系统工程师实战

1. Ceph

基于 CentOS Stream9

1.1. Ceph Cluster部署

Ceph Cluster部分包含三台虚拟机:node01 mpde02 node03

1.1.1. 必要软件安装

#EPEL镜像设置
dnf install -y epel-release

#安装时间同步工具
dnf install -y systemd-timesyncd
#设置时间同步开机启动并立即启动
systemctl enable systemd-timesyncd --now

#配置Ceph软件仓库
rpm -Uvh https://download.ceph.com/rpm-18.1.3/el9/noarch/ceph-release-1-1.el9.noarch.rpm

#安装ceph-common
dnf install -y  ceph-common

#安装cephadm & podman
dnf install -y cephadm podman

#安装 centos-release-ceph-pacific
dnf install -y centos-release-ceph-pacific

以上操作三台虚拟机都需要进行

1.1.2. 初始化管理节点

以下操作均在node01进行

cephadm bootstrap --mon-ip 192.168.122.91

控制台输出

URL: https://192.168.122.91:8443/
User: admin
Password: d41l878gd7

以上输出请注意自行保存

1.1.3. 查看Ceph版本和状态

ceph -v
ceph status & ceph -s

1.1.4. 获取Ceph公钥

ceph cephadm get-pub-key > ~/ceph.pub

1.1.5. 复制Ceph公钥

将上述生成的Ceph公钥复制到node02和node03服务器的root用户的~/.ssh/authorized_keys 文件中.

ssh-copy-id -f -i ~/ceph.pub root@node02
ssh-copy-id -f -i ~/ceph.pub root@node03

1.1.6. 主机添加到Ceph管理

cephadm shell -- ceph orch host add node01 192.168.122.91
cephadm shell -- ceph orch host add node02 192.168.122.12
cephadm shell -- ceph orch host add node03 192.168.122.212

1.1.7. 各主机添加Monitor标签

cephadm shell -- ceph orch host label add node01 mon
cephadm shell -- ceph orch host label add node02 mon
cephadm shell -- ceph orch host label add node03 mon

1.2. CephFS部署

1.2.1. 配置

#创建卷
ceph fs volume create geek_cephfs  --placement=3

#列出文件系统信息
ceph fs ls

#获取指定geek_cephfs卷的详细信息
ceph fs volume info geek_cephfs

#查看 Ceph 元数据服务器（MDS）的状态
ceph mds stat

#应用geek_cephfs卷的放置策略为3
ceph orch apply mds geek_cephfs --placement=3

参照官网文档,链接:https://docs.ceph.com/en/latest/cephadm/services/mds/#orchestrator-cli-cephfs

1.2.2. 查看Ceph概况

# [root@node01 ~]# ceph status
#   cluster:
#     id:     de382350-3221-11ee-bc03-525400b83c9a
#     health: HEALTH_OK

#   services:
#     mon: 3 daemons, quorum node01,node02,node03 (age 9m)
#     mgr: node01.vperxy(active, since 52m), standbys: node02.ldsnmd
#     mds: 1/1 daemons up, 2 standby
#     osd: 3 osds: 3 up (since 8m), 3 in (since 9m)

#   data:
#     volumes: 1/1 healthy
#     pools:   3 pools, 49 pgs
#     objects: 24 objects, 451 KiB
#     usage:   81 MiB used, 30 GiB / 30 GiB avail
#     pgs:     49 active+clean

1.2.3. 查看key

后续挂载操作需要用到此处的key

# [root@node01 ~]# cat /etc/ceph/ceph.client.admin.keyring
# [client.admin]
#	key = AQBXq9FkV9dFChAAazUqZkDlDMJu6Ym/frBBCQ==
#	caps mds = "allow *"
#	caps mgr = "allow *"
#	caps mon = "allow *"
#	caps osd = "allow *"

1.2.4. 挂载Ceph

可在任何主机执行挂载操作

mkdir -p /mnt/ceph
mount -t ceph 192.168.122.91:6789,192.168.122.12:6789,192.168.122.212:6789:/ /mnt/ceph -o name=admin,secret=AQBXq9FkV9dFChAAazUqZkDlDMJu6Ym/frBBCQ==

1.3. CephRGW部署

1.3.1. 安装配置

安装ceph-radosgw

dnf install -y ceph-radosgw

主机添加rgw标签

ceph orch host label add node01 rgw
ceph orch host label add node02 rgw
ceph orch host label add node03 rgw

启动rgw

ceph orch apply rgw test_rgw default --placement=label:rgw --port=8000

测试链接rgw服务

curl http://node01:8000

创建账户

radosgw-admin user create --uid=testuser --display-name=testuser --email=user@user.com

注意保存access_key和secret_key的值

1.3.2. S3

安装s3cmd

yum install -y s3cmd

初始化

# [root@node01 ~]# s3cmd --configure
# Access Key: #输入access_key
# Secret Key: #输入secret_key
# Default Region: #default
# S3 Endpoint: #192.168.122.91:8000
# DNS-style bucket+hostname:port template for accessing a bucket: #node01
# Encryption password: #回车
# Path to GPG program: #回车
# Use HTTPS protocol: #NO
# HTTP Proxy server name: #回车
# Test access with supplied credentials? #Y
# Save settings? #Y

测试使用S3

#创建桶
s3cmd mb s3://testbucket

#列出桶
s3cmd ls

1.3.3. swift

安装swiftclient

pip install python-swiftclient

创建swift子用户

radosgw-admin subuser create --uid=testuser --subuser=testuser:swift --access=full

常用swift操作命令

#列出bucket
swift -A http://192.168.122.91:8000/auth/1.0 -U testuser:swift -K NKcPIzH0YdowdrDEViYZhkpkNbAMD5GpDmRkGO0B list

#创建bucket
swift -A http://192.168.122.91:8000/auth/1.0 -U testuser:swift -K NKcPIzH0YdowdrDEViYZhkpkNbAMD5GpDmRkGO0B post bucketname

#删除bucket
swift -A http://192.168.122.91:8000/auth/1.0 -U testuser:swift -K NKcPIzH0YdowdrDEViYZhkpkNbAMD5GpDmRkGO0B delete bucketname

#上传文件到指定bucket
swift -A http://192.168.122.91:8000/auth/1.0 -U testuser:swift -K NKcPIzH0YdowdrDEViYZhkpkNbAMD5GpDmRkGO0B upload bucketname filename

#从指定bucket下载文件到当前目录
swift -A http://192.168.122.91:8000/auth/1.0 -U testuser:swift -K NKcPIzH0YdowdrDEViYZhkpkNbAMD5GpDmRkGO0B download bucketname filename

#删除指定bucket内的指定文件
swift -A http://192.168.122.91:8000/auth/1.0 -U testuser:swift -K NKcPIzH0YdowdrDEViYZhkpkNbAMD5GpDmRkGO0B delete bucketname filename

2. Git

基于 CentOS Stream9

2.1. 安装Git

yum install -y git

2.2. 新建用户

创建一个操作系统用户 git，并为其建立一个 .ssh 目录

#创建用户
sudo adduser git

#切换至git用户
su git && cd

#为git用户目录创建.ssh文件
mkdir  .ssh && chmod 700 .ssh

#创建authorized_keys文件，用以存储开发者的公钥
touch .ssh/authorized_keys && chmod 600 .ssh/authorized_keys

2.3. 添加开发者SSH密钥

开发工作机用户：root

cat ~/.ssh/id_rsa.pub

控制台输出

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCB007n/ww+ouN4gSLKssMxXnBOvf9LGt4L
ojG6rs6hPB09j9R/T17/x4lhJA0F3FR1rP6kYBRsWj2aThGw6HXLm9/5zytK6Ztg3RPKK+4k
Yjh6541NYsnEAZuXz0jTTyAUfrtU3Z5E003C4oxOj6H0rfIF1kKI9MAQLMdpGW1GYEIgS9Ez
Sdfd8AcCIicTDWbqLAcU4UpkaX8KyGlLwsNuuGztobF8m72ALC/nLF6JLtPofwFBlgc+myiv
O7TCUSBdLQlgMVOFq1I2uPWQOkOWQAHukEOmfjy2jctxSDBQ220ymjaNsHT4kgtZg2AYYgPq
dAv8JggJICUvax2T9va5 root

将输出的公钥复制到git用户.ssh目录下的authorized_keys文件中，这样便达成了root用户无密码登陆git用户

2.4. 初始化空仓库

#新建一个专门放置仓库的目录
mkdir git_repo && cd git_repo

#新建一个名为project的空仓库
mkdir project.git && cd project.git

#初始化project空仓库
git init --bare

2.5. 使用Git仓库

开发工作机用户:root

git clone git@serverip:/git_repo/project.git
#警告：您似乎克隆了一个空仓库

cd project

vim README.md

git add .

git commit -m "add README file"

git push origin master

3. 内网搭建Gitlab

基于 CentOS Stream9

3.1. 新增GitLab Yum仓库

3.1.1. 添加Yum仓库

位置：内网服务器，用户：root

curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | bash

3.1.2. 列出GitLab的仓库列表

位置：内网服务器，用户：root

yum repolist all | grep gitlab

3.1.3. 查看可用的GitLab软件包

3.1.4. 默认禁用GitLab仓库

位置：内网服务器，用户：root

yum-config-manager --disable gitlab_gitlab-ce | egrep '(\[gitlab_gitlab-ce\])|enabled'

3.2. 安装GitLab软件包

3.2.1. 安装GitLab依赖

位置：内网服务器，用户：root

yum install -y libarchive

3.2.2. 预设GitLab运行参数

预设GitLab访问URL

位置：内网服务器，用户：root

EXTERNAL_URL="http://gitlab.sjx.com:8181"

预设GitLab默认密码

位置：内网服务器，用户：root

GITLAB_ROOT_PASSWORD=$(pwgen -s 20|head -n 1)
echo -e "GitLab默认用户：root\nGitLab默认密码：${GITLAB_ROOT_PASSWORD}"

预设GitLab访问域名

位置：内网服务器，用户：root

egrep '^127.0.0.1 gitlab.sjx.com$' /etc/hosts > /dev/null || echo '127.0.0.1 gitlab.sjx.com' >> /etc/hosts

3.2.3. 手动安装GitLab

位置：内网服务器，用户：root

打印GitLab软件包URL

GITLAB_RPM_URL=$(yumdownloader --disablerepo=\* --enablerepo=gitlab_gitlab-ce --urls gitlab-ce | egrep '^https://.+\.rpm$')
GITLAB_RPM_FILE=/tmp/$(basename ${GITLAB_RPM_URL})

echo -e "GitLab软件包文件：\n\t${GITLAB_RPM_FILE}\n GitLab软件包URL：\n\t${GITLAB_RPM_URL}"

下载软件包 .位置：内网服务器，用户：root

wget -c ${GITLAB_RPM_URL} -O ${GITLAB_RPM_FILE}

安装Gitlab .位置：内网服务器，用户：root

EXTERNAL_URL=${EXTERNAL_URL} GITLAB_ROOT_PASSWORD=${GITLAB_ROOT_PASSWORD} yum install -y ${GITLAB_RPM_FILE}

3.3. 查看GitLab服务状态

3.3.1. 查看GitLab状态

位置：内网服务器，用户：root

#系统服务状态
systemctl status gitlab-runsvdir

#所有组件状态
gitlab-ctl status

3.3.2. 查看GitLab默认HTTP端口

位置：内网服务器，用户：root

gitlab-ctl show-config 2>/dev/null | grep '"external-url":'

3.4. 为GitLab新增防火墙规

位置：内网服务器，用户：root

增加防火墙放行规则

GITLAB_PORT=8181
PERM="--permanent"
SERV_NAME=GITLAB_${GITLAB_PORT}
SERV="${PERM} --service=${SERV_NAME}"

firewall-cmd ${PERM} --new-service=${SERV_NAME}
firewall-cmd ${SERV} --set-short="GitLab ports"
firewall-cmd ${SERV} --set-description="GitLab port exceptions"
firewall-cmd ${SERV} --add-port=${GITLAB_PORT}/tcp
firewall-cmd ${PERM} --add-service=${SERV_NAME}

位置：内网服务器，用户：root

重载防火墙配置

firewall-cmd --reload

位置：内网服务器，用户：root

查看防火墙规则

firewall-cmd --list-all

3.5. GitLab管理维护：gitlab-ctl

3.5.1. gitlab-ctl命令参数

位置：内网服务器，用户：root

gitlab-ctl --help

3.5.2. gitlab-ctl常用命令

位置：内网服务器，用户：root

#列表GitLab组件状态
gitlab-ctl status


#管理GitLab所有组件状态
gitlab-ctl start

gitlab-ctl stop

gitlab-ctl restart



#管理GitLab指定组件状态(以nginx为例子)
gitlab-ctl start nginx

gitlab-ctl stop nginx

gitlab-ctl restart nginx

gitlab-ctl hup nginx


#滚动输出GitLab日志
tree /var/log/gitlab/

#输出所有日志
gitlab-ctl tail

#输出指定目录下的所有日志，如 /var/log/gitlab/nginx
gitlab-ctl tail nginx

#输出指定文件的日志，如 /var/log/gitlab/gitlab-rails/production.log
gitlab-ctl tail gitlab-rails/production.log

#滚动输出日志并保存到文件
gitlab-ctl tail | tee --append /tmp/gitlab_tail.log


#打印GitLab配置清单
gitlab-ctl show-config

#打印自定义的配置
gitlab-ctl diff-config

3.6. 第一次访问GitLab Web

访问 http://gitlab.sjx.com:8181 ，完成第一次登录操作 TIP: 如果是在虚拟机上部署，建议做好本地域名解析！

4. Flutter

基于 Arch Linux

4.1. 安装

4.1.1. 安装必要软件

#安装flutter
sudo pacman -S flutter

#安装最新版本即可
yay android-studio

#安装android-sdk
sudo pacman -S android-sdk

安装android-sdk这一步也可以在安装android-studio成功后进行 === 常用命令

flutter doctor

flutter devices

5. Prometheus

基于 CentOS Stream9

5.1. 下载

下载最新版本的Prometheus Sevrer软件包

官方下载地址:https://prometheus.io/download/，注意对应的系统类型

#下载
wget -c https://github.com/prometheus/prometheus/releases/download/v2.46.0/prometheus-2.46.0.linux-amd64.tar.gz

#解压
tar xvfz prometheus-*.tar.gz

5.2. 配置

配置Prometheus以监控自己

cat << EOF > ~/prometheus-2.46.0.linux-amd64/prometheus.yml
global:
  scrape_interval:     15s # By default, scrape targets every 15 seconds.

  # Attach these labels to any time series or alerts when communicating with
  # external systems (federation, remote storage, Alertmanager).
  external_labels:
    monitor: 'codelab-monitor'

# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
  - job_name: 'prometheus'

    # Override the global default and scrape targets from this job every 5 seconds.
    scrape_interval: 5s

    static_configs:
      - targets: ['localhost:9090']

EOF

5.3. 启动

5.3.1. 临时启动Prometheus

cd prometheus-*

./prometheus --config.file=prometheus.yml

5.3.2. 创建Prometheus服务

cat << EOF > /etc/systemd/system/prometheus.service

[Unit]
Description=Prometheus Monitoring System
Wants=network-online.target
After=network-online.target

[Service]
User=root
ExecStart=/root/prometheus-2.46.0.linux-amd64/prometheus --config.file=/root/prometheus-2.46.0.linux-amd64/prometheus.yml

[Install]
WantedBy=default.target

EOF

5.3.3. 启动服务

#重载
systemctl daemon-reload

#启动
systemctl start prometheus

#设置服务开机启动
systemctl enable prometheus

#查看服务状态
systemctl status prometheus

5.3.4. 访问

#本机
localhost:9090

#内网其他机器
ipaddress:9090

5.4. 安装MySQL监控插件

5.4.1. 安装mysql_exporter

#下载
wget -c https://github.com/prometheus/node_exporter/releases/download/v1.6.1/node_exporter-1.6.1.linux-amd64.tar.gz

#解压
tar zxvf mysqld_exporter-1.6.1.linux-amd64.tar.gz

#移动到指定目录
mv mysqld_exporter-1.6.1.linux-amd64 /usr/local/mysql_exporter

cd /usr/local/mysql_exporter

5.4.2. 配置

登录mysql为exporter创建账号并授权

#创建数据库用户
mysql> CREATE USER 'mysql_exporter'@'localhost' IDENTIFIED BY 'password';

#给权限
mysql> GRANT PROCESS, REPLICATION CLIENT, SELECT ON *.* TO 'mysql_exporter'@'localhost';

创建mysql配置文件、运行时可免密码连接数据库

vim /usr/local/mysql_exporter/.my.cnf

[client]
user=mysql_exporter
password=password

5.4.3. 启动

临时启动

#注意此时在/usr/local/mysql_exporter目录下
./mysqld_exporter --config.my-cnf=.my.cnf

创建服务启动

cat << EOF > /etc/systemd/system/mysqld_exporter.service
[Unit]
Description=https://prometheus.io

[Service]
Restart=on-failureExecStart=/usr/local/mysql_exporter/mysqld_exporter --config.my-cnf=.my.cnf

[Install]
WantedBy=multi-user.target
EOF

#重载并启动
systemctl daemon-reload
systemctl restart mysql_exporter.service

5.4.4. 使用

使用prometheus监控修改监控端配置文件

vim ~/prometheus-2.46.0.linux-amd64/prometheus.yml

#详细内容排列如下
scrape_configs:
  - job_name: 'prometheus'
    static_configs:
    - targets: ['192.168.122.219:9090']

  - job_name: 'mysql-001'
    static_configs:
    - targets: ['192.168.122.219:9104']

    scrape_interval: 5s


#完成配置后可重启服务
systemctl restart prometheus
systemctl restart mysqld_exporter

6. Zabbix

基于 CentOS Stream9

6.1. 安装

6.1.1. 禁用EPEL提供的Zabbix软件包

#如果安装了EPEL仓库，请在对应块添加参数
[epel]
...
excludepkgs=zabbix*

6.1.2. 安装Zabbix仓库

rpm -ivh http://repo.zabbix.com/zabbix/6.5/centos/9/x86_64/zabbix-release-6.5-2.el9.noarch.rpm

dnf clean all

6.1.3. 安装必要软件

dnf install zabbix-server-mysql zabbix-web-mysql zabbix-apache-conf zabbix-sql-scripts zabbix-selinux-policy zabbix-agent

6.2. 配置

6.2.1. 创建初始数据库

在数据库主机上运行以下代码

mysql> create database zabbix character set utf8mb4 collate utf8mb4_bin;
mysql> create user zabbix@localhost identified by 'password';
mysql> grant all privileges on zabbix.* to zabbix@localhost;
mysql> set global log_bin_trust_function_creators = 1;
mysql> quit;

如果因为不安全不能设置’password'，可执行命令修改密码策略set global validate_password.policy=0;

6.2.2. 初始化

导入初始架构和数据，系统将提示您输入新创建的密码

zcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | mysql --default-character-set=utf8mb4 -uzabbix -p zabbix

控制台输出

#此时输入你在创建数据库设置的密码，请注意输入后没有反应是正常的现象
Password:

6.2.3. 禁用选项

在数据库主机上运行以下代码

mysql> set global log_bin_trust_function_creators = 0;

6.2.4. 为Zabbix Server配置数据库

编辑配置文件 /etc/zabbix/zabbix_server.conf

#可键入/或者?进行搜索
......
DBPassword=password
......

6.3. 启动

6.3.1. 启动Zabbix Server和agent进程

启动Zabbix Server和agent进程，并为它们设置开机自启

systemctl restart zabbix-server zabbix-agent httpd php-fpm

systemctl enable zabbix-server zabbix-agent httpd php-fpm

7. Jenkins

基于 CentOS Stream9

7.1. 新增Jenkins Yum仓库

7.1.1. 下载仓库文件

wget \
  --inet4-only \
  -O /etc/yum.repos.d/jenkins.repo \
  https://pkg.jenkins.io/redhat-stable/jenkins.repo

7.1.2. 导入仓库密钥

#导入仓库密钥
rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key

7.1.3. 默认禁用Jenkins仓库

Jenkins仓库（服务器位于国外）经常无法访问或者速度慢，影响Yum使用，默认禁用之

yum-config-manager --disable jenkins | egrep '(\[jenkins\])|enabled'

7.2. 安装Jenkins软件包

7.2.1. 安装依赖

#安装Java11
yum install -y java-11-openjdk java-11-openjdk-devel java-11-openjdk-headless

#设置系统默认Java
alternatives --set java `ls /usr/lib/jvm/java-11-openjdk-*/bin/java`
alternatives --set javac `ls /usr/lib/jvm/java-11-openjdk-*/bin/javac`
alternatives --set jre_openjdk `ls -d /usr/lib/jvm/java-11-openjdk-*`
alternatives --set java_sdk_openjdk `ls -d /usr/lib/jvm/java-11-openjdk-*`

#查看Java版本
java -version

7.2.2. 安装jenkins

yum --disablerepo=\* --enablerepo=jenkins install jenkins

7.3. 为Jenkins新增防火墙规则

#增加防火墙放行规则
JENKINS_PORT=8282
PERM="--permanent"
SERV_NAME=jenkins_${JENKINS_PORT}
SERV="${PERM} --service=${SERV_NAME}"

firewall-cmd ${PERM} --new-service=${SERV_NAME}
firewall-cmd ${SERV} --set-short="Jenkins ports"
firewall-cmd ${SERV} --set-description="Jenkins port exceptions"
firewall-cmd ${SERV} --add-port=${JENKINS_PORT}/tcp
firewall-cmd ${PERM} --add-service=${SERV_NAME}

#重载防火墙配置
firewall-cmd --reload

#查看防火墙配置
firewall-cmd --list-all

放行的规则中必须有 jenkins_8282 服务

7.4. 配置Jenkins

7.4.1. 配置Jenkins访问端口

vim /usr/lib/systemd/system/jenkins.service

#此处修改Jenkins的访问端口
......
Environment="JENKINS_PORT=8282"
......

7.5. 启动Jenkins

启动有点慢是正常状态

#开机启动Jenkins
systemctl enable jenkins

#启动Jenkins
systemctl start jenkins

#查看Jenkins状态
systemctl status jenkins

7.6. 第一次访问Jenkins Web

7.6.1. 获取初始管理员密码

cat /var/lib/jenkins/secrets/initialAdminPassword

7.6.2. 访问Jenkins Web

操作位置:开发工作机(如本机Arch Linux)

#访问地址
http://jenkins.sjx.com:8282

7.6.3. 解锁Jenkins

输入获取初始管理员密码看到的密码,解锁Jenkins:

7.6.4. 选择插件

选择安装推荐的插件:

7.6.5. 安装插件

网络安装选择的插件，需要更多的耐心等待下载完成

7.6.6. 创建第一个管理员用户

建议选择使用admin账户继续(跳过创建),熟悉Jenkins后再创建新的管理员

7.6.7. 配置URL

输入 http://jenkins.sjx.com:8282

7.6.8. 配置完成

7.6.9. Jenkins首页

8. Postgresql

基于 CentOS Stream9

8.1. 安装

#安装
dnf -y install postgresql-server

#初始化
postgresql-setup --initdb

#启动
systemctl start postgresql

#设置开机启动
systemctl enable --now postgresql

8.2. 配置

主配置文件: /var/lib/postgres/data/postgresql.conf
客户端认证配置文件: /var/lib/postgres/data/pg_hba.conf

pg_hba.conf 中有：

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             127.0.0.1/32            trust

通常，我会将上面这行修改为：

host    all             all             0.0.0.0/0               password

表示 -h 指定主机时，必须使用密码登录。

8.3. 使用

8.3.1. 通过socket登录数据库

#切换到postgres用户
sudo su - postgres

#登陆数据库
psql

#直接登陆,不需要切换用户
sudo su - postgres -c psql

8.3.2. 连接指定主机

[postgres@archlinux ~]$ psql -h 127.0.0.1
Password for user postgres:
psql (15.4)
Type "help" for help.

postgres=#

8.3.3. 创建用户

create user foo with password 'password';

postgres=# create user foo with password 'password';
CREATE ROLE

8.3.4. 创建数据库

create database testdb owner foo;

postgres=# create database testdb owner foo;
CREATE DATABASE

8.3.5. 常用SQL

#创建用户
create user dbuser with password 'password';

#用户权限设置
grant all privileges on database db to dbuser;

#创建数据库
create database db;

create database db owner dbuser;

#重命名数据库
alter database db rename to newdb;

#创建新表
create table table_name(name varchar(20), signup_date date);

#插入数据
insert into table_name(name, signup_date) values('张三', '2013-12-22');

#查看记录
select * from table_name;

#更新数据
update table_name set name = '李四' where name = '张三';

#删除记录
delete from table_name where name = '李四' ;

#新增表字段
alter table table_name add email varchar(40);

#修改表字段
alter table table_name alter column signup_date set not null;

#重命名表字段
alter table table_name rename column signup_date to signup;

#删除表字段
alter table table_name drop column email;

#重命名表
alter table table_name rename to new_table_name;

#删除表
drop table if exists table_name;

9. MQTT

基于 CentOS Stream9

9.1. 安装

#EPEL镜像设置
yum -y install epel-release

#安装mqtt软件
yum install -y mosquitto

#设置开机启动
systemctl enable mosquitto

#启动mqtt服务
systemctl start mosquitto

#查看mqtt服务状态
systemctl status mosquitto

9.2. 使用

新开一个终端：

mosquitto_sub -h localhost -t test

回车后没有输出，是因为mosquitto_sub在等待消息的到来。

切换回另一个终端并发布一条消息：

mosquitto_pub -h localhost -t test -m "hello world"

参数说明

-h: 指定MQTT服务器的主机名
-t: 指定主题名
-m: 要发送的消息内容

10. Mongodb

基于 CentOS Stream9

10.1. 安装

10.1.1. 添加Mongodb仓库

cat <<EOF > /etc/yum.repos.d/mongodb-org-7.0.repo
[mongodb-org-7.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/7.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-7.0.asc
EOF

10.1.2. 安装Mongodb

yum install -y mongodb-org

您可以指定任何可用的 MongoDB 版本。但是，当有新版本可用时，yum 会升级软件包。为了防止意外升级，请固定封装。要固定软件包，请将以下排除指令添加到 /etc/yum.conf 文件中

exclude=mongodb-org,mongodb-org-database,mongodb-org-server,mongodb-mongosh,mongodb-org-mongos,mongodb-org-tools

10.2. 使用

10.2.1. 使用Mongodb

#设置Mongodb服务开机启动
systemctl enable mongod

#启动Mongodb服务
systemctl start mongod

#查看Mongodb服务状态
systemctl status mongod

#进入Mongodb客户端
mongosh

10.2.2. 常用命令

#显示您正在使用的数据库
db

#切换数据库(如果输入了一个不存在的数据库名，则创建一个新的)
use <dbname>

#增加数据
db.collectionname.insert( {x: 1} )

#删除数据(集合中的单个数据)
db.collectionname.remove( { x: 1 } )

#删除数据(整个集合的数据)
db.collectionname.drop()

#查询数据
db.collectionname.find()

#修改数据
db.collectionname.update({ x: 1},{$set:{ x: 4}})

11. Mysql主从复制

基于 CentOS Stream9

11.1. 安装必要软件

#EPEL镜像源
yum install -y epel-release

#建立缓存
yum makecache

#安装必要软件
yum install -y vim-enhanced yum-utils crudini

11.2. 安装配置Mysql

11.2.1. 新增MySQL官方Yum仓库

安装MySQL仓库

yum install -y https://dev.mysql.com/get/mysql80-community-release-el9-3.noarch.rpm

导入MySQL仓库公钥

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql*

默认禁用MySQL仓库

按需单独启用MySQL仓库

yum-config-manager --disable mysql-connectors-community | egrep '(\[mysql-connectors-community\])|enabled'
yum-config-manager --disable mysql-tools-community | egrep '(\[mysql-tools-community\])|enabled'
yum-config-manager --disable mysql80-community | egrep '(\[mysql80-community\])|enabled'

11.2.2. 安装MySQL软件包

yum --enablerepo=mysql80-community install -y mysql-community-server

11.2.3. 配置Mysql

设置MySQL数据目录

mkdir -p /data/mysql

crudini --set --existing /etc/my.cnf "mysqld" datadir /data/mysql

MySQL 8.0第一次启动，会初始化数据目录并设置权限

关闭MySQL X插件（端口33060）

echo mysqlx=0 >> /etc/my.cnf

允许外部访问MySQL运行端口（3306）

为方便开发者在内网测试或调试程序，对外开放MySQL端口

# MySQL监听系统所有IP，外部可连接3306
echo bind-address=0.0.0.0 >> /etc/my.cnf

11.2.4. 启动Mysql

开机启动MySQL

systemctl enable mysqld

启动Mysql服务

systemctl start mysqld

查看Mysql服务状态

systemctl status mysqld

终端输出

● mysqld.service - MySQL Server
   Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2023-01-17 12:52:17 CST; 4min 42s ago
     Docs: man:mysqld(8)
           http://dev.mysql.com/doc/refman/en/using-systemd.html
  Process: 22188 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
 Main PID: 22216 (mysqld)
   Status: "Server is operational"
   CGroup: /system.slice/mysqld.service
           └─22216 /usr/sbin/mysqld

Jan 17 12:52:09 lan_server systemd[1]: Starting MySQL Server...
Jan 17 12:52:17 lan_server systemd[1]: Started MySQL Server.

11.3. 配置Mysql主从

11.3.1. 环境准备

内网服务器(主)

主机名: mysql01
IP: 192.168.122.209
系统版本: CentOS Stream9

内网服务器(从)

主机名: mysql02
IP: 192.168.122.9
系统版本: CentOS Stream9

11.3.2. 基础配置

注意，这里的配置主从的mysql都需要进行操作。

登录mysql并修改密码

#获取Mysql临时密码
grep 'temporary password' /var/log/mysqld.log

#用获取到的临时密码进行登录
mysql -uroot -p'temporary password';

#修改Mysql密码
ALTER USER 'root'@'localhost' IDENTIFIED BY '121b33dAj934J1^Sj9ag';

#刷新配置
FLUSH PRIVILEGES;

11.3.3. 主Mysql配置

添加配置文件参数

vim /etc/my.cnf

#添加如下配置
[mysqld]
## 同一局域网内注意要唯一
server-id=100
## 开启二进制日志功能，可以随便取（关键）
log-bin=mysql-bin

#重启Mysql服务
systemctl restart mysqld

创建数据同步用户

#登录Mysql
mysql -uroot -p'121b33dAj934J1^Sj9ag';

#创建用户
CREATE USER 'slave'@'%' IDENTIFIED BY '@#$Rfg345634523rft4fa';

#给slave用户赋权
GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'slave'@'%';

#将密码规则修改为：mysql_native_password
ALTER USER 'slave'@'%' IDENTIFIED WITH mysql_native_password BY '@#$Rfg345634523rft4fa';

查看主Mysql状态

mysql> show master status;

控制台输出

mysql> show master status;
+------------------+----------+--------------+------------------+-------------------+
| File             | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
+------------------+----------+--------------+------------------+-------------------+
| mysql-bin.000001 |      996 |              |                  |                   |
+------------------+----------+--------------+------------------+-------------------+
1 row in set (0.00 sec)

请牢记此处的File和Position的字段，后续从连接主时需要使用！

11.3.4. 从Mysql配置

vim /etc/my.cnf

#添加如下配置
[mysqld]
## 设置server_id,注意要唯一
server-id=101
## 开启二进制日志功能，以备Slave作为其它Slave的Master时使用
log-bin=mysql-slave-bin
## relay_log配置中继日志
relay_log=edu-mysql-relay-bin

#重启Mysql服务
systemctl restart mysqld

连接主Mysql

#登录Mysql
mysql -uroot -p'121b33dAj934J1^Sj9ag';

#连接
change master to master_host='192.168.122.209', master_user='slave', master_password='@#$Rfg345634523rft4fa', master_port=3306, master_log_file='mysql-bin.000001', master_log_pos= 996, master_connect_retry=30;

参数说明

master_host: Master的地址
master_port: Master的端口号
master_user: 用于数据同步的用户
master_password: 用于同步的用户的密码
master_log_file: 指定 Slave 从哪个日志文件开始复制数据，即上文中提到的 File 字段的值
master_log_pos: 从哪个 Position 开始读，即上文中提到的 Position 字段的值
master_connect_retry: 如果连接失败，重试的时间间隔，单位是秒，默认是60秒

开启主从复制

>start slave

查看主从复制状态

show slave status \G;

SlaveIORunning 和 SlaveSQLRunning 都是Yes说明主从复制已经开启。

11.3.5. 拓展

主从同步指定数据库

方法一:Mysql主库二进制日志忽略部分库

#编辑my.cnf,在mysqld字段添加如下内容：
binlog-do-db=xxxx   二进制日志记录的数据库

binlog-ignore-db=xxxx 二进制日志中忽略数据库

#修改之后重启生效
service mysql restart

方法二:mysql从库不复制部分库

#编辑my.cnf，在mysqld字段添加如下内容：

replicate-do-db    设定需要复制的数据库

replicate-ignore-db 设定需要忽略的复制数据库

replicate-do-table  设定需要复制的表

replicate-ignore-table 设定需要忽略的复制表

replicate-wild-do-table 同replication-do-table功能一样，但是可以通配符

replicate-wild-ignore-table 同replication-ignore-table功能一样，但是可以加通配符

#修改后重启数据库生效
service mysql restart

主从同步所有库和表，在从mysql执行

STOP SLAVE SQL_THREAD; CHANGE REPLICATION FILTER REPLICATE_DO_DB = (); start SLAVE SQL_THREAD;

12. Kafka

基于 CentOS Stream9

12.1. 安装配置

12.1.1. 安装Java11

yum install -y java-11-openjdk java-11-openjdk-devel java-11-openjdk-headless

12.1.2. 安装Kafka

mkdir ~/downloads
cd ~/downloads

wget -c https://dlcdn.apache.org/kafka/3.5.0/kafka_2.13-3.5.0.tgz
tar -xzf kafka_2.13-3.5.0.tgz
cd kafka_2.13-3.5.0

12.1.3. 启动测试

两个启动操作均在同一台虚拟机，只是不同的终端。

启动Zookeeper

bin/zookeeper-server-start.sh config/zookeeper.properties

启动Kafka

bin/kafka-server-start.sh config/server.properties

这样便搭建好了基础的Kafka环境!

Topic

创建 Topic

bin/kafka-topics.sh --create --bootstrap-server localhost:9092 --replication-factor 1 --partitions 1 --topic test

查看 Topic 列表

bin/kafka-topics.sh --list --bootstrap-server localhost:9092

收发消息测试

启动生产者发送消息

# bin/kafka-console-producer.sh --broker-list localhost:9092 --topic test
This is a message
This is another message

启动消费者接收消息

# bin/kafka-console-consumer.sh --bootstrap-server localhost:9092 --topic test --from-beginning
This is a message
This is another message

12.1.4. 配置

修改Kafka配置文件

为了让其他内网机器也能使用虚拟机搭建好的Kafka，需要修改server配置文件。

vim ~/downloads/kafka_2.13-3.5.0/config/server.properties

#修改监听地址(虚拟机IP)
......
listeners=PLAINTEXT://your.host.name:9092
......

创建Zookeeper系统服务

cat <<EOF > /etc/systemd/system/zookeeper.service
[Unit]
Description=ZooKeeper Server
After=network.target

[Service]
User=root
ExecStart=/root/downloads/kafka_2.13-3.5.0/bin/zookeeper-server-start.sh /root/downloads/kafka_2.13-3.5.0/config/zookeeper.properties
WorkingDirectory=/root/downloads/kafka_2.13-3.5.0

[Install]
WantedBy=multi-user.target
EOF

创建Kafka系统服务

cat <<EOF > /etc/systemd/system/kafka.service
[Unit]
Description=Kafka Server
After=network.target

[Service]
User=root
ExecStart=/root/downloads/kafka_2.13-3.5.0/bin/kafka-server-start.sh /root/downloads/kafka_2.13-3.5.0/config/server.properties
WorkingDirectory=/root/downloads/kafka_2.13-3.5.0

[Install]
WantedBy=multi-user.target
EOF

启动服务

#设置开机启动
systemctl enable zookeeper

systemctl enable kafka

#启动服务
systemctl start zookeeper

systemctl start kafka

#查看服务状态
systemctl status zookeeper

systemctl status kafka

13. RabbitMQ

基于 CentOS Stream9

13.1. 安装配置

13.1.1. 安装

dnf -y install centos-release-rabbitmq-38

sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/CentOS-Messaging-rabbitmq.repo

dnf --enablerepo=centos-rabbitmq-38 -y install rabbitmq-server

systemctl enable --now rabbitmq-server

13.1.2. 防火墙配置

如果系统已经关闭了防火墙，那么这一步可以跳过

firewall-cmd --add-port=5672/tcp

firewall-cmd --runtime-to-permanent

13.2. 使用

13.2.1. 常用命令

添加用户

# rabbitmqctl add_user [user] [password]
rabbitmqctl add_user test geek

终端输出

# rabbitmqctl add_user test geek
Adding user "test" ...
Done. Don't forget to grant the user permissions to some virtual hosts! See 'rabbitmqctl help set_permissions' to learn more.

列出用户列表

rabbitmqctl list_users

终端输出

# rabbitmqctl list_users
Listing users ...
user	tags
test	[]
guest	[administrator]

修改用户密码

rabbitmqctl change_password test geek123

终端输出

# rabbitmqctl change_password test geek123
Changing password for user "test" ...

为用户授予管理员角色

rabbitmqctl set_user_tags test administrator

终端输出

# rabbitmqctl set_user_tags test administrator
Setting tags for user "test" to [administrator] ...

删除用户

rabbitmqctl delete_user test

终端输出

# rabbitmqctl delete_user test
Deleting user "test" ...

添加Virtualhost

# rabbitmqctl add_vhost [vhost]
rabbitmqctl add_vhost /test_vhost

终端输出

# rabbitmqctl add_vhost /test_vhost
Adding vhost "/test_vhost" ...

列出Virtualhost

rabbitmqctl list_vhosts

终端输出

# rabbitmqctl list_vhosts
Listing vhosts ...
name
/
/test_vhost

删除Virtualhost

rabbitmqctl delete_vhost /test_vhost

终端输出

# rabbitmqctl delete_vhost /test_vhost
Deleting vhost "/test_vhost" ...

向用户授予虚拟主机的权限

# rabbitmqctl set_permissions [-p vhost] [user] [permission ⇒ (modify) (write) (read)]

rabbitmqctl set_permissions -p /test_vhost test ".*" ".*" ".*"

查看Virsualhost权限

rabbitmqctl list_permissions -p /test_vhost

终端输出

# rabbitmqctl list_permissions -p /test_vhost
Listing permissions for vhost "/test_vhost" ...
user	configure	write	read
serverworld	.*	.*	.*

删除指定用户的权限

rabbitmqctl clear_permissions -p /test_vhost test

终端输出

# rabbitmqctl clear_permissions -p /test_vhost test
Clearing permissions for user "test" in vhost "/test_vhost" ...

14. Hadoop

基于 CentOS Stream9

14.1. 安装

14.1.1. 环境准备

内网服务器1
- 主机名:node01
- IP:192.168.122.209
- 系统版本:CentOS Stream9
内网服务器2
- 主机名:node02
- IP:192.168.122.210
- 系统版本:CentOS Stream9
内网服务器3
- 主机名:node03
- IP:192.168.122.211
- 系统版本:CentOS Stream9

14.1.2. 安装Java11

yum install -y java-11-openjdk java-11-openjdk-devel java-11-openjdk-headless

14.1.3. 安装hadoop

mkdir /opt/module
cd /opt/module
wget -c https://dlcdn.apache.org/hadoop/common/hadoop-3.3.6/hadoop-3.3.6.tar.gz

tar -zxvf hadoop-3.3.6.tar.gz
mv hadoop-3.3.6 hadoop

14.2. 配置

以下配置三台主机都需要执行！

14.2.1. 创建用户

创建用户

useradd hadoop

设置密码

passwd hadoop

终端输出

[root@node01 ~]# passwd hadoop
Changing password for user hadoop.
New password: #geek
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: #geek
passwd: all authentication tokens updated successfully.

配置用户权限

vim /etc/sudoers

#添加用户权限
......
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
hadoop  ALL=(ALL) ALL
......

#保存退出
wq!

使用用户

su hadoop

#赋予Hadoop⽤户/⽤户组权限
sudo chown -R hadoop:hadoop /opt/module/hadoop

14.2.2. 配置环境变量

创建配置⽂件

cat <<EOF > /etc/profile.d/dfs.sh
# Java
export JAVA_HOME=/usr/lib/jvm/java-11-openjdk
export PATH=$PATH:$JAVA_HOME/bin

# Hadoop
export HADOOP_HOME=/opt/module/hadoop
export PATH=$PATH:$HADOOP_HOME/bin:$HADOOP_HOME/sbin
EOF

使环境变量生效

source /etc/profile

14.2.3. 配置Hadoop

创建Hadoop工作目录

mkdir /var/hd_data

sudo chown -R hadoop:hadoop /var/hd_data

进入Hadoop主目录

cd $HADOOP_HOME/etc/hadoop

hadoop-env.sh

#54⾏
......
export JAVA_HOME=/usr/lib/jvm/java-11-openjdk
......

yarn-env.sh

#在尾部添加
export JAVA_HOME=/usr/lib/jvm/java-11-openjdk

core-site.xml

sudo vim core-site.xml

<configuration>
	<property>
  		<name>fs.defaultFS</name>
  		<value>hdfs://node01:9000</value>
 	</property>
 	<property>
  		<name>hadoop.tmp.dir</name>
  		<value>/var/hd_data</value>
 	</property>
</configuration>

hdfs-site.xml

sudo vim hdfs-site.xml

<configuration>
 	<property>
     		<name>dfs.replication</name>
     		<value>2</value>
 	</property>
 	<property>
     		<name>dfs.namenode.secondary.http-address</name>
     		<value>hdfs://node03:9868</value>
 	</property>
</configuration>

mapred-site.xml

sudo vim mapred-site.xml
<configuration>
  	<property>
  		<name>mapreduce.framework.name</name>
  		<value>yarn</value>
 	</property>
</configuration>

yarn-site.xml

sudo vim yarn-site.xml

<configuration>
<!-- Site specific YARN configuration properties -->
 	<property>
  		<name>yarn.nodemanager.aux-services</name>
	 	<value>mapreduce_shuffle</value>
 	</property>
 	<property>
  		<name>yarn.resourcemanager.hostname</name>
  		<value>node01</value>
 	</property>
</configuration>

workers

cat <<EOF > /opt/module/hadoop/etc/hadoop/workers
node01
node02
node03
EOF

添加hosts

192.168.122.209 node01
192.168.122.210 node02
192.168.122.211 node03

14.2.4. 配置无密码登陆

su hadoop

ssh-keygen -t rsa

ssh-copy-id node01
ssh-copy-id node02
ssh-copy-id node03

14.3. 启动

14.3.1. 启动hadoop

可在任意一台节点服务器执行

#切换用户
su hadoop

#格式化
hdfs namenode -format

#启动
start-dfs.sh

#停⽌
stop-dfs.sh

#查看本机标签
jps

Hadoop-web

192.168.122.209:9870

#或者添加本地域名解析后
node01:9870

14.4. 使用

14.4.1. 使用Hadoop

创建文件夹

hadoop fs -mkdir -p /hadoop

列出文件/目录

hadoop fs -ls /

终端输出

$ hadoop fs -ls /
Found 1 items
drwxr-xr-x   - hadoop supergroup          0 2023-10-18 18:36 /hadoop

上传文件

touch test.txt

hadoop fs -put ~/test.txt /hadoop

下载文件

hadoop fs -get /hadoop/test.txt ~/test2.txt

删除文件

hadoop fs -rm /hadoop/test.txt

终端输出

$ hadoop fs -rm /hadoop/test.txt
Deleted /hadoop/test.txt

删除目录

hadoop fs -rm -r /hadoop

终端输出

$ hadoop fs -rm -r /hadoop
Deleted /hadoop

15. ElasticStack

基于 CentOS Stream9

15.1. CentOS9+ELK环境搭建

15.1.1. 增加YUM源

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

cat > /etc/yum.repos.d/elasticsearch.repo <<EOF
[elasticsearch-8.x]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
EOF

15.1.2. Elasicsearch

安装Elasticsearch

yum install -y elasticsearch

终端输出

--------------------------- Security autoconfiguration information ------------------------------

Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : xoE6pUsBmSEZlt3ztZj7

If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.

You can complete the following actions at any time:

Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.

Generate an enrollment token for Kibana instances with
 '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.

Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.

-------------------------------------------------------------------------------------------------
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
 sudo systemctl start elasticsearch.service

/usr/lib/tmpfiles.d/elasticsearch.conf:1: Line references path below legacy directory /var/run/, updating /var/run/elasticsearch → /run/elasticsearch; please update the tmpfiles.d/ drop-in file accordingly.

  Verifying        : elasticsearch-8.10.4-1.x86_64                                                                                                                                        1/1

Installed:
  elasticsearch-8.10.4-1.x86_64

Complete!

请注意保存安装过程中生成的随机密码！！！

配置Elasticsearch

vim /etc/elasticsearch/elasticsearch.yml

......
cluster.name: myapp
node.name: ${HOSTNAME}
network.host: 0.0.0.0
......

启动Elasticsearch

systemctl enable --now elasticsearch

15.1.3. Kibana

yum install -y kibana

为kibana生成token

/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana

终端输出

[root@node01 ~]# /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana
eyJ2ZXIiOiI4LjEwLjQiLCJhZHIiOlsiMTkyLjE2OC4xMjIuMjA4OjkyMDAiXSwiZmdyIjoiOTE0MmU5NDc4NTc2YWViNmZlMzcwNzNlMDliYjFlYTliMWUwZGVhYzY1OTdlZDI1ZTA0M2RlZDc3MjQwM2ZkZCIsImtleSI6IldzWXVjSXNCZzdFazJYSmU5Um5COjdncXp2alppUVpPUjFYb1IzUWVuMUEifQ==

通过token初始化kibana

/usr/share/kibana/bin/kibana-setup --enrollment-token <token>

终端输出

[root@node01 ~]# /usr/share/kibana/bin/kibana-setup --enrollment-token eyJ2ZXIiOiI4LjEwLjQiLCJhZHIiOlsiMTkyLjE2OC4xMjIuMjA4OjkyMDAiXSwiZmdyIjoiOTE0MmU5NDc4NTc2YWViNmZlMzcwNzNlMDliYjFlYTliMWUwZGVhYzY1OTdlZDI1ZTA0M2RlZDc3MjQwM2ZkZCIsImtleSI6IldzWXVjSXNCZzdFazJYSmU5Um5COjdncXp2alppUVpPUjFYb1IzUWVuMUEifQ==

✔ Kibana configured successfully.

To start Kibana run:
  bin/kibana

配置kibana

vim /etc/kibana/kibana.yml

#在配置文件中修改相关项
server.host: "0.0.0.0"
server.publicBaseUrl: "http://node01:5601/"
server.name: "node01"

......
# This section was automatically generated during setup.
elasticsearch.hosts: ['http://192.168.122.69:9200']
elasticsearch.serviceAccountToken: AAEAAWVsYXN0aWMva2liYW5hL2Vucm9sbC1wcm9jZXNzLXRva2VuLTE2OTg3MTgyNTY1ODU6d3BQREZPVnRSRHVsWWZBX2hUMVBLUQ
elasticsearch.ssl.certificateAuthorities: [/var/lib/kibana/ca_1698718257998.crt]
xpack.fleet.outputs: [{id: fleet-default-output, name: default, is_default: true, is_default_monitoring: true, type: elasticsearch, hosts: ['http://192.168.122.69:9200'], ca_trusted_fingerprint: 34a3598e22f7822e5f63015e05dfc1d0c0cddf9f08ccaab623f0f44717329624}]

启动kibana

systemctl enable --now kibana

访问

使用安装Elasticsearch时生成的随机密码登陆 http://192.168.122.208:5601/