我尝试在Oracle Cloud Infrastructure(OCI)上安装了Graylog 3.0
首先
由于在Oracle Cloud Infrastructure (OCI) 的Compute上安装了Graylog 3.0,因此我将其作为备忘录进行记录。
必须的任务 de
要搭建Graylog,需要完成以下工作:
1. 操作系统安装
2. 安装Java
3. 安装MongoDB
4. 安装Elasticsearch
5. 安装Graylog
6. 安装NGINX
建设的执行
为了使用Oracle Cloud Infrastructure(OCI),操作系统将使用Oracle Linux。
因此,我们将参考CentOS的安装手册来进行操作。
1. 操作系统建设
我创建了Oracle Cloud Infrastructure (OCI)的计算资源。(详细信息不在此列举)
以下简要说明我创建的内容。
-
- Oracle Linux7.6を使用
-
- PublicのSubnetに配置
-
- セキュリティは0.0.0.0/0とガバガバ(特に今回は構築の検証のため)
- Compute上のFirewalldも停止(デフォルトでは有効のため無効にした)
2. 安装Java
需要Java 1.8的模样。特别是在初始配置时,因为操作系统中没有安装Java,按照手册进行操作。
[opc@graylog ~]$ sudo yum install java-1.8.0-openjdk-headless.x86_64
【一部省略】
========================================================================================================================
Package Arch Version Repository Size
========================================================================================================================
Installing:
java-1.8.0-openjdk-headless x86_64 1:1.8.0.201.b09-2.el7_6 ol7_latest 32 M
Installing for dependencies:
avahi-libs x86_64 0.6.31-19.el7 ol7_latest 61 k
copy-jdk-configs noarch 3.3-10.el7_5 ol7_latest 21 k
cups-libs x86_64 1:1.6.3-35.el7 ol7_latest 357 k
javapackages-tools noarch 3.4.1-11.el7 ol7_latest 72 k
libjpeg-turbo x86_64 1.2.90-6.el7 ol7_latest 134 k
libxslt x86_64 1.1.28-5.0.1.el7 ol7_latest 241 k
lksctp-tools x86_64 1.0.17-2.el7 ol7_latest 87 k
pcsc-lite-libs x86_64 1.8.8-8.el7 ol7_latest 34 k
python-javapackages noarch 3.4.1-11.el7 ol7_latest 31 k
python-lxml x86_64 3.2.1-4.el7 ol7_latest 758 k
tzdata-java noarch 2018i-1.el7 ol7_latest 187 k
Transaction Summary
========================================================================================================================
Install 1 Package (+11 Dependent packages)
Total download size: 34 M
Installed size: 109 M
Is this ok [y/d/N]: y
【一部省略】
Installed:
java-1.8.0-openjdk-headless.x86_64 1:1.8.0.201.b09-2.el7_6
Dependency Installed:
avahi-libs.x86_64 0:0.6.31-19.el7 copy-jdk-configs.noarch 0:3.3-10.el7_5
cups-libs.x86_64 1:1.6.3-35.el7 javapackages-tools.noarch 0:3.4.1-11.el7
libjpeg-turbo.x86_64 0:1.2.90-6.el7 libxslt.x86_64 0:1.1.28-5.0.1.el7
lksctp-tools.x86_64 0:1.0.17-2.el7 pcsc-lite-libs.x86_64 0:1.8.8-8.el7
python-javapackages.noarch 0:3.4.1-11.el7 python-lxml.x86_64 0:3.2.1-4.el7
tzdata-java.noarch 0:2018i-1.el7
Complete!
[opc@graylog ~]$
3. 安装MongoDB
暂时先按照Graylog手册的指示进行安装尝试。
[opc@graylog ~]$ sudo vi /etc/yum.repos.d/mongodb-org-4.0.repo
【以下を記載】
[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
【ここまで】
[opc@graylog ~]$ sudo yum install mongodb-org
【一部省略】
========================================================================================================================
Package Arch Version Repository Size
========================================================================================================================
Installing:
mongodb-org x86_64 4.0.6-1.el7 mongodb-org-4.0 5.8 k
Installing for dependencies:
mongodb-org-mongos x86_64 4.0.6-1.el7 mongodb-org-4.0 12 M
mongodb-org-server x86_64 4.0.6-1.el7 mongodb-org-4.0 21 M
mongodb-org-shell x86_64 4.0.6-1.el7 mongodb-org-4.0 13 M
mongodb-org-tools x86_64 4.0.6-1.el7 mongodb-org-4.0 32 M
Transaction Summary
========================================================================================================================
Install 1 Package (+4 Dependent packages)
Total download size: 79 M
Installed size: 243 M
Is this ok [y/d/N]: y
【一部省略】
Installed:
mongodb-org.x86_64 0:4.0.6-1.el7
Dependency Installed:
mongodb-org-mongos.x86_64 0:4.0.6-1.el7 mongodb-org-server.x86_64 0:4.0.6-1.el7
mongodb-org-shell.x86_64 0:4.0.6-1.el7 mongodb-org-tools.x86_64 0:4.0.6-1.el7
Complete!
[opc@graylog ~]$
[opc@graylog ~]$ sudo systemctl daemon-reload
[opc@graylog ~]$ sudo systemctl enable mongod.service
[opc@graylog ~]$ sudo systemctl start mongod.service
[opc@graylog ~]$
4. 安装 Elasticsearch
按照手冊的步驟進行安裝。
[opc@graylog ~]$ sudo vi /etc/yum.repos.d/elasticsearch.repo
【以下を記載】
[elasticsearch-6.x]
name=Elasticsearch repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/oss-6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
【ここまで】
[opc@graylog ~]$ sudo yum install elasticsearch-oss
【一部省略】
========================================================================================================================
Package Arch Version Repository Size
========================================================================================================================
Installing:
elasticsearch-oss noarch 6.6.2-1 elasticsearch-6.x 33 M
Transaction Summary
========================================================================================================================
Install 1 Package
Total download size: 33 M
Installed size: 37 M
Is this ok [y/d/N]: y
【一部省略】
Installed:
elasticsearch-oss.noarch 0:6.6.2-1
Complete!
[opc@graylog ~]$
[opc@graylog ~]$ sudo vi /etc/elasticsearch/elasticsearch.yml
【以下の項目を修正または追記】
cluster.name: graylog
action.auto_create_index: false
【ここまで】
[opc@graylog ~]$ sudo systemctl daemon-reload
[opc@graylog ~]$ sudo systemctl enable elasticsearch.service
Created symlink from /etc/systemd/system/multi-user.target.wants/elasticsearch.service to /usr/lib/systemd/system/elasticsearch.service.
[opc@graylog ~]$ sudo systemctl restart elasticsearch.service
[opc@graylog ~]$
5. 进行Graylog安装
按照手册的说明进行安装。
[opc@graylog ~]$ sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-3.0-repository_latest.rpm
Retrieving https://packages.graylog2.org/repo/packages/graylog-3.0-repository_latest.rpm
Preparing... ################################# [100%]
Updating / installing...
1:graylog-3.0-repository-1-6 ################################# [100%]
[opc@graylog ~]$
[opc@graylog ~]$ sudo yum install graylog-server
【一部省略】
========================================================================================================================
Package Arch Version Repository Size
========================================================================================================================
Installing:
graylog-server noarch 3.0.0-12 graylog 105 M
Transaction Summary
========================================================================================================================
Install 1 Package
Total download size: 105 M
Installed size: 105 M
Is this ok [y/d/N]: y
【一部省略】
Installed:
graylog-server.noarch 0:3.0.0-12
Complete!
[opc@graylog ~]$
[opc@graylog ~]$ pwgen -N 1 -s 96
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[opc@graylog ~]$
[opc@graylog ~]$ sudo vi /etc/graylog/server/server.conf
【以下を修正】
password_secret = = さっきの上で作成した内容を記載
【ここまで】
[opc@graylog ~]$
[opc@graylog ~]$ echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1
Enter Password: ログイン用パスワードを入力
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[opc@graylog ~]$
[opc@graylog ~]$ sudo vi /etc/graylog/server/server.conf
【以下を修正】
root_password_sha2 = さっきの上で作成した内容を記載
【ここまで】
[opc@graylog ~]$
[opc@graylog ~]$ sudo systemctl daemon-reload
[opc@graylog ~]$ sudo systemctl enable graylog-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/graylog-server.service to /usr/lib/systemd/system/graylog-server.service.
[opc@graylog ~]$ sudo systemctl start graylog-server.service
[opc@graylog ~]$
6. 安装NGINX
为了不使用LB等工具,必须先进行代理设置,因此需要准备一个Web服务器。
[opc@graylog ~]$ sudo vi /etc/yum.repos.d/nginx.repo
【以下を追記】
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1
【ここまで】
[opc@graylog ~]$
[opc@graylog ~]$ sudo yum install nginx
【省略】
==============================================================================================================================================================================================================
Package Arch Version Repository Size
==============================================================================================================================================================================================================
Installing:
nginx x86_64 1:1.15.9-1.el7_4.ngx nginx 765 k
Transaction Summary
==============================================================================================================================================================================================================
Install 1 Package
Total download size: 765 k
Installed size: 2.7 M
Is this ok [y/d/N]: y
【省略】
Installed:
nginx.x86_64 1:1.15.9-1.el7_4.ngx
Complete!
[opc@graylog ~]$
[opc@graylog ~]$ sudo systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[opc@graylog ~]$ sudo systemctl start nginx
一旦完成这些步骤,就能够通过公共IP访问NGINX的欢迎页面。
之后,需要进行反向代理的设置。
[opc@graylog ~]$ sudo vi /etc/nginx/conf.d/graylog.conf
【以下を追記】
server
{
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name ホスト名またはIPアドレス;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL http://$server_name/;
proxy_pass http://127.0.0.1:9000;
}
}
【ここまで】
[opc@graylog ~]$
[opc@graylog ~]$ sudo systemctl restart nginx
[opc@graylog ~]$
基本的安装操作已经完成。
确认图像
今后,我们希望确认日志设置等事项。
