Kibana User Guide [4.2] » Using Kibana in a Production Environment
2015-11-23 20:00
253 查看
Using Kibana in a Production Environment
在生成环境使用Kibana
Configuring
Kibana to Work with Shield
Enabling
SSL
Controlling
access
Load
Balancing Across Multiple Elasticsearch Nodes
Kibana
Reference:
master4.2 (current)
4.14.0
3.0
Introduction
Getting
Kibana Up and Running
Getting
Started with Kibana
Kibana
Plugins
Accessing
Kibana
Discover
Visualize
Dashboard
Settings
Using
Kibana in a Production Environment
Kibana
4.2 Release Notes
Configuring
Kibana to Work with Shield 配置Kibana在保护下工作
Enabling
SSL 使SSL工作
Controlling
Access 控制入口
Load
Balancing Across Multiple Elasticsearch Nodes 在多ES节点间加载平衡
How you deploy Kibana largely depends on your use case. If you are the only user, you can run Kibana on your local machine and configure it to point to whatever Elasticsearch instance you want to interact with. Conversely, if you have a large number of heavy
Kibana users, you might need to load balance across multiple Kibana instances that are all connected to the same Elasticsearch instance.
你怎么使用Kibana很大程度上依赖你的应用案例。如果你是唯一的一个用户,你可以在本地机器上运行Kibana,配置它和和ES例子协同即可。相反的,如果你有很多用户,你应该考虑众多连接到ES例子上的Kibana例子间的平衡。
While Kibana isn’t terribly resource intensive, we still recommend running Kibana separate from your Elasticsearch data or master nodes. To distribute Kibana traffic across the nodes in your Elasticsearch cluster, you can run Kibana and an Elasticsearch client
node on the same machine. For more information, see Load
Balancing Across Multiple Elasticsearch Nodes.
当Kibana不需要增强资源时,我们仍然推荐运行Kibana时,和ES节点或主节点分开。为了分配ES簇节点间的Kibana链路,你可以在同一台机器上运行Kibana和一个ES请求节点。关于更多信息,查看:Load
Balancing Across Multiple Elasticsearch Nodes。
If you are using Shield to authenticate Elasticsearch users, you need to provide the Kibana server with credentials so it can access the
and monitor the cluster.
如果你在使用Shield来证实ES用户,你需要给Kibana服务器提供信任说明,让它能够接受.kibana索引并监视集群。
To configure credentials for the Kibana server: 为Kibana服务器配置信任说明
Assign the
to a user in Shield. For more information, see Configuring
a Role for the Kibana 4 Server in the Shield documentation. 在Shield中,把
a Role for the Kibana 4 Server。
Set the
in
specify the credentials of the user you assigned the
在kibana.yml中,设置kibana_elasticsearch_username和kibana_elasticsearch_password特性,来指定你在kibana4_server角色中分派的用户信任说明。
Kibana 4 users also need access to the
so they can save and load searches, visualizations, and dashboards. For more information, see Configuring
Roles for Kibana 4 Users in the Shield documentation.
Kibana 4 用户也需要访问.kibana索引,所以他们可以保存和加载搜索、可视化和仪表盘。关于更多信息,可以查看Shield文档中的Configuring
Roles for Kibana 4 Users。
See Kibana
and Elasticsearch Dynamic Mapping for important information on Kibana and the dynamic mapping feature in Elasticsearch.
关于Kibana的重要信息和ES动态映射特性,可以查看:Kibana
and Elasticsearch Dynamic Mapping。
Kibana supports SSL encryption for both client requests and the requests the Kibana server sends to Elasticsearch.
Kibana支持SSL加密,包括客户端请求和Kibana发送给ES的请求。
To encrypt communications between the browser and the Kibana server, you configure the
in
为了加密浏览器和Kibana服务器的通信,你可以配置kibana.yml中ssl_key_file的和ssl_cert_file。
If you are using Shield or a proxy that provides an HTTPS endpoint for Elasticsearch, you can configure Kibana to access Elasticsearch via HTTPS so communications between the Kibana server and Elasticsearch are encrypted.
如果你在使用Shield或代理给ES提供HTTPS终点,你可以通过HTTPS配置Kibana来访问ES,以至于Kibana和ES之间的通信是加密的。
To do this, you specify the HTTPS protocol when you configure the Elasticsearch URL in
为了做这个,当你配置kibana.yml中的ES的URL时,你要指定HTTPS协议:
If you are using a self-signed certificate for Elasticsearch, set the
in
specify the location of the PEM file. Setting the
lets you leave the
enabled.
如果你在为ES使用自己签名的正说,在kibana.yml中设置ca特权,来确认PEM文件的位置。设置ca权限,让你能够激活verify_ssl选择权。
You can use Elasticsearch
Shield (Shield) to control what Elasticsearch data users can access through Kibana. Shield provides index-level access control. If a user isn’t authorized to run the query that populates a Kibana visualization, the user just sees an empty visualization.
你可以使用Elasticsearch
Shield 控制使用者通过Kibana访问的ES数据。Shield提供了索引层面的访问控制。如果一个用户未经授权,而想访问Kibana可视化结果,那么他看到的将是空的可视化。
To configure access to Kibana using Shield, you create Shield roles for Kibana using the
role as a starting point. For more information, see Using
Kibana 4 with Shield.
为了配置使用Shield对Kibana 的访问,你可以在启动端,使用Kibana4默认角色,为Kibana创建Shield角色。关于更多信息,参考:Using
Kibana 4 with Shield。
If you have multiple nodes in your Elasticsearch cluster, the easiest way to distribute Kibana requests across the nodes is to run an Elasticsearch client node
on the same machine as Kibana. Elasticsearch client nodes are essentially smart load balancers that are part of the cluster. They process incoming HTTP requests, redirect operations to the other nodes in the cluster as needed, and gather and return the results.
For more information, see Node in
the Elasticsearch reference.
如果你的ES集群中有多个节点,在节点间,最简单分配Kibana请求的方式,是在同样的机器上,作为Kibana,运行一个ES客户端节点。ES客户端节点本质上是只能加载平衡,是集群的一部分。他们处理进来的HTTP请求,重定向到其他节点的操作是集群需要的,还要收集和返回结果。关于更多信息,可以参考ES指导中的Node。
To use a local client node to load balance Kibana requests:
使用本地请求节点来加载Kibana请求:
Install Elasticsearch on the same machine as Kibana. 在Kibana同名机器上安装Kibana。
Configure the node as a client node. In
set both
配置节点成为请求节点。在elasticsearch.yml中,把node.data和node.master设置成false。
Configure the client node to join your Elasticsearch cluster. In
set the
the name of your cluster. 配置请求节点,来加入你的ES集群。在elasticsearch.yml中,设置luster.name成你集群的名字。
Make sure Kibana is configured to point to your local client node. In
the
be set to
确保Kibana配置指向你本地客户端节点。在kibana.yml中,
备注:
材料来自elastic官网。
原文地址:
https://www.elastic.co/guide/en/kibana/current/production.html
在生成环境使用Kibana
Using Kibana in a Production Environment
On this page
ConfiguringKibana to Work with Shield
Enabling
SSL
Controlling
access
Load
Balancing Across Multiple Elasticsearch Nodes
Kibana
Reference:
master4.2 (current)
4.14.0
3.0
Introduction
Getting
Kibana Up and Running
Getting
Started with Kibana
Kibana
Plugins
Accessing
Kibana
Discover
Visualize
Dashboard
Settings
Using
Kibana in a Production Environment
Kibana
4.2 Release Notes
Configuring
Kibana to Work with Shield 配置Kibana在保护下工作
Enabling
SSL 使SSL工作
Controlling
Access 控制入口
Load
Balancing Across Multiple Elasticsearch Nodes 在多ES节点间加载平衡
How you deploy Kibana largely depends on your use case. If you are the only user, you can run Kibana on your local machine and configure it to point to whatever Elasticsearch instance you want to interact with. Conversely, if you have a large number of heavy
Kibana users, you might need to load balance across multiple Kibana instances that are all connected to the same Elasticsearch instance.
你怎么使用Kibana很大程度上依赖你的应用案例。如果你是唯一的一个用户,你可以在本地机器上运行Kibana,配置它和和ES例子协同即可。相反的,如果你有很多用户,你应该考虑众多连接到ES例子上的Kibana例子间的平衡。
While Kibana isn’t terribly resource intensive, we still recommend running Kibana separate from your Elasticsearch data or master nodes. To distribute Kibana traffic across the nodes in your Elasticsearch cluster, you can run Kibana and an Elasticsearch client
node on the same machine. For more information, see Load
Balancing Across Multiple Elasticsearch Nodes.
当Kibana不需要增强资源时,我们仍然推荐运行Kibana时,和ES节点或主节点分开。为了分配ES簇节点间的Kibana链路,你可以在同一台机器上运行Kibana和一个ES请求节点。关于更多信息,查看:Load
Balancing Across Multiple Elasticsearch Nodes。
Configuring
Kibana to Work with Shield 配置Kibana在保护下工作
If you are using Shield to authenticate Elasticsearch users, you need to provide the Kibana server with credentials so it can access the .kibanaindex
and monitor the cluster.
如果你在使用Shield来证实ES用户,你需要给Kibana服务器提供信任说明,让它能够接受.kibana索引并监视集群。
To configure credentials for the Kibana server: 为Kibana服务器配置信任说明
Assign the
kibana4_serverrole
to a user in Shield. For more information, see Configuring
a Role for the Kibana 4 Server in the Shield documentation. 在Shield中,把
kibana4_server角色设定为用户。关于更多信息,查看Shield文档中的:Configuring
a Role for the Kibana 4 Server。
Set the
kibana_elasticsearch_usernameand
kibana_elasticsearch_passwordproperties
in
kibana.ymlto
specify the credentials of the user you assigned the
kibana4_serverrole:
在kibana.yml中,设置kibana_elasticsearch_username和kibana_elasticsearch_password特性,来指定你在kibana4_server角色中分派的用户信任说明。
kibana_elasticsearch_username: kibana4-user kibana_elasticsearch_password: kibana4-password
Kibana 4 users also need access to the
.kibanaindex
so they can save and load searches, visualizations, and dashboards. For more information, see Configuring
Roles for Kibana 4 Users in the Shield documentation.
Kibana 4 用户也需要访问.kibana索引,所以他们可以保存和加载搜索、可视化和仪表盘。关于更多信息,可以查看Shield文档中的Configuring
Roles for Kibana 4 Users。
See Kibana
and Elasticsearch Dynamic Mapping for important information on Kibana and the dynamic mapping feature in Elasticsearch.
关于Kibana的重要信息和ES动态映射特性,可以查看:Kibana
and Elasticsearch Dynamic Mapping。
Enabling
SSL 使SSL工作
Kibana supports SSL encryption for both client requests and the requests the Kibana server sends to Elasticsearch.Kibana支持SSL加密,包括客户端请求和Kibana发送给ES的请求。
To encrypt communications between the browser and the Kibana server, you configure the
ssl_key_fileand
ssl_cert_fileproperties
in
kibana.yml:
为了加密浏览器和Kibana服务器的通信,你可以配置kibana.yml中ssl_key_file的和ssl_cert_file。
# SSL for outgoing requests from the Kibana Server (PEM formatted) server.ssl.key: /path/to/your/server.key server.ssl.cert: /path/to/your/server.crt
If you are using Shield or a proxy that provides an HTTPS endpoint for Elasticsearch, you can configure Kibana to access Elasticsearch via HTTPS so communications between the Kibana server and Elasticsearch are encrypted.
如果你在使用Shield或代理给ES提供HTTPS终点,你可以通过HTTPS配置Kibana来访问ES,以至于Kibana和ES之间的通信是加密的。
To do this, you specify the HTTPS protocol when you configure the Elasticsearch URL in
kibana.yml:
为了做这个,当你配置kibana.yml中的ES的URL时,你要指定HTTPS协议:
elasticsearch: "https://<your_elasticsearch_host>.com:9200"
If you are using a self-signed certificate for Elasticsearch, set the
caproperty
in
kibana.ymlto
specify the location of the PEM file. Setting the
caproperty
lets you leave the
verify_ssloption
enabled.
如果你在为ES使用自己签名的正说,在kibana.yml中设置ca特权,来确认PEM文件的位置。设置ca权限,让你能够激活verify_ssl选择权。
# If you need to provide a CA certificate for your Elasticsearch instance, put # the path of the pem file here. ca: /path/to/your/ca/cacert.pem
Controlling
access 控制入口(访问)
You can use ElasticsearchShield (Shield) to control what Elasticsearch data users can access through Kibana. Shield provides index-level access control. If a user isn’t authorized to run the query that populates a Kibana visualization, the user just sees an empty visualization.
你可以使用Elasticsearch
Shield 控制使用者通过Kibana访问的ES数据。Shield提供了索引层面的访问控制。如果一个用户未经授权,而想访问Kibana可视化结果,那么他看到的将是空的可视化。
To configure access to Kibana using Shield, you create Shield roles for Kibana using the
kibana4default
role as a starting point. For more information, see Using
Kibana 4 with Shield.
为了配置使用Shield对Kibana 的访问,你可以在启动端,使用Kibana4默认角色,为Kibana创建Shield角色。关于更多信息,参考:Using
Kibana 4 with Shield。
Load
Balancing Across Multiple Elasticsearch Nodes 在多ES节点间加载平衡
If you have multiple nodes in your Elasticsearch cluster, the easiest way to distribute Kibana requests across the nodes is to run an Elasticsearch client nodeon the same machine as Kibana. Elasticsearch client nodes are essentially smart load balancers that are part of the cluster. They process incoming HTTP requests, redirect operations to the other nodes in the cluster as needed, and gather and return the results.
For more information, see Node in
the Elasticsearch reference.
如果你的ES集群中有多个节点,在节点间,最简单分配Kibana请求的方式,是在同样的机器上,作为Kibana,运行一个ES客户端节点。ES客户端节点本质上是只能加载平衡,是集群的一部分。他们处理进来的HTTP请求,重定向到其他节点的操作是集群需要的,还要收集和返回结果。关于更多信息,可以参考ES指导中的Node。
To use a local client node to load balance Kibana requests:
使用本地请求节点来加载Kibana请求:
Install Elasticsearch on the same machine as Kibana. 在Kibana同名机器上安装Kibana。
Configure the node as a client node. In
elasticsearch.yml,
set both
node.dataand
node.masterto
false:
配置节点成为请求节点。在elasticsearch.yml中,把node.data和node.master设置成false。
# 3. You want this node to be neither master nor data node, but # to act as a "search load balancer" (fetching data from nodes, # aggregating results, etc.) # node.master: false node.data: false
Configure the client node to join your Elasticsearch cluster. In
elasticsearch.yml,
set the
cluster.nameto
the name of your cluster. 配置请求节点,来加入你的ES集群。在elasticsearch.yml中,设置luster.name成你集群的名字。
cluster.name: "my_cluster"
Make sure Kibana is configured to point to your local client node. In
kibana.yml,
the
elasticsearch_urlshould
be set to
localhost:9200.
确保Kibana配置指向你本地客户端节点。在kibana.yml中,
elasticsearch_url应该被设置成localhost:9200。
# The Elasticsearch instance to use for all your queries. elasticsearch_url: "http://localhost:9200"
备注:
材料来自elastic官网。
原文地址:
https://www.elastic.co/guide/en/kibana/current/production.html
相关文章推荐
- [转]Bluetooth LE Credit-Based Flow Control for L2CAP Connection-Oriented Channels
- easyui 合并
- suibi
- [TwistedFate]UITableView表视图编辑,移动
- codeforces 597C Subsequences
- Github gui使用
- UIAlertView
- UINavigationController总结
- easyUI 验证
- UIViewController的生命周期及iOS程序执行顺序
- CYC-关于UIImagePickerController
- Easyui datagrid editor为combobox时指定数据源
- 百度编辑器 多图片批量上传 顺序混乱问题 ueditor
- EasyUI----DataGrid行明细增删改操作
- reason: 'could not dequeue a view of kind: UICollectionElementKindCell with identifier cellIdentifie
- Kibana User Guide [4.2] » Settings » Setting Kibana Server Properties
- [LeetCode] Range Sum Query - Mutable
- iOS-UIImage 互转 UIColor
- 二十六天( UI开始)
- iOS 【UIKit-UIPickerView】