Elasticsearch 三板斧之 Elasticsearch 安装

Elasticsearch 一切为了搜索

1.软件环境：

Centos7.9

3 台虚拟机，8 CPU, 16GB 内存。

主机地址： 10.10.1.1 10.10.1.2 10.10.1.3

2.JDK 安装

elasticsearch-7.x 自带 jdk12 无需安装

3. 下载地址

https://www.elastic.co/cn/downloads/

下载最新版本7.14安装包， elasticsearch-7.14.0-linux-x86_64.tar

4. 配置 hosts 文件

vim /etc/hosts

10.10.1.1 xszkygl1
10.10.1.2 xszkygl2
10.10.1.3 xszkygl3

5. 创建用户

useradd es
passwd es

注意：Elasticsearch 是无法通过 root 启动， 所以需要单独创建用户。

6. 解压安装

以 es 用户登录， 上传安装文件， 开始安装。

tar -zxvf elasticsearch-7.14.0-linux-x86_64.tar.gz -C /home/es
mv elasticsearch-7.14.0 es7.14
cd /home/es/es7.14
mkdir data

7. 配置Elasticsearch

7.1 主节点配置

cd /home/es/es7.14/config
vim elasticsearch.yml
cluster.name: kygl
path.data: /home/es/es7.14/data
path.logs: /home/es/es7.14/logs
network.host: 10.10.1.1
http.port: 9200
discovery.seed_hosts: ["xszkygl1", "xszkygl2", "xszkygl3"]
cluster.initial_master_nodes: ["xszkygl1","xszkygl2","xszkygl3"]
node.name: xszkygl1
transport.tcp.port: 9300
node.ingest: false
node.ml: false
cluster.remote.connect: false
http.cors.enabled: true
http.cors.allow-origin: "*"
node.master: true
node.data: false
node.master: true
node.data: false
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.ml.enabled: false
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.kygl
xpack.security.transport.ssl.truststore.path: elastic-certificates.kygl

7.2 节点2 配置

cd /home/es/es7.14/config
vim elasticsearch.yml
cluster.name: kygl
path.data: /home/es/es7.14/data
path.logs: /home/es/es7.14/logs
network.host: 10.10.1.2
http.port: 9200
discovery.seed_hosts: ["xszkygl1", "xszkygl2", "xszkygl3"]
cluster.initial_master_nodes: ["xszkygl1","xszkygl2","xszkygl3"]
node.name: xszkygl2
transport.tcp.port: 9300
node.ingest: false
node.ml: false
cluster.remote.connect: false
http.cors.enabled: true
http.cors.allow-origin: "*"
node.master: true
node.data: false
node.master: false
node.data: true
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.ml.enabled: false
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.kygl
xpack.security.transport.ssl.truststore.path: elastic-certificates.kygl

7.3 节点3 配置

cd /home/es/es7.14/config
vim elasticsearch.yml
cluster.name: kygl
path.data: /home/es/es7.14/data
path.logs: /home/es/es7.14/logs
network.host: 10.10.1.3
http.port: 9200
discovery.seed_hosts: ["xszkygl1", "xszkygl2", "xszkygl3"]
cluster.initial_master_nodes: ["xszkygl1","xszkygl2","xszkygl3"]
node.name: xszkygl3
transport.tcp.port: 9300
node.ingest: false
node.ml: false
cluster.remote.connect: false
http.cors.enabled: true
http.cors.allow-origin: "*"
node.master: true
node.data: false
node.master: false
node.data: true
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.ml.enabled: false
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.kygl
xpack.security.transport.ssl.truststore.path: elastic-certificates.kygl

注意：配置文件 elasticsearch.yml 格式可能有问题， 比如冒号后面要有空格，前面不能有空格等！

8. 创建 Elasticsearch 用户

8.1 生成证书（任一节点）

cd /home/es/es7.14/bin
./elasticsearch-certutil ca

Please enter the desired output file [elastic-stack-ca.p12]: 
Enter password for elastic-stack-ca.p12 :

第一步：-1>回车

第二步：-2>输入证书的密码：password123

生成 CA 文件： /home/es/es7.14/elastic-stack-ca.p12

8.2 生成秘钥文件

cd /home/es/es7.14/bin
./elasticsearch-certutil cert --ca elastic-stack-ca.p12

Enter password for CA (elastic-stack-ca.p12) : 
Please enter the desired output file [elastic-certificates.p12]:
Enter password for elastic-certificates.kygl :

第一步：-1>输入前面设置的证书的密码：password123

第二步：-2>输入输出的密钥文件： elastic-certificates.kygl

第三步：-3>回车

8.3 拷贝密钥文件到其他节点

mv /home/es/es7.14/elastic-certificates.kygl /home/es/es7.14/config
cd /home/es/es7.14/config
scp elastic-certificates.kygl 10.10.1.2:/home/es/es7.14/config
scp elastic-certificates.kygl 10.10.1.3:/home/es/es7.14/config

8.4 修改权限（三个节点）

cd /home/es/es7.14/config
chmod 755 elastic-certificates.kygl

8.5 设置 Elasticsearch 用户密码（任一节点）

cd /home/es/es7.14/bin
./elasticsearch-setup-passwords interactive

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]: 
Reenter password for [elastic]: 
Enter password for [apm_system]: 
Reenter password for [apm_system]: 
Enter password for [kibana_system]: 
Reenter password for [kibana_system]: 
Enter password for [logstash_system]: 
Reenter password for [logstash_system]: 
Enter password for [beats_system]: 
Reenter password for [beats_system]: 
Enter password for [remote_monitoring_user]: 
Reenter password for [remote_monitoring_user]: 
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

第一步：-1>输入Elasticsearch 用户密码：elastic123

9. 系统配置（三个节点）

9.1 配置 sysctl.conf

vi /etc/sysctl.conf

fs.file-max = 6815744
vm.max_map_count=655360

sysctl -p

sysctl --system
sysctl -a

9.2 配置 limits.conf

vim /etc/security/limits.conf
* soft nofile 65536
* hard nofile 65536
* soft nproc 32000
* hard nproc 32000
* hard memlock unlimited
* soft memlock unlimited

vim /etc/security/limits.d/20-nproc.conf
es soft nofile 65536
es hard nofile 65536
es soft nproc 32000
es hard nproc 32000

注意：需要重启操作系统！

9.3 重启后， 可以通过以下命令查看：

#查看
ulimit -Hn
ulimit -Sn
ulimit -Hu
ulimit -Su

9.4 配置 system.conf

vim /etc/systemd/system.conf

DefaultLimitNOFILE=65536
DefaultLimitNPROC=32000
DefaultLimitMEMLOCK=infinity
 
#配置生效
/bin/systemctl daemon-reload

10. JVM 配置（三个节点）

Elasticsearch 是基于Java开发的，所以依赖于JVM，建议根据物理内存调整 JVM 属性。

cd /home/es/es7.14/config/
vim jvm.options
-Xms16g
-Xmx16g

注意：JVM 需要根据物理主机内存进行设置， 建议设置物理内存的一半，不要超过32G。

11. 关闭网络防火墙（三个节点）

systemctl stop firewalld
systemctl disable firewalld

12. Elasticsearch 启动（三个节点）

12.1 编写启动脚本

vim start_es.sh
/home/es/es7.14/bin/elasticsearch -d

注意：-d 参数是后台启动。

12.2 Elasticsearch 访问

curl --user elastic:elastic123 -X GET http://10.10.1.1:9200
curl --user elastic:elastic123 -X GET http://10.10.1.2:9200
curl --user elastic:elastic123 -X GET http://10.10.1.3:9200

注意：由于我们创建了 Elasticsearch 用户， 访问时需要加上用户名和密码。

12.3 查看集群状态

执行如下命令， 查询集群状态如图10.3-1 所示， 表明Elasticsearch 启动成功。

curl --user elastic:elastic123 http://10.10.1.11:9200/_cluster/stats?pretty

12.4 编写 Elasticsearch 关闭脚本

vim stop_es.sh
PROCESS=`ps -ef | grep 'es7.14' |grep -v grep | grep -v PPID | awk '{ print $2}'`
echo $PROCESS
for i in $PROCESS
do
  echo "Kill the elasticsearch process [ $i ]"
  kill -9 $i
done

注意： 启动和关闭脚本都需要执行权限。