首页 > 系统相关 >linux-elasticsearch(存储与检索)

linux-elasticsearch(存储与检索)

时间:2023-05-09 20:44:52浏览次数:45  
标签:检索 elk101 root elk103 elasticsearch linux com es

elasticsearch(存储与检索)

image-20230404091831787

一、部署elasticsearch

1.rpm单点部署

1.1 下载ES软件包

https://www.elastic.co/cn/downloads

1.2 安装es

[root@elk101.com ~]# ll
total 301028
-rw-------. 1 root root      1340 Jan  9 09:09 anaconda-ks.cfg
-rw-r--r--  1 root root 308244603 Aug 15  2022 elasticsearch-7.17.5-x86_64.rpm
[root@elk101.com ~]# rpm -ivh elasticsearch-7.17.5-x86_64.rpm

1.3修改es的配置文件

[root@elk101.com ~]# egrep -v "^#|^$" /etc/elasticsearch/elasticsearch.yml
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
#修改下边这3行
# ES服务监听对外暴露服务的地址
network.host: 0.0.0.0
# 指定ES集群的节点IP
discovery.seed_hosts: ["10.0.0.101"]
# 指定参与master选举的节点
cluster.initial_master_nodes: ["10.0.0.101"]

1.4启动ES服务

[root@elk101.com ~]# systemctl enable elasticsearch
[root@elk101.com ~]# systemctl start elasticsearch

1.5验证节点是否正常工作

[root@elk101.com ~]# ss -ntl
State       Recv-Q Send-Q         Local Address:Port    Peer Address:Port              
LISTEN      0      128                        *:22                 *:*                  
LISTEN      0      100                127.0.0.1:25                 *:*                  
LISTEN      0      128                     [::]:9200            [::]:*                  
LISTEN      0      128                     [::]:9300            [::]:*

1.6 客户端验证

[root@elk101.com ~]# curl 10.0.0.101:9200
{
  "name" : "elk101.com",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "7nOu5sGyRv6_pemDbAMuNQ",
  "version" : {
    "number" : "7.17.5",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
    "build_date" : "2022-06-23T21:57:28.736740635Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

面试题

9200端口作用:对ES集群外部提供http/https服务。可以理解为对客户端提供服务

9300端口作用:对ES集群内部进行数据通信传输端口,用的是tcp协议

2.集群部署:

注意事项:

集群半数以上服务开启提供对外服务

2.1 下载es软件包

https://www.elastic.co/cn/downloads

2.2 所有节点安装es

elk101.com清空刚才安装的数据
[root@elk101.com ~]# systemctl stop elasticsearch.service
[root@elk101.com ~]# rm -rf /var/lib/elasticsearch/* /var/log/elasticsearch/* /tmp/*

[root@elk102.com ~]# ll
-rw-r--r--  1 root root 308244603 Aug 15  2022 elasticsearch-7.17.5-x86_64.rpm
[root@elk102.com ~]# rpm -ivh elasticsearch-7.17.5-x86_64.rpm

[root@elk103.com ~]# ll
-rw-r--r--  1 root root 308244603 Aug 15  2022 elasticsearch-7.17.5-x86_64.rpm
[root@elk103.com ~]# rpm -ivh elasticsearch-7.17.5-x86_64.rpm

2.3 修改es的配置文件

[root@elk101.com ~]# egrep -v "^#|^$" /etc/elasticsearch/elasticsearch.yml
#指定ES集群的名称
cluster.name: linux-es
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
#修改接下来的这两行
discovery.seed_hosts: ["10.0.0.101","10.0.0.102","10.0.0.103"]
cluster.initial_master_nodes: ["10.0.0.101","10.0.0.102","10.0.0.103"]


#将配置文件分发到其他两个节点
[root@elk101.com ~]# scp /etc/elasticsearch/elasticsearch.yml  10.0.0.102:/etc/elasticsearch/elasticsearch.yml
[root@elk101.com ~]# scp /etc/elasticsearch/elasticsearch.yml  10.0.0.103:/etc/elasticsearch/elasticsearch.yml

2.4 所有节点启动ES服务

[root@elk101.com ~]# systemctl enable elasticsearch
[root@elk101.com ~]# systemctl start elasticsearch

[root@elk102.com ~]# systemctl enable elasticsearch
[root@elk102.com ~]# systemctl start elasticsearch

[root@elk103.com ~]# systemctl enable elasticsearch
[root@elk103.com ~]# systemctl start elasticsearch

#第一次启动会超时,多等等
[root@elk103.com ~]# journalctl -u elasticsearch
-- Logs begin at Mon 2023-04-03 09:34:20 CST, end at Mon 2023-04-03 19:52:01 CST. --
Apr 03 19:50:40 elk103.com systemd[1]: Starting Elasticsearch...
Apr 03 19:51:55 elk103.com systemd[1]: elasticsearch.service start operation timed out. Terminating.
Apr 03 19:51:55 elk103.com systemd[1]: Failed to start Elasticsearch.
Apr 03 19:51:55 elk103.com systemd[1]: Unit elasticsearch.service entered failed state.
Apr 03 19:51:55 elk103.com systemd[1]: elasticsearch.service failed.

2.5 验证ES集群节点是否正常工作

[root@elk101.com ~]# curl 10.0.0.101:9200/_cat/nodes
10.0.0.102 20 90  9 1.12 0.79 0.35 cdfhilmrstw * elk102.com
10.0.0.101  5 91  6 0.17 0.11 0.08 cdfhilmrstw - elk101.com
10.0.0.103  5 89 70 1.14 0.60 0.29 cdfhilmrstw - elk103.com

?v加标题
[root@elk101.com ~]# curl 10.0.0.101:9200/_cat/nodes?v
ip         heap.percent ram.percent cpu load_1m load_5m load_15m node.role   master name
10.0.0.102           28          89   6    0.87    0.75     0.34 cdfhilmrstw *      elk102.com
10.0.0.101            8          91   3    0.36    0.16     0.09 cdfhilmrstw -      elk101.com
10.0.0.103           11          90  18    1.04    0.60     0.29 cdfhilmrstw -      elk103.com

3.基于二进制部署

3.1 前期准备

#所有主机修改主机列表
cat >> /etc/hosts <<'EOF'
10.0.0.101 elk101.com
10.0.0.102 elk102.com
10.0.0.103 elk103.com
EOF

[root@elk101.com ~]# cat >> /etc/hosts <<'EOF'
> 10.0.0.101 elk101.com
> 10.0.0.102 elk102.com
> 10.0.0.103 elk103.com
> EOF
[root@elk102.com ~]# cat >> /etc/hosts <<'EOF'
> 10.0.0.101 elk101.com
> 10.0.0.102 elk102.com
> 10.0.0.103 elk103.com
> EOF
[root@elk103.com ~]# cat >> /etc/hosts <<'EOF'
> 10.0.0.101 elk101.com
> 10.0.0.102 elk102.com
> 10.0.0.103 elk103.com
> EOF

#elk101配置集群免密登录及同步脚本
#elk101节点上生成密钥对
[root@elk101.com ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa -q
#elk101配置所有集群节点的免密登录
[root@elk101.com ~]# for ((host_id=101;host_id<=103;host_id++));do ssh-copy-id elk${host_id}.com ;done
#测试
[root@elk101.com ~]# ssh 'elk102.com'
[root@elk101.com ~]# ssh 'elk103.com'
#编写同步脚本
cat > /usr/local/sbin/data_rsync.sh <<'EOF'
#!/bin/bash
# Auther: wh

if  [ $# -ne 1 ];then
   echo "Usage: $0 /path/to/file(绝对路径)"
   exit
fi 

# 判断文件是否存在
if [ ! -e $1 ];then
    echo "[ $1 ] dir or file not find!"
    exit
fi

# 获取父路径
fullpath=`dirname $1`

# 获取子路径
basename=`basename $1`

# 进入到父路径
cd $fullpath

for ((host_id=102;host_id<=103;host_id++))
  do
    # 使得终端输出变为绿色
    tput setaf 2
    echo ===== rsyncing elk${host_id}.com: $basename =====
    # 使得终端恢复原来的颜色
    tput setaf 7
    # 将数据同步到其他两个节点
    rsync -apz $basename  `whoami`@elk${host_id}.com:$fullpath
    if [ $? -eq 0 ];then
      echo "命令执行成功!"
    fi
done
EOF
[root@elk101.com ~]# cat /usr/local/sbin/data_rsync.sh
#!/bin/bash
# Auther: wh

if  [ $# -ne 1 ];then
   echo "Usage: $0 /path/to/file(绝对路径)"
   exit
fi 

# 判断文件是否存在
if [ ! -e $1 ];then
    echo "[ $1 ] dir or file not find!"
    exit
fi

# 获取父路径
fullpath=`dirname $1`

# 获取子路径
basename=`basename $1`

# 进入到父路径
cd $fullpath

for ((host_id=102;host_id<=103;host_id++))
  do
    # 使得终端输出变为绿色
    tput setaf 2
    echo ===== rsyncing elk${host_id}.com: $basename =====
    # 使得终端恢复原来的颜色
    tput setaf 7
    # 将数据同步到其他两个节点
    rsync -apz $basename  `whoami`@elk${host_id}.com:$fullpath
    if [ $? -eq 0 ];then
      echo "命令执行成功!"
    fi
#给脚本授权
[root@elk101.com ~]# chmod +x /usr/local/sbin/data_rsync.sh


#所有节点安装rsync数据同步工具
[root@elk101.com ~]# yum -y install rsync
[root@elk102.com ~]# yum -y install rsync
[root@elk103.com ~]# yum -y install rsync

3.2 elk101下载ES软件包

[root@elk101.com ~]# ll
-rw-r--r--  1 root root 308183534 Aug 15  2022 elasticsearch-7.17.5-linux-x86_64.tar.gz

3.3所有节点创建运行ES服务的用户

[root@elk101.com ~]# useradd -u 2023 es
[root@elk102.com ~]# useradd -u 2023 es
[root@elk103.com ~]# useradd -u 2023 es

3.4 elk101创建ElasticSearch的工作目录

#方法一
mkdir -pv /es/{data,logs,softwares}/es7
chown es:es -R /es/{softwares,data,logs}/es7/
ll /es/{data,logs,softwares}/es7 -d

#方法二 推荐
[root@elk101.com ~]# install -d /es/{data,logs,softwares}/es7 -o es -g es
[root@elk101.com ~]# ll /es/data/
total 0
drwxr-xr-x 2 es es 6 Apr  3 20:17 es7

#data 数据目录
#logs 日志目录
#softwares 软件目录

3.5 elk101解压软件包并修改权限

[root@elk101.com ~]# tar xf elasticsearch-7.17.5-linux-x86_64.tar.gz -C /es/softwares/es7/
[root@elk101.com ~]# chown -R es.es /es
[root@elk101.com ~]# ll /es
total 0
drwxr-xr-x 3 es es 17 Apr  3 20:17 data
drwxr-xr-x 3 es es 17 Apr  3 20:17 logs
drwxr-xr-x 3 es es 17 Apr  3 20:17 softwares

3.6 elk101修改配置文件

[root@elk101.com ~]# egrep -v "^#|^$" /es/softwares/es7/elasticsearch-7.17.5/config/elasticsearch.yml
cluster.name: linux-es
path.data: /es/data/es7
path.logs: /es/logs/es7
network.host: 0.0.0.0
discovery.seed_hosts: ["elk101.com","elk102.com","elk103.com"]
cluster.initial_master_nodes: ["elk101.com","elk102.com","elk103.com"]

3.7 elk101同步程序目录到其他两个机器

[root@elk101.com ~]# data_rsync.sh /es

3.8针对ES基础调优,所有节点

3.8.1 修改文件打开数量上线,修改后需要断开会话
[root@elk101.com ~]# cat /etc/security/limits.d/es7.conf
*	soft	nofile	65535
*	hard	nofile	131070
[root@elk102.com ~]# cat /etc/security/limits.d/es7.conf
*	soft	nofile	65535
*	hard	nofile	131070
[root@elk103.com ~]# cat /etc/security/limits.d/es7.conf
*	soft	nofile	65535
*	hard	nofile	131070

#查看软文件连接数
[root@elk101.com ~]# ulimit -Sn
65535
#查看硬文件连接数
[root@elk101.com ~]# ulimit -Hn
131070
3.8.2 调大内核虚拟内存映射值
[root@elk102.com ~]# cat /etc/sysctl.d/es.conf
vm.max_map_count=524288
[root@elk103.com ~]# cat /etc/sysctl.d/es.conf
vm.max_map_count=524288
[root@elk104.com ~]# cat /etc/sysctl.d/es.conf
vm.max_map_count=524288

#使系统值生效
[root@elk101.com ~]# sysctl -f  /etc/sysctl.d/es.conf
vm.max_map_count = 524288
[root@elk102.com ~]# sysctl -f  /etc/sysctl.d/es.conf
vm.max_map_count = 524288
[root@elk103.com ~]# sysctl -f  /etc/sysctl.d/es.conf
vm.max_map_count = 524288
#查看系统值
[root@elk101.com ~]# sysctl -q vm.max_map_count
vm.max_map_count = 524288

3.9 所有节点启动服务

[root@elk101.com ~]# su es -c '/es/softwares/es7/elasticsearch-7.17.5/bin/elasticsearch -d'
[root@elk102.com ~]# su es -c '/es/softwares/es7/elasticsearch-7.17.5/bin/elasticsearch -d'
[root@elk103.com ~]# su es -c '/es/softwares/es7/elasticsearch-7.17.5/bin/elasticsearch -d'

3.10 验证服务是否正常

[root@elk101.com /es/logs]# curl 10.0.0.101:9200/_cat/nodes
10.0.0.102  9 89 33 1.42 1.31 0.77 cdfhilmrstw - elk102.com
10.0.0.103 15 49  2 0.91 2.02 1.14 cdfhilmrstw - elk103.com
10.0.0.101 13 96  2 0.43 1.18 0.76 cdfhilmrstw * elk101.com

3.11 使用systemctl管理ES服务,所有节点

#停止es服务
[root@elk101.com ~]# pkill java
[root@elk102.com ~]# pkill java
[root@elk103.com ~]# pkill java

#编写system脚本
cat > /usr/lib/systemd/system/es7.service <<EOF
[Unit]
Description= es7
After=network.target

[Service]
Type=simple
ExecStart=/es/softwares/es7/elasticsearch-7.17.5/bin/elasticsearch
User=es
LimitNOFILE=131070

[Install]
WantedBy=multi-user.target
EOF

[root@elk101.com ~]# cat /usr/lib/systemd/system/es7.service
[root@elk102.com ~]# cat /usr/lib/systemd/system/es7.service
[root@elk101.com ~]# cat /usr/lib/systemd/system/es7.service
[Unit]
Description= es7
After=network.target

[Service]
Type=simple
ExecStart=/es/softwares/es7/elasticsearch-7.17.5/bin/elasticsearch
User=es
LimitNOFILE=131070

[Install]
WantedBy=multi-user.target


#加载脚本
[root@elk101.com ~]# systemctl daemon-reload
[root@elk102.com ~]# systemctl daemon-reload
[root@elk103.com ~]# systemctl daemon-reload

#设置开机自启动
[root@elk101.com ~]# systemctl enable  es7
[root@elk102.com ~]# systemctl enable  es7
[root@elk103.com ~]# systemctl enable  es7

#启动es
[root@elk101.com ~]# systemctl start  es7
[root@elk102.com ~]# systemctl start  es7
[root@elk103.com ~]# systemctl start  es7

#验证
[root@elk101.com ~]# curl 10.0.0.101:9200/_cat/nodes
10.0.0.103 12 74 15 0.57 0.58 0.72 cdfhilmrstw - elk103.com
10.0.0.101 16 96 18 0.62 0.49 0.53 cdfhilmrstw * elk101.com
10.0.0.102 13 91 14 0.39 0.40 0.49 cdfhilmrstw - elk102.com

3.12使用oracle JDK管理ES服务,所有主机

3.12.1 elk101下载JDK环境
[root@elk101.com ~]# ll
-rw-r--r--  1 root root 144935989 Aug 15  2022 jdk-8u291-linux-x64.tar.gz
[root@elk102.com ~]# ll
-rw-r--r--  1 root root 144935989 Aug 15  2022 jdk-8u291-linux-x64.tar.gz
[root@elk103.com ~]# ll
-rw-r--r--  1 root root 144935989 Aug 15  2022 jdk-8u291-linux-x64.tar.gz
3.12.2 解压JDK软件包
[root@elk101.com ~]# tar xf jdk-8u291-linux-x64.tar.gz -C /es/softwares/
[root@elk102.com ~]# tar xf jdk-8u291-linux-x64.tar.gz -C /es/softwares/
[root@elk103.com ~]# tar xf jdk-8u291-linux-x64.tar.gz -C /es/softwares/
3.12.3 配置系统环境变量
[root@elk101.com ~]# cat /etc/profile.d/jdk.sh
export JAVA_HOME=/es/softwares/jdk1.8.0_291
export PATH=$PATH:$JAVA_HOME/bin
[root@elk102.com ~]# cat /etc/profile.d/jdk.sh
export JAVA_HOME=/es/softwares/jdk1.8.0_291
export PATH=$PATH:$JAVA_HOME/bin
[root@elk103.com ~]# cat /etc/profile.d/jdk.sh
export JAVA_HOME=/es/softwares/jdk1.8.0_291
export PATH=$PATH:$JAVA_HOME/bin

[root@elk101.com ~]# source /etc/profile.d/jdk.sh
[root@elk102.com ~]# source /etc/profile.d/jdk.sh
[root@elk103.com ~]# source /etc/profile.d/jdk.sh
3.12.4 修改启动脚本
[root@elk101.com ~]# cat /usr/lib/systemd/system/es7.service
[root@elk102.com ~]# cat /usr/lib/systemd/system/es7.service
[root@elk103.com ~]# cat /usr/lib/systemd/system/es7.service
[Unit]
Description= es7
After=network.target

[Service]
Type=simple
#加了这一行
Environment=JAVA_HOME=/es/softwares/jdk1.8.0_291   
ExecStart=/es/softwares/es7/elasticsearch-7.17.5/bin/elasticsearch
User=es
LimitNOFILE=131070

[Install]
WantedBy=multi-user.target


[root@elk101.com ~]# systemctl daemon-reload
[root@elk102.com ~]# systemctl daemon-reload
[root@elk103.com ~]# systemctl daemon-reload
3.12.5 重启es
[root@elk101.com ~]# systemctl restart es7
[root@elk102.com ~]# systemctl restart es7
[root@elk103.com ~]# systemctl restart es7
3.12.6 查看状态
[root@elk101.com ~]# curl 10.0.0.101:9200/_cat/nodes
10.0.0.102  9 75 24 0.78 0.49 0.45 cdfhilmrstw - elk102.com
10.0.0.103 20 65 27 1.00 0.69 0.66 cdfhilmrstw * elk103.com
10.0.0.101  9 75 24 0.61 0.44 0.44 cdfhilmrstw - elk101.com

3.13 修改ES环境的堆(heap)内存大小

[root@elk101.com ~]# egrep -nv '^#|^$' /es/softwares/es7/elasticsearch-7.17.5/config/jvm.options
#添加这两行
34:-Xms256m
35:-Xmx256m
[root@elk102.com ~]# egrep -nv '^#|^$' /es/softwares/es7/elasticsearch-7.17.5/config/jvm.options
[root@elk103.com ~]# egrep -nv '^#|^$' /es/softwares/es7/elasticsearch-7.17.5/config/jvm.options

#重启服务并验证堆内存大小,若不配置,默认1GB
[root@elk101.com ~]# systemctl restart es7
[root@elk102.com ~]# systemctl restart es7
[root@elk103.com ~]# systemctl restart es7

[root@elk101.com ~]# jps
6049 Elasticsearch
6713 Elasticsearch
6862 Jps

[root@elk101.com ~]# jps -l
6049 org.elasticsearch.bootstrap.Elasticsearch
6713 org.elasticsearch.bootstrap.Elasticsearch
6846 sun.tools.jps.Jps

#验证是否修改完成
[root@elk101.com ~]# jmap -heap `jps | awk '/Elasticsearch/{print $1}'` | grep MaxHeapSize
   MaxHeapSize              = 268435456 (256.0MB)

注意事项:

堆内存,生产建议,一般内存给1半,不要大于32G,

4.ES集群的多实例部署

4.1 所有节点准备ES6的工作目录

[root@elk101.com ~]# install -d /es/{data,logs,softwares}/es6 -o es -g es
[root@elk102.com ~]# install -d /es/{data,logs,softwares}/es6 -o es -g es
[root@elk103.com ~]# install -d /es/{data,logs,softwares}/es6 -o es -g es

4.2 elk101下载ES6软件包

[root@elk101.com ~]# ll
-rw-r--r--  1 root root 149672445 Aug 15  2022 elasticsearch-6.8.23.tar.gz

4.3 elk101解压软件包

[root@elk101.com ~]# tar xf elasticsearch-6.8.23.tar.gz -C /es/softwares/es6/
[root@elk101.com ~]# chown -R es.es /es/softwares/es6

4.4 elk101修改配置文件

[root@elk101.com ~]# egrep -nv '^#|^$' /es/softwares/es6/elasticsearch-6.8.23/config/elasticsearch.yml
17:cluster.name: linux-es6
24:node.name: elk101.com
34:path.data: /es/data/es6
36:path.logs: /es/logs/es6
56:network.host: 0.0.0.0
60:http.port: 19200
61:transport.tcp.port: 19300
70:discovery.zen.ping.unicast.hosts: ["elk101.com","elk102.com","elk103.com"]
74:discovery.zen.minimum_master_nodes: 2
[root@elk101.com ~]# egrep -v '^#|^$' /es/softwares/es6/elasticsearch-6.8.23/config/elasticsearch.yml
cluster.name: linux-es6
node.name: elk101.com
path.data: /es/data/es6
path.logs: /es/logs/es6
network.host: 0.0.0.0
http.port: 19200
transport.tcp.port: 19300
discovery.zen.ping.unicast.hosts: ["elk101.com","elk102.com","elk103.com"]
discovery.zen.minimum_master_nodes: 2

4.5 elk101修改堆内存大小

 22 #-Xms1g
 23 #-Xmx1g
 24 -Xms256m
 25 -Xmx256m
[root@elk101.com ~]# egrep -v '^$|^#' /es/softwares/es6/elasticsearch-6.8.23/config/jvm.options 
-Xms256m
-Xmx256m

4.6 同步目录到其他主机

[root@elk101.com ~]# data_rsync.sh /es/softwares/es6/

4.7 修改各节点的配置文件

[root@elk102.com ~]# cat /es/softwares/es6/elasticsearch-6.8.23/config/elasticsearch.yml
node.name: elk102.com

[root@elk103.com ~]# cat /es/softwares/es6/elasticsearch-6.8.23/config/elasticsearch.yml
node.name: elk103.com

4.8 编写启动脚本

cat > /usr/lib/systemd/system/es6.service <<EOF
[Unit]
Description= es6
After=network.target

[Service]
Type=simple
Environment=JAVA_HOME=/es/softwares/jdk1.8.0_291
ExecStart=/es/softwares/es6/elasticsearch-6.8.23/bin/elasticsearch
User=es
LimitNOFILE=131070

[Install]
WantedBy=multi-user.target
EOF
[root@elk102.com ~]# cat /usr/lib/systemd/system/es6.service
[root@elk103.com ~]# cat /usr/lib/systemd/system/es6.service
[root@elk101.com ~]# cat /usr/lib/systemd/system/es6.service
[Unit]
Description= es6
After=network.target

[Service]
Type=simple
Environment=JAVA_HOME=/es/softwares/jdk1.8.0_291
ExecStart=/es/softwares/es6/elasticsearch-6.8.23/bin/elasticsearch
User=es
LimitNOFILE=131070

[Install]
WantedBy=multi-user.target

[root@elk101.com ~]# systemctl daemon-reload
[root@elk102.com ~]# systemctl daemon-reload
[root@elk103.com ~]# systemctl daemon-reload

4.9 启动es6

[root@elk101.com ~]# systemctl enable  es6
[root@elk102.com ~]# systemctl enable  es6
[root@elk103.com ~]# systemctl enable  es6

[root@elk101.com ~]# systemctl start  es6
[root@elk102.com ~]# systemctl start  es6
[root@elk103.com ~]# systemctl start  es6

4.10 查看服务状态

[root@elk101.com ~]# curl 10.0.0.101:19200/_cat/nodes
10.0.0.101 44 80 4 0.03 0.08 0.13 mdi * elk101.com
10.0.0.102 62 77 8 0.37 0.21 0.18 mdi - elk102.com
10.0.0.103 49 66 6 0.21 0.14 0.16 mdi - elk103.com

5.查看一些api

查看集群节点的API:
	curl 10.0.0.101:9200/_cat/nodes
 
查看集群状态:
	curl 10.0.0.101:9200/_cluster/health 2>/dev/null | jq

6.安装es-head-0.1.4_0.crx

image-20230403213005453

image-20230403212936884

7.安装postman

image-20230403213055533

故障:

1.如果遇到uuid为"_na_"情况

systemctl stop elasticsearch.service
rm -rf /var/lib/elasticsearch/* /var/log/elasticsearch/* /tmp/*
systemctl start elasticsearch.service
curl 10.0.0.101:9200

2.若集群UUID出现"_na_"状态时,做如下动作,所有节点操作:

pkill java
rm -rf  /es/data/es7/* /oldboyedu/logs/es7/* /tmp/*

3. ES部署提示'1.java.lang.RuntimeException: can not run elasticsearch as root'

报错原因:
	不能以root用户启动ES服务。
解决方案:
	使用普通用户启动服务即可。

4. ES部署提示'bootstrap check failure [1] of [3]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]'

bootstrap check failure [1] of [3]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
报错原因:
	程序默认的的文件打开数量上线过低。
解决方案:
	调大文件打开数量上限即可。
cat /etc/security/limits.d/es7.conf   
*	soft	nofile	65535
*	hard	nofile	131070
*	hard	nproc	8192

5. ES部署提示'bootstrap check failure [2] of [3]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]'

bootstrap check failure [2] of [3]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
报错原因:
	内核参数虚拟内存映射过低。
解决方案:
	调大内核虚拟内存映射值即可。
cat /etc/sysctl.d/es.conf
vm.max_map_count=524288

#使系统值生效
sysctl -f  /etc/sysctl.d/es.conf
vm.max_map_count = 524288

6. ES部署提示'bootstrap check failure [3] of [3]: max number of threads [3795] for user [test] is too low, increase to at least [4096]'

bootstrap check failure [3] of [3]: max number of threads [3795] for user [test] is too low, increase to at least [4096]

报错原因:
	程序打开的线程数量设置过低。
解决方案:
	调大程序打开的线程数量即可。
cat /etc/security/limits.d/es7.conf
*	soft	nofile	65535
*	hard	nofile	131070
*	hard	nproc	8192

7. ES部署提示'initial heap size [268435456] not equal to maximum heap size [1031798784]; this can cause resize pauses and prevents mlockall from locking the entire heap'

initial heap size [268435456] not equal to maximum heap size [1031798784]; this can cause resize pauses and prevents mlockall from locking the entire heap

报错原因:
	初始化堆内存和最大堆内存大小不一致。
解决方案:
	观察配置是否生效,建议将"-Xms"和"-Xmx"值配置一致。
egrep -v '^$|^#' /es/softwares/es6/elasticsearch-6.8.23/config/jvm.options 
-Xms256m
-Xmx256m

标签:检索,elk101,root,elk103,elasticsearch,linux,com,es
From: https://www.cnblogs.com/world-of-yuan/p/17386216.html

相关文章

  • Linux部署Prometheus+Alertmanager并配置企业微信告警
    一、Prometheus告警简介告警能力在Prometheus的架构中被划分成两个独立的部分。如下所示,通过在Prometheus中定义AlertRule(告警规则),Prometheus会周期性的对告警规则进行计算,如果满足告警触发条件就会向Alertmanager发送告警信息。在Prometheus中一条告警规则主要由以下几部分组......
  • Linux部署Prometheus+Alertmanager并配置邮件告警
    一、Prometheus告警简介告警能力在Prometheus的架构中被划分成两个独立的部分。如下所示,通过在Prometheus中定义AlertRule(告警规则),Prometheus会周期性的对告警规则进行计算,如果满足告警触发条件就会向Alertmanager发送告警信息。在Prometheus中一条告警规则主要由以下几部分组......
  • Linux 处理CPU和内存参数的方式总结
    Linux处理CPU和内存参数的方式总结关闭NUMA,关闭透明大页比较简单的方法:vim/etc/default/grub在GRUB_CMDLINE_LINUX里面添加配置:transparent_hugepage=nevernuma=off修改后的配置为:GRUB_CMDLINE_LINUX="resume=/dev/mapper/uos-swaprd.lvm.lv=uos/rootrd.lvm.......
  • rocky linux: 修改sshd的默认端口(Rocky Linux 9.1)
    一,修改防火墙,允许指定的新端口访问[root@img~]#firewall-cmd--zone=public--add-port=31234/tcp--permanentsuccess[root@img~]#firewall-cmd--reloadsuccess[root@img~]#more/etc/firewalld/zones/public.xml<?xmlversion="1.0"encoding="utf-8"......
  • linux RAID磁盘阵列
    目录一、RAID磁盘阵列二、RAID的分类三、奇偶校验四、配置RAIO6过程            一、RAID磁盘阵列原理:全称为独立冗余磁盘阵列,将多个硬盘组合成一个逻辑驱动器,变为一体的。以RAID整体操作,可以提高磁盘高可用性和性能。作用:RAID无论是哪个,......
  • 使用java restclient连接elasticsearch
    java连接es方式有transport、restclient、javaclient方式。官方最新标的transport和restclient方式都已经过时了,这里用的es7还是以restclient方式进行连接测试。javaclient是es7.15之后推出的。下面开始使用HighLevelJavaRESTClient。maven依赖org.elasticsearch.cl......
  • rocky linux:修改hostname(Rocky Linux 9.1)
    一,修改hostname:1,通过hostnamectl命令修改hostname[root@blog~]#more/etc/hostnameblog[root@blog~]#hostnamectlset-hostnameimg[root@blog~]#more/etc/hostnameimg可以看到原本保存在/etc/hostname中的值在用hostnamectl命令处理后发生了变化所以我们也可以......
  • Linux(centos7.9)搭建ldap服务器
    一.LDAP是什么 后期更新,目前只搭建了服务器 二.linux搭建LDAP服务器以下服务器信息为该文档安装Radius服务环境 服务器信息:CentOS7  内核版本:3.10.0-1160.el7.x86_64 1.使用yum进行安装yum-yinstallopenldapcompat-openldapopenldap-clientsopenldap-serv......
  • linux环境部署--Reids3.2.5
    linux环境部署--Reids3.2.5redis-3.2.5.tar.gz提取码:19991、进入/usr/local/src/目录cd/usr/local/src/2、下载Redis3.2.5wgethttp://download.redis.io/releases/redis-3.2.5.tar.gz3、解压缩并进入文件夹tarxzfredis-3.2.5.tar.gzcdredis-3.2.54、编译Redis,命令......
  • linux|Windows|Xshell——Windows远程连接Linux服务器进行上传、下载文件,用远程登录工
    Windows远程连接Linux服务器进行操作时总会需要上传、下载文件。要实现这个目的,既可以通过FTP的方式,也可以在本地终端使用scp命令。但如果是使用Xshell等工具操作服务器的话,最简单的方法就是其自带支持的sz、rz命令了。这两个命令可以直接上传、下载文件,并自动弹出文件选择框,操作......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99