linux使用yum下安装elasticsearch 7.17.6-1
-
首先确定linux系统中yum环境是正常的
-
在/etc/yum.repos.d/ 或者/etc/zypp/repos.d/ 目录下创建一个名为elasticsearch.repo的文件(自己进去看一下,有那个文件夹就在那个文件夹下创建)
文件内容:
[elasticsearch] name=Elasticsearch repository for 7.x packages baseurl=https://artifacts.elastic.co/packages/7.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=0 autorefresh=1 type=rpm-md
-
使用
yum list elasticsearch
或者yum search elasticsearch --showduplicates
查看可用版本[root@iZ25hep58miZ yum.repos.d]# yum list elasticsearch Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Installed Packages elasticsearch.x86_64 7.17.6-1 [root@iZ25hep58miZ yum.repos.d]# yum search elasticsearch --showduplicates Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile ==================================================== N/S Matched: elasticsearch =========== elasticsearch-7.17.6-1.x86_64 : Distributed RESTful search engine built for the cloud Name and summary matches only, use "search all" for everything.
-
如果不要求指定版本 , 执行
yum install --enablerepo=elasticsearch elasticsearch
命令。等待安装完成。 -
如果要指定版本则执行
yum install --enablerepo=elasticsearch elasticsearch-7.17.6-1.x86_64
补充完整的版本号 -
接下来可执行启动命令
service elasticsearch start
, 会报一些错误 -
内存不足问题 , 由于 elasticsearch 默认分配 jvm空间大小为2g,修改 jvm空间,如果Linux服务器本来配置就很高,可以不用修改
error: OpenJDK 64-Bit Server VM warning: INFO: os::commit_memory(0x00000000c6a00000, 962592768, 0) failed; error='Not enough space' (errno=12) at org.elasticsearch.tools.launchers.JvmOption.flagsFinal(JvmOption.java:119) at org.elasticsearch.tools.launchers.JvmOption.findFinalOptions(JvmOption.java:81) at org.elasticsearch.tools.launchers.JvmErgonomics.choose(JvmErgonomics.java:38) at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.java:13
cd /etc/elasticsearch/jvm.options.d
vim jvm.options
依据服务器内容大小修改-Xms1G -Xmx1G
-
修改ES核心配置信息
执行命令修改elasticsearch.yml文件内容
修改绑定的ip允许远程访问
#默认只允许本机访问,修改为0.0.0.0后则可以远程访问 # 绑定到0.0.0.0,允许任何ip来访问 network.host: 0.0.0.0
初始化节点名称
cluster.name: elasticsearch node.name: es-node0 cluster.initial_master_nodes: ["es-node0"]
-
elasticsearch用户的最大线程数太低
max number of threads [1024] for user [elasticsearch] i
s too low, increase to at least [4096]
错误原因: elasticsearch用户的最大线程数太低 , 修改limits.d目录下的配置文件:
vi /etc/security/limits.d/90-nproc.conf
-
这是在因为Centos6不支持SecComp,而ES5.2.0默认bootstrap.system_call_filter为true进行检测,所以导致检测失败,失败后直接导致ES不能启动。
system call filters failed to install; check the logs a nd fix your configuration or disable system call filters at your own risk
解决:
在elasticsearch.yml中配置bootstrap.system_call_filter为false,注意要在Memory下面:bootstrap.memory_lock: false bootstrap.system_call_filter: false
-
7.x使用x-pack
切换到elasticsearch的bin目录下,使用下列命令生成证书
./elasticsearch-certutil cert -out /etc/elasticsearch/elastic-certificates.p12 -pass ""
打开 /etc/elasticsearch/elasticsearch.yaml , 在尾部添加下边代码
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
第一行为开启密码访问 , 本意是只设置密码, 但是7.x版本要求开启密码后必须开启第二行ssl , 所以产生345行配置ssl证书的配置
bin目录下执行下面命令自动配置各用户密码 auto为自动, interactive为手动
./elasticsearch-setup-passwords auto
启动服务提示下面错误
uncaught exception in thread [main]
ElasticsearchSecurityException[failed to load SSL configuration [xpack.security.transport.s
sl]]; nested: ElasticsearchException[failed to initialize SSL TrustManager - not permitted to read truststore file [/etc/elasticsearch/elastic-certificates.p12]]; nested: AccessDeniedException[/etc/elasticsearch/elastic-certificates.p12];Likely root cause: java.nio.file.AccessDeniedException: /etc/elasticsearch/elastic-certific
ates.p12uncaught exception in thread [main]
ElasticsearchSecurityException[failed to load SSL configuration [xpack.security.transport.s
sl]]; nested: ElasticsearchException[failed to initialize SSL TrustManager - not permitted to read truststore file [/etc/elasticsearch/elastic-certificates.p12]]; nested: AccessDeniedException[/etc/elasticsearch/elastic-certificates.p12];Likely root cause: java.nio.file.AccessDeniedException: /etc/elasticsearch/elastic-certific
ates.p12
到/etc/elasticsearch/目录下查看生成的elastic-certificates.p12
-rw------- 1 root elasticsearch 3448 Nov 7 15:43 elastic-certificates.p12
-rw-rw---- 1 root elasticsearch 199 Nov 7 09:06 elasticsearch.keystore
-rw-rw---- 1 root elasticsearch 1042 Aug 23 19:10 elasticsearch-plugins.example.yml
-rw-rw---- 1 root elasticsearch 3724 Nov 7 15:45 elasticsearch.yml
-rw-rw---- 1 root elasticsearch 3329 Aug 23 19:10 jvm.options
drwxr-s--- 2 root elasticsearch 4096 Nov 7 09:11 jvm.options.d
-rw-rw---- 1 root elasticsearch 19304 Aug 23 19:10 log4j2.properties
-rw-rw---- 1 root elasticsearch 473 Aug 23 19:10 role_mapping.yml
-rw-rw---- 1 root elasticsearch 197 Aug 23 19:10 roles.yml
-rw-rw---- 1 root elasticsearch 0 Aug 23 19:10 users
-rw-rw---- 1 root elasticsearch 0 Aug 23 19:10 users_roles
由第一行看出生成的elastic-certificates.p12 不属于elasticsearch用户组, 且没有读写权限 . 增加读写权限
chmod 664 elastic-certificates.p12
-rw-rw-r-- 1 root elasticsearch 3448 Nov 7 15:43 elastic-certificates.p12
-rw-rw---- 1 root elasticsearch 199 Nov 7 09:06 elasticsearch.keystore
-rw-rw---- 1 root elasticsearch 1042 Aug 23 19:10 elasticsearch-plugins.example.yml
-rw-rw---- 1 root elasticsearch 3724 Nov 7 15:45 elasticsearch.yml
-rw-rw---- 1 root elasticsearch 3329 Aug 23 19:10 jvm.options
drwxr-s--- 2 root elasticsearch 4096 Nov 7 09:11 jvm.options.d
-rw-rw---- 1 root elasticsearch 19304 Aug 23 19:10 log4j2.properties
-rw-rw---- 1 root elasticsearch 473 Aug 23 19:10 role_mapping.yml
-rw-rw---- 1 root elasticsearch 197 Aug 23 19:10 roles.yml
-rw-rw---- 1 root elasticsearch 0 Aug 23 19:10 users
-rw-rw---- 1 root elasticsearch 0 Aug 23 19:10 users_roles
第一组 rw-表示root用户有读写权限 , 第二组 rw-为给elasticsearch用户新增的读写权限,第三组表示其他用户的权限 , 此处设置4加了 r权限. 不加也可以
到此重启服务就可以了