环境
| 服务器IP | 节点ID | 端口 | 集群名称 |
|---|---|---|---|
| 172.21.61.10 | es-1 | 9200/9700 | es-test |
| 172.21.61.11 | es-2 | 9200/9700 | es-test |
| 172.21.61.12 | es-3 | 9200/9700 | es-test |
安装
下载安装包
cd /root/soft
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.6.1-linux-x86_64.tar.gz
scp elasticsearch-8.6.1-linux-x86_64.tar.gz 172.21.61.11:/root/soft
scp elasticsearch-8.6.1-linux-x86_64.tar.gz 172.21.61.12:/root/soft
所有节点创建用户
groupadd elasticsearch
useradd elasticsearch -g elasticsearch
创建目录
所有节点执行如下步骤
mkdir /data/es/{logs,data} -p
tar xzvf elasticsearch-8.6.1-linux-x86_64.tar.gz -C /usr/local
授权
所有节点执行如下步骤
chown -R elasticsearch:elasticsearch /usr/local/elasticsearch-8.6.1
chown -R elasticsearch:elasticsearch /data/es
配置修改
172.21.61.10修改内容
vim /usr/local/elasticsearch-8.6.1/config/elasticsearch.yml
点击查看代码
cluster.name: es-test
node.name: es-1
node.roles: [master,data]
path.data: /data/es/data
path.logs: /data/es/logs
network.host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.seed_hosts: ["172.21.61.10:9300","172.21.61.11:9300","172.21.61.12:9300"]
cluster.initial_master_nodes: ["es-1","es-2","es-3"]
# 下方内容是用于ssl认证的
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: none
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-8.6.1/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-8.6.1/config/certs/elastic-certificates.p12
ingest.geoip.downloader.enabled: false
172.21.61.11修改内容
vim /usr/local/elasticsearch-8.6.1/config/elasticsearch.yml
点击查看代码
cluster.name: es-test
node.name: es-2
node.roles: [master,data]
path.data: /data/es/data
path.logs: /data/es/logs
network.host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.seed_hosts: ["172.21.61.10:9300","172.21.61.11:9300","172.21.61.12:9300"]
cluster.initial_master_nodes: ["es-1","es-2","es-3"]
# 下方内容是用于ssl认证的
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: none
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-8.6.1/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-8.6.1/config/certs/elastic-certificates.p12
ingest.geoip.downloader.enabled: false
172.21.61.13修改内容
vim /usr/local/elasticsearch-8.6.1/config/elasticsearch.yml
点击查看代码
cluster.name: es-test
node.name: es-3
node.roles: [master,data]
path.data: /data/es/data
path.logs: /data/es/logs
network.host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.seed_hosts: ["172.21.61.10:9300","172.21.61.11:9300","172.21.61.12:9300"]
cluster.initial_master_nodes: ["es-1","es-2","es-3"]
# 下方内容是用于ssl认证的
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: none
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-8.6.1/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-8.6.1/config/certs/elastic-certificates.p12
ingest.geoip.downloader.enabled: false
环境配置
所有节点都需要修改
修改最大文件数
点击查看代码
cat >> /etc/security/limits.conf <<EOF
elasticsearch soft nofile 65536
elasticsearch hard nofile 65536
EOF
修改系统内核配置
点击查看代码
echo "fs.file-max=655360" >> /etc/sysctl.conf
echo "vm.max_map_count=655360" >> /etc/sysctl.conf
sysctl -p
修改虚拟内存
点击查看代码
# 此处根据自己的需求及规模进行调整
sed -i "s/## -Xms4g/-Xms2g/" /usr/local/elasticsearch-8.6.1/config/jvm.options
sed -i "s/## -Xmx4g/-Xmx2g/" /usr/local/elasticsearch-8.6.1/config/jvm.options
认证
在172.21.61.10上面操作就行
点击查看代码
# 签发ca证书
/usr/local/elasticsearch-8.6.1/bin/elasticsearch-certutil ca
`【ENTER】` 什么也不用输入直接回车
`【ENTER】` 什么也不用输入直接回车
# 用ca证书签发节点证书
/usr/local/elasticsearch-8.6.1/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
`【ENTER】` 什么也不用输入直接回车
`【ENTER】` 什么也不用输入直接回车
`【ENTER】` 什么也不用输入直接回车
# 将证书放到certs目录(手动创建)
mkdir /usr/local/elasticsearch-8.6.1/config/certs
mv /usr/local/elasticsearch-8.6.1/elastic-certificates.p12 /usr/local/elasticsearch-8.6.1/elastic-stack-ca.p12 /usr/local/elasticsearch-8.6.1/config/certs
scp -r /usr/local/elasticsearch-8.6.1/config/certs 172.21.61.11:/usr/local/elasticsearch-8.6.1/config/
scp -r /usr/local/elasticsearch-8.6.1/config/certs 172.21.61.12:/usr/local/elasticsearch-8.6.1/config/
ik分词插件安装
cd /root/soft
mkdir ik
cd ik
需要下载与es版本一致的ik分词版本包
wget https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v8.6.1/elasticsearch-analysis-ik-8.6.1.zip
unzip elasticsearch-analysis-ik-8.6.1.zip
rm -f elasticsearch-analysis-ik-8.6.1.zip
cd ..
cp -r ik /usr/local/elasticsearch-8.6.1/plugins/
将插件复制到其余节点
scp -r /usr/local/elasticsearch-8.6.1/plugins/ik 172.21.61.11:/usr/local/elasticsearch-8.6.1/plugins/
scp -r /usr/local/elasticsearch-8.6.1/plugins/ik 172.21.61.12:/usr/local/elasticsearch-8.6.1/plugins/
每台服务器授权
chown -R elasticsearch:elasticsearch /usr/local/elasticsearch-8.6.1
启动
切换用户
su - elasticsearch
cd /usr/local/elasticsearch-8.6.1/bin
./elasticsearch -d
查看端口是否启动
netstat -lanp | egrep "9200|9300" | grep LISTEN
修改密码:
在某一台服务器上操作即可
点击查看代码
# 第一种,配置每个账号的密码
./elasticsearch-setup-passwords interactive
******************************************************************************
Note: The 'elasticsearch-setup-passwords' tool has been deprecated. This command will be removed in a future release.
******************************************************************************
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
# 第二种,随机生成特定账号的密码
./elasticsearch-reset-password -u elastic
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y
Password for the [elastic] user successfully reset.
New value: ihn1eUl0-cSGQ2ekMBTj
常用查看
查看集群状态
点击查看代码
curl -k --user elastic:ihn1eUl0-cSGQ2ekMBTj -XGET "http://172.21.61.10:9200/_cat/nodes?v"
# 此处ip不是172.21.61..x是因为我的服务器还有其他服务开启了tun的。
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
172.21.61.10 41 97 4 0.70 0.54 0.33 dm * es-1
172.21.61.11 28 97 4 0.15 0.30 0.41 dm - es-2
172.21.61.12 24 97 4 0.27 0.46 0.53 dm - es-3
列出所有索引
点击查看代码
curl -k --user elastic:ihn1eUl0-cSGQ2ekMBTj -XGET "http://172.21.61.10:9200/_cat/indices?v"
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
创建并查看索引
点击查看代码
curl -k --user elastic:ihn1eUl0-cSGQ2ekMBTj -X PUT "http://172.21.61.10:9200/test?pretty"
{
"acknowledged" : true,
"shards_acknowledged" : true,
"index" : "test"
}
curl -k --user elastic:ihn1eUl0-cSGQ2ekMBTj -XGET "http://172.21.61.10:9200/_cat/indices?v"
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open test N89aJeQsTpiBtbDLh-I1pQ 1 1 0 0 450b 225b