A1.linux下elasticsearch安装
- 1.下载,解压
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.1.3-linux-x86_64.tar.gz
# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.1.3-linux-x86_64.tar.gz.sha512
# shasum -a 512 -c elasticsearch-8.1.3-linux-x86_64.tar.gz.sha512
tar -xzvf elasticsearch-8.1.3-linux-x86_64.tar.gz
- 2.授权
# elasticsearch用户提前建立
sudo chown -R elasticsearch:elasticsearch /es/elasticsearch-8.1.3
- 3.运行
# 启动node1
./bin/elasticsearch
# 启动成功后可修改密码
./elasticsearch-reset-password -i -u elastic
- 启用身份验证和授权,并为
elastic内置超级用户生成密码。- 为传输层和 HTTP 层生成 TLS 的证书和密钥,并使用这些密钥和证书启用和配置 TLS。
- 为 Kibana 生成一个注册令牌,有效期为 30 分钟。
✅ Elasticsearch security features have been automatically configured!
✅ Authentication is enabled and cluster connections are encrypted.
ℹ️ Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
Y*bv6n6Ghbi_gDvPI2_*
ℹ️ HTTP CA certificate SHA-256 fingerprint:
1c1b9e6cc3a1468b586876da80ee3098fc7edd536eeb63f4450ce9bd426d6749
ℹ️ Configure Kibana to use this cluster:
• Run Kibana and click the configuration link in the terminal when Kibana starts.
• Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxOTIuMTY4LjMxLjEzMzo5MjAxIl0sImZnciI6IjFjMWI5ZTZjYzNhMTQ2OGI1ODY4NzZkYTgwZWUzMDk4ZmM3ZWRkNTM2ZWViNjNmNDQ1MGNlOWJkNDI2ZDY3NDkiLCJrZXkiOiJsQkZVZzRBQmN6b00yT0hMcmtkNzpKbFpUU09FQlJZbW44T3UwempPWm9RIn0=
ℹ️ Configure other nodes to join this cluster:
• Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):
eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxOTIuMTY4LjMxLjEzMzo5MjAxIl0sImZnciI6IjFjMWI5ZTZjYzNhMTQ2OGI1ODY4NzZkYTgwZWUzMDk4ZmM3ZWRkNTM2ZWViNjNmNDQ1MGNlOWJkNDI2ZDY3NDkiLCJrZXkiOiJraEZVZzRBQmN6b00yT0hMcmtkMDp4dmo3OVp6V1JwcVo3SUJEdnI4V3pBIn0=
If you're running in Docker, copy the enrollment token and run:
`docker run -e "ENROLLMENT_TOKEN=<token>" docker.elastic.co/elasticsearch/elasticsearch:8.1.3`
- 加入其他节点
# 如果token过期,在主节点运行
bin/elasticsearch-create-enrollment-token -s node
# 生成了enrollment-token,新节点的安装目录中,启动 Elasticsearch 并使用--enrollment-token参数传递注册令牌
bin/elasticsearch --enrollment-token <enrollment-token>
# 以下目录会生成证书和密钥
config/certs
- 最后,可以修改节点配置elasticsearch.yml
# node-1 建议在最初设置,集群建好后不要改,如果要修改只有删除主节点,重新加入集群,参见加入其他节点的操作
cluster.name: cluster133
node.name: node-1
network.host: 192.168.31.133
http.port: 9201
cluster.initial_master_nodes: ["node-1"]
# node-2 (与node-1同ip)
cluster.name: cluster133
node.name: node-2
network.host: 192.168.31.133
http.port: 9202
discovery.seed_hosts: ["127.0.0.1:9301", "192.168.31.133:9301"]
# node-3(另一台)
cluster.name: cluster133
node.name: node-3
network.host: 192.168.31.135
http.port: 9200
discovery.seed_hosts: ["192.168.31.133:9301"]
在第1次连接成功之后,如果以后出现集群启动问题,删除节点中的data目录下所有文件,再次启动即可
A2.linux下kibana安装
-
1.下载运行
curl -O https://artifacts.elastic.co/downloads/kibana/kibana-8.1.3-linux-x86_64.tar.gz #curl https://artifacts.elastic.co/downloads/kibana/kibana-8.1.3-linux-x86_64.tar.gz.sha512 | shasum -a 512 -c - tar -xzf kibana-8.1.3-linux-x86_64.tar.gz cd kibana-8.1.3/ -
如果token过期,启动 Elasticsearch 主节点,并为 Kibana 生成一个注册令牌编辑
./elasticsearch-create-enrollment-token -s kibana --url "https://192.168.31.133:9201"
# eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxOTIuMTY4LjMxLjEzMzo5MjAxIl0sImZnciI6IjFjMWI5ZTZjYzNhMTQ2OGI1ODY4NzZkYTgwZWUzMDk4ZmM3ZWRkNTM2ZWViNjNmNDQ1MGNlOWJkNDI2ZDY3NDkiLCJrZXkiOiJhUUhSZ29BQjhCUHV4TTVheHE0OTpqUWdGaGgxWVFScWM3a3NxOWJuMjRRIn0=
- 启动kibana(若使用vm虚拟机,启动前配置kibana.yml,设置
server.host: "192.168.31.133"<本机地址>,便于外网访问)
./bin/kibana
# 第一次启动会生成一个localhost:XXX,在浏览器访问此地址,elasticsearch生成的kibana token
B1.linux docker:安装 elasticsearch 8.1.3
- 参考文档:https://www.elastic.co/guide/en/elasticsearch/reference/8.1/docker.html
docker pull docker.elastic.co/enterprise-search/enterprise-search:8.1.3
如果在 Docker 容器中启动单节点 Elasticsearch 集群,则会自动为您启用和配置安全性。首次启动 Elasticsearch 时,会自动进行以下安全配置:
- 为传输层和 HTTP 层生成 证书和密钥。
- 传输层安全 (TLS) 配置设置被写入
elasticsearch.yml.- 为
elastic用户生成密码。- 为 Kibana 生成一个注册令牌。
- 首先,配置单节点 Elasticsearch 集群
- 1.准备工作
# 创建网络
docker network create elastic
# 创建目录和文件
/usr/share/elasticsearch/config/es01/elasticsearch.yml
# elasticsearch.yml中保存
network.host: 0.0.0.0
# 新建用户,授权
useradd Elasticsearch
chown -R Elasticsearch:Elasticsearch /usr/share/elasticsearch/config/
- 2.在 Docker 中启动 Elasticsearch。为
elastic用户生成密码并输出到终端,以及用于注册 Kibana 的注册令牌- 建议加上ES_JAVA_OPTS设置,可以避免多节点启动时,其他节点退出的情况
- 运行参数的值自定义,ip,端口用自己物理机或虚拟机ip,port
docker pull docker.elastic.co/elasticsearch/elasticsearch:8.1.3
docker run -e ES_JAVA_OPTS="-Xms2g -Xmx2g" --name es01 --net elastic -p 9201:9200 -p 9301:9300 -it docker.elastic.co/elasticsearch/elasticsearch:8.1.3
# 挂载本地文件夹
docker run -e ES_JAVA_OPTS="-Xms2g -Xmx2g" --name es01 -v ves01:/usr/share/elasticsearch/config --net elastic -p 9201:9200 -p 9301:9300 -it docker.elastic.co/elasticsearch/elasticsearch:8.1.3
- 3.复制生成的密码和注册令牌并将其保存在安全位置。这些值仅在第一次启动 Elasticsearch 时显示
- 如下内容是生成的,要拷贝到一个文件中,后面用:
------------------------------------------------------------------------------------------------------------------------------------------------------------------
-> Elasticsearch security features have been automatically configured!
-> Authentication is enabled and cluster connections are encrypted.
* elastic的密码
-> Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
HRq90iK3wfBrW7sWPZ*7
-> HTTP CA certificate SHA-256 fingerprint:
4bee7b8c89414f49c6747fe1799c76b8d9d253ea6e779288c868a4f91219c6b7
-> Configure Kibana to use this cluster:
* Run Kibana and click the configuration link in the terminal when Kibana starts.
* Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
* kibana用token(30分钟有效)
eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiNGJlZTdiOGM4OTQxNGY0OWM2NzQ3ZmUxNzk5Yzc2YjhkOWQyNTNlYTZlNzc5Mjg4Yzg2OGE0ZjkxMjE5YzZiNyIsImtleSI6IjFjNk5mWUFCSXpOMVQxT0xYckdwOlQzcDBfWFpYUmNpaDdBV0V1R3RycUEifQ==
-> Configure other nodes to join this cluster:
* Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):
* 新加节点用的token(30分钟有效)
zIuMTguMC4yOjkyMDAiXSwiZmdyIjoiNGJlZTdiOGM4OTQxNGY0OWM2NzQ3ZmUxNzk5Yzc2YjhkOWQyNTNlYTZlNzc5Mjg4Yzg2OGE0ZjkxMjE5YzZiNyIsImtleSI6IjFzNk5mWUFCSXpOMVQxT0xYckdwOm1oazA1NVJIUmZtYlpfMVhFSHg3b2cifQ==
If you're running in Docker, copy the enrollment token and run:
`docker run -e "ENROLLMENT_TOKEN=<token>" docker.elastic.co/elasticsearch/elasticsearch:8.1.3`
-----------------------------------------------------------------------------------------------------
- 4.将
http_ca.crt安全证书从 Docker 容器复制到本地计算机。
# /usr/share/elasticsearch/config/certs/ 先建立此目录,以便下一步文件拷贝
docker cp es01:/usr/share/elasticsearch/config/certs/http_ca.crt .
5.http_ca.crt打开一个新终端,并使用从 Docker 容器中复制的文件进行经过身份验证的调用,验证是否可以连接到 Elasticsearch 集群。elastic出现提示时输入用户的密码。
# 在/usr/share/elasticsearch/config/certs/下运行
curl --cacert http_ca.crt -u elastic https://localhost:9201
- 重置密码,运行该
elasticsearch-reset-password工具
# -i 表示手动输入密码, -u 指用户名
docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -i -u elastic
- 浏览器输入:https://192.168.31.139:9201/,安全提示可忽略即可以访问,输入用户名 :elastic/密码,返回如下,表示单节点运行成功!(其中192.168.31.139为docker所在物理机或虚拟机ip)
{
"name": "e8472c952c32",
"cluster_name": "docker-cluster",
"cluster_uuid": "tLrgLl74SPiQjoJanYx3bg",
"version": {
"number": "8.1.3",
"build_flavor": "default",
"build_type": "docker",
"build_hash": "39afaa3c0fe7db4869a161985e240bd7182d7a07",
"build_date": "2022-04-19T08:13:25.444693396Z",
"build_snapshot": false,
"lucene_version": "9.0.0",
"minimum_wire_compatibility_version": "7.17.0",
"minimum_index_compatibility_version": "7.0.0"
},
"tagline": "You Know, for Search"
}
- 其次,加入其他节点:
- 首次启动 Elasticsearch 时,安装过程默认配置单节点集群。此过程还会生成一个注册令牌并将其打印到您的终端。如果您希望节点加入现有集群,请使用生成的注册令牌启动新节点。
- 如果令牌过期,生成新令牌
docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node
- 第二个节点启动时遇到运行第一个节点的容器退出的问题,显式设置 JVM 堆大小的值; 要手动配置堆大小,在启动每个节点时包含 变量和
ES_JAVA_OPTS设置值
# 不指定端口加入,将config目录挂载到ves0x
docker run -e ENROLLMENT_TOKEN="eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxNzIuMTguMC40OjkyMDAiXSwiZmdyIjoiZjY0ODY1ZjU3YjY0ZjA2Njg2ZGIxZTdlN2FiNDdjNmViMjAyYzBlNzFkMzgwMTY3YmIzZjU1MWQ1YzhmOWRmMCIsImtleSI6Im5zNFZoSUFCcHdDN2dYc1NCcWwzOk56MjY0WEJPU0oyOHdtNWY4NTVkWFEifQ==" -v ves02:/usr/share/elasticsearch/config -e ES_JAVA_OPTS="-Xms1g -Xmx1g" --name es02 --net elastic -it docker.elastic.co/elasticsearch/elasticsearch:8.1.3
docker run -e ENROLLMENT_TOKEN="eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiZjY0ODY1ZjU3YjY0ZjA2Njg2ZGIxZTdlN2FiNDdjNmViMjAyYzBlNzFkMzgwMTY3YmIzZjU1MWQ1YzhmOWRmMCIsImtleSI6Ik1NenRnNEFCV3N4UDFjYlVqRHJYOi1Hc0JUUFlQVEgyYTFKMjdDYkRWNVEifQ==" -v ves03:/usr/share/elasticsearch/config -e ES_JAVA_OPTS="-Xms1g -Xmx1g" --name es03 --net elastic -it docker.elastic.co/elasticsearch/elasticsearch:8.1.3
# 也可以指定端口映射加入节点
docker run -e ENROLLMENT_TOKEN="eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiZjY0ODY1ZjU3YjY0ZjA2Njg2ZGIxZTdlN2FiNDdjNmViMjAyYzBlNzFkMzgwMTY3YmIzZjU1MWQ1YzhmOWRmMCIsImtleSI6Ii1aRW5nSUFCTUU2YWFlTFpqMFk1OmVJbkNKVnV0U3VTbHN4QTg0bHRFNkEifQ==" -v ves04:/usr/share/elasticsearch/config -e ES_JAVA_OPTS="-Xms1g -Xmx1g" -p 9202:9200 -p 9302:9300 --name es04 --net elastic -it docker.elastic.co/elasticsearch/elasticsearch:8.1.3
- 以此推加入节点
- 浏览器验证:https://192.168.31.139:9201/_cat/nodes
172.18.0.5 27 88 0 0.88 0.46 0.30 cdfhilmrstw - fa20d93534c4
172.18.0.3 24 88 0 0.88 0.46 0.30 cdfhilmrstw - 826f16400df2
172.18.0.4 21 88 0 0.88 0.46 0.30 cdfhilmrstw - 474212145ad2
172.18.0.2 30 88 0 0.88 0.46 0.30 cdfhilmrstw * e8472c952c32
- 重新启动新加节点,会出现启动失败的情况【关键】(或者启动无提示,docker ps 看不到container),查看docker logs XXX日志,如果出现下面错误,需要调整环境变量
ERROR: Skipping security auto configuration because it appears that the node is not starting up for the first time. The node might already be part of a cluster and this auto setup utility is designed to configure Security for new clusters only.
- 修改container环境变量,修改后,重启docker容器(好让docker重新加载配置文件conig.v2.json)
建议一次将所有从节点的ENROLLMENT_TOKEN删除,再重启
# 将对应id中的config.v2.json修改,删除其中的ENROLLMENT_TOKEN键值对
/var/lib/docker/containers/c4e850f2e79dc7244f19c55fb81f4bfd679f693f96f5f17b0679af7bbfeb8603
B2.linux docker : 安装kibana.8.1.3
-
前提,已经安装,运行elasticsearch;
-
1.拉取image,运行container,当启动 Kibana 时,一个唯一的链接会输出到终端,要访问 Kibana,单击终端中生成的链接
docker pull docker.elastic.co/kibana/kibana:8.1.3
docker run --name kib-01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:8.1.3
- 会出现如下提示:
Go to http://0.0.0.0:5601/?code=639777 to get started.
- 2.如果es令牌过期,为kibana生成新的token
docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana
# 生成的token在 http://xxxx:5601
eyJ2ZXIiOiI4LjEuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiZjY0ODY1ZjU3YjY0ZjA2Njg2ZGIxZTdlN2FiNDdjNmViMjAyYzBlNzFkMzgwMTY3YmIzZjU1MWQ1YzhmOWRmMCIsImtleSI6Im1vSElnNEFCbXNkSmRsTnN6VzRXOk9UQ3hhWWwyVEdPVGs4eS14TlBCYmcifQ==
- 3.启动 Kibana 并将其连接到Elasticsearch 容器
# 将0.0.0.0替换为kibana ip地址,填入生成的token,用户名/密码,启动成功
http://0.0.0.0:5601/?code=639777
C.使用 Docker Compose 启动多节点集群
- 安装docker compose、docker-compose
- 确保下列正常输出
docker compose version
docker-compose version
- 在新建目录中编辑.env
# Password for the 'elastic' user (at least 6 characters)
ELASTIC_PASSWORD=elastic
#
# # Password for the 'kibana_system' user (at least 6 characters)
KIBANA_PASSWORD=elastic
#
# # Version of Elastic products
STACK_VERSION=8.1.3
#
# # Set the cluster name
CLUSTER_NAME=docker-cluster
#
# # Set to 'basic' or 'trial' to automatically start the 30-day trial
LICENSE=basic
# #LICENSE=trial
#
# # Port to expose Elasticsearch HTTP API to the host
ES_PORT=9200
#ES_PORT=127.0.0.1:9200
#
# # Port to expose Kibana to the host
KIBANA_PORT=5601
#KIBANA_PORT=80
#
# # Increase or decrease based on the available host memory (in bytes)
MEM_LIMIT=1073741824
#
# # Project namespace (defaults to the current folder name if not set)
# #COMPOSE_PROJECT_NAME=myproject
-
docker-compose.yml复制官网【形成3个es节点+kibana】
-
参考:https://www.elastic.co/guide/en/elasticsearch/reference/8.1/docker.html
-
运行
# 启动
docker-compose up -d
# 停止
docker-compose down
-
验证:浏览器访问centos_ip:5601
# 例如【输入用户名密码登录】 http://192.168.31.133:5601
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
