1、拉取镜像
docker pull elasticsearch:6.8.7
2、启动es
docker run -d --restart=always -p 9200:9200 -p 9300:9300 --name elasticsearch elasticsearch:6.8.7
3、进入es容器,生成证书
docker exec -it elasticsearch bash
bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""
4、退出容器,把容器内配置文件cp到服务器
mkdir -pv /etc/elasticsearch
docker cp elasticsearch:/usr/share/elasticsearch/config/elastic-certificates.p12 /etc/elasticsearch/elastic-certificates.p12
docker cp elasticsearch:/usr/share/elasticsearch/config/jvm.options /etc/elasticsearch/jvm.options
docker cp elasticsearch:/usr/share/elasticsearch/config/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml
chmod 660 /etc/elasticsearch/elastic-certificates.p12
5、删除es容器
docker rm -f elasticsearch
6、调整服务器vm.max_map_count参数
vi /etc/sysctl.conf
vm.max_map_count=655360
sysctl -p
7、调整es内存
vim /etc/elasticsearch/jvm.options
-Xms4g
-Xmx4g
-Dlog4j2.formatMsgNoLookups=true
8、修改配置
cat /etc/elasticsearch/elasticsearch.yml
cluster.name: "docker-cluster"
network.host: 0.0.0.0
mkdir -p /app/elasticsearch/ ; chmod 777 -Rf /app/elasticsearch
9、启动es
docker run -d --privileged=true --restart=always -p 9200:9200 -p 9300:9300 \
-v /etc/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /etc/elasticsearch/jvm.options:/usr/share/elasticsearch/config/jvm.options \
-v /etc/elasticsearch/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 \
-v /app/elasticsearch:/usr/share/elasticsearch/data \
--ulimit nofile=65536:65536 \
-e "xpack.security.enabled=true" \
-e "xpack.security.transport.ssl.enabled=true" \
-e "xpack.security.transport.ssl.verification_mode=certificate" \
-e "xpack.security.transport.ssl.keystore.path=elastic-certificates.p12" \
-e "xpack.security.transport.ssl.truststore.path=elastic-certificates.p12" \
--name elasticsearch elasticsearch:6.8.7
10、进入容器、生成密码
docker exec -it elasticsearch bash
#交互方式输入密码
bin/elasticsearch-setup-passwords interactive
或者
#自动生成密码
bin/elasticsearch-setup-passwords auto
11、认证访问
curl localhost:9200 -u elastic:G86LFV1RbnfnN7wFt8vY