/local/bin/redis-server /etc/redis/redis.confExecStop=/usr/local/bin/redis-cli shutdownRestart=alwaysRestartSec=5[Install]WantedBy=multi-user.targetEOF# 8. 启动sudo systemctl daemon-reloadsudo systemctl enable --now redis# 查看版本redis-server --version# 连接测试redis-cli ping# 返回 PONG 表示正常# 查看进程ps aux | grep redis# 查看端口ss -tulnp | grep 6379# 1. 创建专用用户sudo useradd --system --shell /sbin/nologin --no-create-home redis--system创建 系统用户(UID 通常 < 1000),用于运行服务,而非真实人类用户--shell /sbin/nologin设置用户的登录 shell 为 /sbin/nologin → 禁止交互式登录(即使知道密码也无法 SSH 或 su 登录)--no-create-home不创建家目录(如 /home/redis),因为服务不需要redis新用户的用户名# 2. 创建配置目录 & 数据目录sudo mkdir /etc/redissudo mkdir /var/lib/redis# 3. 复制配置文件sudo cp redis.conf /etc/redis/# 4. 设置所有权sudo chown -R redis:redis /etc/redis # 配置sudo chown -R redis:redis /var/lib/redis # 数据# 5. 在 redis.conf 中指定路径# dir /var/lib/redis# logfile /var/log/redis/redis.log (还需创建日志目录并授权)# CentOSsudo firewall-cmd --permanent --add-port=6379/tcpsudo firewall-cmd --reload# Ubuntusudo ufw allow 6379/tcp在 redis.conf 中设置:bind 10.0.0.101requirepass redisprotected-mode yesredis-cli \\ -a redis \\ -h 10.0.0.101 \\ -p 6379 \\ --raw \\ -n 5-a redis 指定密码(auth),用于登录受保护的 Redis 实例-h 10.0.0.101指定 Redis 服务器的 IP 地址-p 6379指定 Redis 服务端口(默认为 6379)--raw以原始格式输出结果(不自动换行或美化)-n 5切换到数据库编号为 5 的数据库(Redis 支持最多 16 个数据库,默认是 0redis-cli -a redis-h 10.0.0.101 -p 6379 ping# 返回 PONG 表示连接正常redis-cli -a redis-h 10.0.0.101 -p 6379 -n 5 keys *# 查看数据库 5 中的所有 key#Redis 的 **List** 是一个双向链表结构,10.0.0.151:6379[1]> LRANGE filebeat-redis 0 -1| **LPUSH** | 头部 | 插入 | ✅ 是 || **RPUSH** | 尾部 | 插入 | ✅ 是 || **LPOP** | 头部 | 移除并返回 | ✅ 是 || **RPOP** | 尾部 | 移除并返回 | ✅ 是 || **LRANGE** | - | 查看(不修改) | ❌ 否 |
文本
指令2
kibana配置
es 指令2
0 条评论
下一页
