1.创建用户
useradd es
su - es
2.下载最新的包
https://www.elastic.co/cn/downloads/elasticsearch
3.解压
tar -zxvf elasticsearch-8.7.1-linux-x86_64.tar.gz
mv elasticsearch-8.7.1 elasticsearch
4.生成证书
./bin/elasticsearch-certutil ca
This tool assists you in the generation of X.509 certificates and certificate
signing requests for use with SSL/TLS in the Elastic stack.
The 'ca' mode generates a new 'certificate authority'
This will create a new X.509 certificate and private key that can be used
to sign certificate when running in 'cert' mode.
Use the 'ca-dn' option if you wish to configure the 'distinguished name'
of the certificate authority
By default the 'ca' mode produces a single PKCS#12 output file which holds:
* The CA certificate
* The CA's private key
If you elect to generate PEM format certificates (the -pem option), then the output will
be a zip file containing individual files for the CA certificate and private key
Please enter the desired output file [elastic-stack-ca.p12]: 【不用管,直接回车】
Enter password for elastic-stack-ca.p12 : 【输入密码】
5.生成秘钥
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
6.将凭证迁移到指定目录
mkdir ./config/cert
mv ./elastic-certificates.p12 ./config/cert/
chmod 777 ./config/cert/elastic-certificates.p12
7.修改配置文件
vim ./config/elasticsearch.yml
cluster.name: app-es
node.name: es-node0
path.data: /home/es/elasticsearch/data
path.logs: /home/es/elasticsearch/logs
network.host: 0.0.0.0
http.port: 19200
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Type,Content-Length
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: cert/elastic-certificates.p12
truststore.path: cert/elastic-certificates.p12
cluster.initial_master_nodes: ["es-node0"]
8.在各个节点上添加密码
./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
输入之前设置的密码
./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
输入之前设置的密码
9.后台启动
./bin/elasticsearch -d
10.设置密码
./bin/elasticsearch-setup-passwords interactive
11.重设默认用户elastic密码
./elasticsearch-reset-password -u elastic -i
执行命令之后,输入y 在输入两次密码即可
12.浏览器访问
http://192.168.2.60:19200/
输入用户名密码,出现下面内容即是安装成功
{
"name" : "es-node0",
"cluster_name" : "packdt-es",
"cluster_uuid" : "iyfbeI0BT-OyMPM_eZMuQg",
"version" : {
"number" : "8.7.1",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "f229ed3f893a515d590d0f39b05f68913e2d9b53",
"build_date" : "2023-04-27T04:33:42.127815583Z",
"build_snapshot" : false,
"lucene_version" : "9.5.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
13.配置系统参数
修改系统参数的目的是确保系统有足够的资源启动 Elasticsearch。
(a)设置内核参数
vi /etc/sysctl.conf
增加以下参数
vm.max_map_count=655360
执行以下命令,确保参数生效:
sysctl -p
(b)设置资源参数
vi /etc/security/limits.conf
在末尾增加如下
* soft nofile 65536
* hard nofile 131072
* soft nproc 65536
* hard nproc 131072
(c)设置用户资源参数
vi /etc/security/limits.d/20-nproc.conf
添加如下:
# 设置elk用户参数
elk soft nproc 65536