【centos7.5】安装elk7.3

【centos7.5】安装elk7.3.md

环境要求：

# jdk 最低版本是8 
java -version echo 
$JAVA_HOME 
# 操作系统：centos7 
bash-4.2$ cat /etc/centos-release CentOS Linux release 7.5.1804 (Core) 

elasticsearch安装步骤 官网

安装

# 建议本地用迅雷下载好传上去，官方的yum源或者wget太慢了 
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.2-x86_64.rpm 
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.2-x86_64.rpm.sha512 shasum -a 512 -c elasticsearch-7.3.2-x86_64.rpm.sha512 
sudo rpm --install elasticsearch-7.3.2-x86_64.rpm 

2. 启动

# 安装完成之后，es会自动创建elasticsearch用户和用户组,官方的启动方式是如下： 
# 启动 
systemctl start elasticsearch 
# 关闭 
systemctl stop elasticsearch 

但是，官方启动我用的时候是有问题的，我还是比较喜欢按照套路来走,用elasticsearch用户去进行相关操作

# 设置密码(elasticsearch用户和组已经创建，但是不能登录) 
passwd elasticsearch 
# 系统添加的默认用户是不能登录的，需要更改/etc/passwd，改成如下 
elasticsearch:x:996:994:elasticsearch 
user:/home/elasticsearch:/bin/bash 
# 登录elasticsearch用户 
su elasticsearch 
# 切换到安装目录执行 
./bin/elasticsearch 

3. 插件安装

# 查看运行状态 
ps aux|grep elasticsearch 
# 添加中文分词插件 
./elasticsearch-plugin install \ https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.3.2/elasticsearch-analysis-ik-7.3.2.zip 
# 重启es使之生效 
systemctl restart elasticsearch 

4. 错误处理

5. • max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]

# 切换到root,在末尾处添加 
1. vim /etc/security/limits.conf 
* hard nofile 65536 
* soft nofile 65536 
root soft nproc 5000 
root hard nproc 5000 
2. 重新登录 

• max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

# 解决方案 
1、切换到root用户修改配置sysctl.conf 
vim /etc/sysctl.conf 
添加下面配置： 
vm.max_map_count=655360 
并执行命令： 
sysctl -p 

• the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured

# 解决方案 编辑yml文件，取消下面一行的注释 
# node.name: node-1 
更新集群节点 
cluster.initial_master_nodes: ["node-1"] 

• Cannot open file /var/log/elasticsearch/gc.log due to Permission denied

# 给用户添加权限
chown -R elasticsearch:elasticsearch /var/log/elasticsearch/ 

5. 外网访问

# 更新elasticsearch.yml 
network.host: 0.0.0.0 
# 开放防火墙 
# 开放端口 
firewall-cmd --zone=public --add-port=9200/tcp --permanent 
# 更新规则 
firewall-cmd --reload 

6. 启动与关闭

# elasticsearch 用户执行 
./bin/elasticsearch -d 
ps -ef|grep elasticsearch|grep bootstrap |awk '{print $2}' |xargs kill -9 

7. 开机启动

• 脚本

#!/bin/sh 
#chkconfig: 2345 80 05 
#description: elasticsearch 
export JAVA_HOME=/usr/java/jdk1.8.0_221-amd64 
export JAVA_BIN=/usr/java/jdk1.8.0_221-amd64 
export PATH=$PATH:$JAVA_HOME/bin 
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar 
export JAVA_HOME JAVA_BIN PATH CLASSPATH case "$1" in start) 
su elasticsearch