ElasticSearch 7.15.2集群搭建[CentOS7]
搭建环境
ES-01 172.16.13.210 ES节点
ES-02 172.16.13.211 ES节点
ES-03 172.16.13.212 ES节点
ES-share 172.16.13.213 ES共享存储库
修改系统环境
创建es用户
useradd es
passwd es
配置root用户免秘钥登录
ssh-keygen -t rsa
ssh-copy-id ${主机}
修改vm.max_map_count
修改 /etc/sysctl.conf
vm.max_map_count=262144
修改文件描述符个数
修改/etc/security/limits.conf
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096
创建ES存储及日志目录
mkdir -p /data/es/data
mkdir -p /data/es/logs
chown -R es:es /data/es/
关闭swap
修改配置文件 /etc/fstab
删除 /mnt/swap swap swap defaults 0 0 这一行或者注释掉这一行
调整 swappiness
修改 /etc/sysctl.conf
vm.swappiness=0
sysctl -p
配置共享目录(基于sshfs用于快照存储)
安装(每个节点均执行)
yum install -y epel-release
yum -y install fuse-sshfs
修改配置(每个节点均执行)
修改 /etc/fuse.conf
user_allow_other
创建共享目录(每个节点均执行)
mkdir /share/backups -p
手动挂载
sshfs root@172.16.13.213:/share/backups /share/backups -o allow_other
配置自动挂载
编写脚本 sshfs.sh:
#!/bin/sh
sshfs root@172.16.13.213:/share/backups /share/backups -o allow_other
修改/etc/rc.local
sh /root/sshfs.sh
修改文件权限
chmod +x /etc/rc.d/rc.local
下载解压
下载地址
elasticsearch : https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.15.2-linux-x86_64.tar.gz
kibana:https://artifacts.elastic.co/downloads/kibana/kibana-7.15.2-linux-x86_64.tar.gz
IK分词器:https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.15.2/elasticsearch-analysis-ik-7.15.2.zip
修改配置文件
修改elasticsearch.yml
# 不同节点需要一致
cluster.name: es-cluster
# 不同节点不能相同
node.name: node-01
path.data: /data/es/data
path.logs: /data/es/logs
# 不同节点不能相同
network.host: 172.16.13.210
discovery.seed_hosts: ["172.16.13.210", "172.16.13.211", "172.16.13.212"]
cluster.initial_master_nodes: ["node-01"]
# 快照地址
path.repo: ["/share/backups"]
修改jvm.options
-Xms4g
-Xmx4g
安装ik分词器
创建插件目录并解压
mkdir elasticsearch-7.15.2/plugins/ik
cd elasticsearch-7.15.2/plugins/ik
unzip elasticsearch-analysis-ik-7.15.2.zip
生成CA证书
在bin目录执行
./elasticsearch-certutil ca
使用CA证书生成p12秘钥
./elasticsearch-certutil cert --ca elastic-stack-ca.p12
复制秘钥文件到config/certs文件夹下
cp elastic-certificates.p12 config/certs/
cp elastic-stack-ca.p12 config/certs/
添加秘钥库
./elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
./elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
修改配置文件
# 开启xpack
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
# 证书配置
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
启动
./elasticsearch -d
设置用户密码
./elasticsearch-setup-passwords interactive
开放端口
firewall-cmd --zone=public --add-port=9200/tcp --permanent
firewall-cmd --zone=public --add-port=9300/tcp --permanent
firewall-cmd --reload
安装kibana
修改 kibana.yml
server.host: "0.0.0.0"
server.publicBaseUrl: "http://172.16.13.210:5601"
elasticsearch.hosts: ["http://172.16.13.210:9200"]
elasticsearch.username: "root"
elasticsearch.password: "123456"
i18n.locale: "zh-CN"
开放端口
firewall-cmd --zone=public --add-port=5601/tcp --permanent
firewall-cmd --reload
设置快照
创建存储库
PUT _snapshot/backup_repo/
{
"type": "fs",
"settings": {
"location": "test",
"max_snapshot_bytes_per_sec" : "1000mb",
"max_restore_bytes_per_sec" : "1000mb"
}
}
创建快照
PUT _snapshot/backup_repo/test_data_index_backup_2021-11-29
{
"indices": "test_data_index",
"ignore_unavailable": true,
"include_global_state": false
}
查看快照
GET _snapshot/backup_repo/test_data_index_backup_2021-11-29
删除快照
DELETE _snapshot/backup_repo/test_data_index_backup_2021-11-29
删除仓库
DELETE _snapshot/backup_repo
恢复快照
根据快照新建索引
POST _snapshot/backup_repo/test_data_index_backup_2021-11-29/_restore
{
"indices": "test_data_index",
"ignore_unavailable": true,
"include_global_state": true,
"rename_pattern": "test_data_index",
"rename_replacement": "restored_test_index"
}
恢复已有索引
POST test_data_index/_close
POST _snapshot/backup_repo/test_data_index_backup_2021-11-29/_restore
{
"indices": "test_data_index",
"ignore_unavailable": true,
"include_global_state": true
}
查看恢复状态
GET _cat/recovery/test_data_index?v