Linux下安装单机版Elasticsearch
一、下载和解压安装包
1.1 下载
cd /usr/local
官网下载地址:https://www.elastic.co/cn/downloads/elasticsearch
或者命令直接下载:
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.13.2-linux-x86_64.tar.gz
1.3 解压:
tar -zxvf elasticsearch-7.13.2-linux-x86_64.tar.gz -C /usr/local/
二、解决es强依赖jdk问题
由于es和jdk是一个强依赖的关系,所以当我们在新版本的ElasticSearch压缩包中包含有自带的jdk,但是当我们的Linux中已经安装了jdk之后,就会发现启动es的时候优先去找的是Linux中已经装好的jdk,此时如果jdk的版本不一致,就会造成jdk不能正常运行,报错如下:
注:如果Linux服务本来没有配置jdk,则会直接使用es目录下默认的jdk,反而不会报错
warning: usage of JAVA_HOME is deprecated, use ES_JAVA_HOME
Future versions of Elasticsearch will require Java 11; your Java version from [/usr/local/jdk1.8.0_291/jre] does not meet this requirement. Consider switching to a distribution of Elasticsearch with a bundled JDK. If you are already using a distribution with a bundled JDK, ensure the JAVA_HOME environment variable is not set.
解决:
进入es的bin目录
cd /usr/local/elasticsearch-7.13.2/bin
修改elasticsearch配置
vim ./elasticsearch
############## 添加配置解决jdk版本问题 ##############
# 将jdk修改为es中自带jdk的配置目录
export JAVA_HOME=/usr/local/elasticsearch-7.13.2/jdk
export PATH=$JAVA_HOME/bin:$PATH
if [ -x "$JAVA_HOME/bin/java" ]; then
JAVA="/usr/local/elasticsearch-7.13.2/jdk/bin/java"
else
JAVA=`which java`
fi
三、解决内存不足问题
由于 elasticsearch 默认分配 jvm空间大小为2g,修改 jvm空间,如果Linux服务器本来配置就很高,可以不用修改。
error:
OpenJDK 64-Bit Server VM warning: INFO: os::commit_memory(0x00000000c6a00000, 962592768, 0) failed; error='Not enough space' (errno=12)
at org.elasticsearch.tools.launchers.JvmOption.flagsFinal(JvmOption.java:119)
at org.elasticsearch.tools.launchers.JvmOption.findFinalOptions(JvmOption.java:81)
at org.elasticsearch.tools.launchers.JvmErgonomics.choose(JvmErgonomics.java:38)
at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.java:13
进入config文件夹开始配置,编辑jvm.options:
vim /usr/local/elasticsearch-7.13.2/config/jvm.options
默认配置如下:
-Xms2g
-Xmx2g
默认的配置占用内存太多了,调小一些:
-Xms256m
-Xmx256m
四、创建专用用户启动ES
root用户不能直接启动Elasticsearch,所以需要创建一个专用用户,来启动ES
java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:101)
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:168)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:397)
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159)
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150)
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116)
at org.elasticsearch.cli.Command.main(Command.java:79)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:81)
创建用户
useradd user-es
创建所属组:
chown user-es:user-es -R /usr/local/elasticsearch-7.13.2
切换到user-es
用户
su user-es
进入bin目录
cd /usr/local/elasticsearch-7.13.2/bin
启动elasticsearch
./elasticsearch 或者
elasticsearch -d 或者
./bin/elasticsearch &
如果出现如下错误信息(最大文件数太小、线程太小、内存太低),解决方式:
4.1 修改ES核心配置信息
执行命令修改elasticsearch.yml文件内容
vim /usr/local/elasticsearch-7.13.2/config/elasticsearch.yml
修改数据和日志目录,这里可以不用修改,如果不修改,默认放在elasticsearch根目录下
# 数据目录位置
path.data: /home/新用户名称/elasticsearch/data
# 日志目录位置
path.logs: /home/新用户名称/elasticsearch/logs
修改绑定的ip允许远程访问
#默认只允许本机访问,修改为0.0.0.0后则可以远程访问
# 绑定到0.0.0.0,允许任何ip来访问
network.host: 0.0.0.0
初始化节点名称
cluster.name: elasticsearch
node.name: es-node0
cluster.initial_master_nodes: ["es-node0"]
修改端口号(非必须)
http.port: 19200
五、vm.max_map_count [65530] is too low问题
上面几个步骤依然没启动成功,继续解决问题:
ERROR: [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.
bootstrap check failure [1] of [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
elasticsearch用户拥有的内存权限太小,至少需要262144,解决办法:
在 /etc/sysctl.conf
文件最后添加如下内容,即可永久修改
切换到root用户
su root
执行命令
vim /etc/sysctl.conf
添加如下内容
vm.max_map_count=262144
保存退出,刷新配置文件
sysctl -p
切换user-es用户,继续启动
su user-es
启动es服务
/usr/local/elasticsearch-7.13.2/bin/elasticsearch
启动成功后,可以通过http://127.0.0.1:19200/访问,如果出现以下内容,说明ES安装成功:
{
"name": "es-node0",
"cluster_name": "elasticsearch",
"cluster_uuid": "SRwJX4sYQ8el4N5wj4tOmA",
"version": {
"number": "7.13.2",
"build_flavor": "default",
"build_type": "tar",
"build_hash": "4d960a0733be83dd2543ca018aa4ddc42e956800",
"build_date": "2021-06-10T21:01:55.251515791Z",
"build_snapshot": false,
"lucene_version": "8.8.2",
"minimum_wire_compatibility_version": "6.8.0",
"minimum_index_compatibility_version": "6.0.0-beta1"
},
"tagline": "You Know, for Search"
}
六、可能遇到的max file descriptors [4096]问题
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
切换到root用户,执行命令:
vi /etc/security/limits.conf
添加如下内容:
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096
然后重启linux
七、ES服务的启动与停止
前台运行,Ctrl + C 则程序终止
/usr/local/elasticsearch-7.13.2/bin/elasticsearch
后台运行
/usr/local/elasticsearch-7.13.2/bin/elasticsearch -d
出现started时启动完成
关闭ES服务
kill pid
说明:
Elasticsearch端口9300、9200,其中:
9300是tcp通讯端口,集群ES节点之间通讯使用,9200是http协议的RESTful接口
八、为Elasticsearch设置登录密码
ES7.x以后的版本将安全认证功能免费开放了,并将X-pack插件集成了到了开源的ElasticSearch版本中。下面将介绍如何利用X-pack给ElasticSearch相关组件设置用户名和密码。
编辑配置文件
vim /usr/local/elasticsearch-7.13.2/config/elasticsearch.yml
在 elasticsearch.yml 末尾,加入以下内容:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
编辑内容后重启Elasticsearch服务
设置用户名和密码
/usr/local/elasticsearch-7.13.2/bin/elasticsearch-setup-passwords interactive
密码设置过程
[esadmin@****** elasticsearch-7.2.0-a]$ bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
[esadmin@******* elasticsearch-7.2.0-a]$
内置用户:
默认用户名为:elastic,只能修改密码不能设置账户(目前只会这些)
用户名 | 用户名 |
---|---|
elastic | 超级用户 |
kibana | 用于负责Kibana连接Elasticsearch |
logstash_system | Logstash将监控信息存储在Elasticsearch中时使用 |
beats_system | Beats在Elasticsearch中存储监视信息时使用 |
apm_system | APM服务器在Elasticsearch中存储监视信息时使用 |
remote_monitoring_user | Metricbeat用户在Elasticsearch中收集和存储监视信息时使用 |
设置了访问密码,再次访问ES时,需要输入密码
九、处理Elasticsearch登录报错SSL证书问题
打开elasticsearch.yml,放入当前代码 开启安全设置 默认情况下为false
9.1 配置节点间通讯传输的安全性
如果仅仅只是打开了安全设置启动时可能会报错
Transport SSL must be enabled if security is enabled on a [basic] license. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]
Caused by: javax.net.ssl.SSLHandshakeException: No available authentication scheme。
这是因为传输网络层用于集群中节点之间的内部通信。启用安全功能后,必须使用TLS来确保节点之间的通信已加密。为节点间通讯配置安全策略需要两个步骤:
1.生成节点间安全策略使用的CA证书
elasticsearch-certutil ca
Please enter the desired output file [elastic-stack-ca.p12]: #这里直接回车即可
Enter password for elastic-stack-ca.p12 : #这里直接回车即可,不要设置密码
设置完毕后,会在/usr/local/elasticsearch-7.13.2下看到新生成的文件:elastic-stack-ca.p12
假如在生成证书的时候设置了密码,会导致无法启动ES,报错:
ElasticsearchSecurityException[failed to load SSL configuration [xpack.security.transport.ssl]]; nested: ElasticsearchException[failed to create trust manager]; nested: ElasticsearchException[failed to initialize SSL TrustManager]; nested: IOException[keystore password was incorrect]; nested: UnrecoverableKeyException[failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.];
Likely root cause: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
2.生成p12秘钥
使用第一步生成的证书,生成p12秘钥:elasticsearch-certutil cert --ca elastic-stack-ca.p12
下面三项直接回车即可:
Enter password for CA (elastic-stack-ca.p12) #直接回车即可
Please enter the desired output file [elastic-certificates.p12]: #直接回车即可
Enter password for elastic-certificates.p12 : #这里直接回车即可,不要设置密码,否则后面ES会启动不了
Certificates written to /usr/local/elasticsearch-7.13.2/elastic-certificates.p12
设置完毕后,会在/usr/local/elasticsearch-7.13.2下看到新生成的文件:elastic-certificates.p12
拷贝p12秘钥文件到certs目录下:
cd /usr/local/elasticsearch-7.13.2/config
mkdir certs
cp /usr/local/elasticsearch-7.13.2/elastic-certificates.p12 certs/
修改所有ES节点的配置文件
vi /usr/local/elasticsearch-7.13.2/config/elasticsearch.yml
添加:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-7.13.2/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-7.13.2/config/certs/elastic-certificates.p12
注意:我这里写的是绝对路径
3.重启各ES节点
启动命令:
elasticsearch -d 或者
./bin/elasticsearch &
curity.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-7.13.2/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-7.13.2/config/certs/elastic-certificates.p12
注意:我这里写的是绝对路径
##### 3.重启各ES节点
启动命令:
elasticsearch -d 或者
./bin/elasticsearch &