elasticsearch--安装配置

点击这里了解更多elasticsearch知识

下载elastic search

下载网站：https://www.elastic.co/cn/

解压：tar zxvf elasticsearch-7.2.tar.gz

将解压目录重命名：mv elasticsearch-7.2 elasticsearch

创建用户

elasticsearch不允许使用root用户操作，因此需要新建es用户。

创建用户组：groupadd es

创建用户：useradd es -g es

将elasticsearch授权给es用户：chown -R es:es /usr/local/soft/elasticsearch

配置

再次只介绍基础的单节点配置，集群配置会在后续博文中发出。

在/home/es下创建es/data和es/logs目录，用于存储elasticsearch数据和操作日志。

将es授权给es用户：chown -R es:es /home/es/es/

修改elasticsearch安装目录下config/elasticsearch.yml文件：

cluster.name: q-es-01

node.name: q-node-01

path.data: /home/es/es/data

path.logs: /home/es/es/logs

bootstrap.memory_lock: false

network.host: 192.168.1.66

http.port: 9200

discovery.seed_hosts: ["192.168.1.66"]

cluster.initial_master_nodes: ["q-node-01"]

启动

切换es用户：su es

简单启动

进入elasticsearch安装目录/bin目录下，执行./elasticsearch即可启动。

若启动报错：Native controller process has stopped - no new native processes can be started，解决方式如下：

使用root用户，执行命令 vi /etc/security/limits.conf，在该文件中加如下面几行（es是elastic search用户）

es soft nofile 65536
es hard nofile 65536
es soft nproc 4096
es hard nproc 4096

执行命令cd /etc/security/limits.d进入到limits.d目录，执行命令vi 20-nproc.conf，将该文件中*  soft    nproc     4096中的*改为es用户名，即es  soft    nproc     4096；执行命令vi /etc/sysctl.conf，在该文件中加入vm.max_map_count = 655360，执行sysctl -p命令使上述配置生效。

重新执行./elasticsearch启动elasticsearch，访问 ip:9200，若返回如下结果，说明启动成功：

后台启动

方式一：通过./elasticsearch -d启动

在elasticsearch安装目录下bin目录执行./elasticsearch -d即可实现后台启动。

方式二：通过systemctl start elasticsearch启动

1. 在/var/run下创建目录elasticsearch用于存储pid文件，并将/var/run/elasticsearch授权给es用户，在/etc/sysconfig/下创建elasticsearch文件，内容如下

#######################
#    Elasticsearch    #
#######################

# es安装路径
ES_HOME=/usr/local/soft/elasticsearch

# jdk安装目录
JAVA_HOME=/usr/local/soft/java
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JAVA_HOMR/jre/lib

# es配置文件所在目录
ES_PATH_CONF=/usr/local/soft/elasticsearch/config

# pid文件所在目录
PID_DIR=/var/run/elasticsearch

#############################
#   Elasticsearch Service   #
#############################

# SysV init.d
# The number of seconds to wait before checking if elasticsearch started successfully as a daemon process
ES_STARTUP_SLEEP_TIME=5

################################
#   Elasticsearch Properties   #
################################
# Specifies the maximum file descriptor number that can be opened by this process
# When using Systemd,this setting is ignored and the LimitNOFILE defined in
# /usr/lib/systemd/system/elasticsearch.service takes precedence
#MAX_OPEN_FILES=65536

# The maximum number of bytes of memory that may be locked into RAM
# Set to "unlimited" if you use the 'bootstrap.memory_lock: true' option
# in elasticsearch.yml.
# When using Systemd,LimitMEMLOCK must be set in a unit file such as
# /etc/systemd/system/elasticsearch.service.d/override.conf.
#MAX_LOCKED_MEMORY=unlimited

# Maximum number of VMA(Virtual Memory Areas) a process can own
# When using Systemd,this setting is ignored and the 'vm.max_map_count'
# property is set at boot time in /usr/lib/sysctl.d/elasticsearch.conf
#MAX_MAP_COUNT=262144

2. 在/usr/lib/systemd/system/下新建文件elasticsearch.service，内容如下

[Unit]
Description=Elasticsearch
Documentation=http://www.elastic.co
Wants=network-online.target
After=network-online.target

[Service]
# es安装目录
Environment=ES_HOME=/usr/local/soft/elasticsearch
# es配置文件目录
Environment=ES_PATH_CONF=/usr/local/soft/elasticsearch/config
# pid文件存储目录
Environment=PID_DIR=/var/run/elasticsearch

# es用户
User=es
# es用户组
Group=es
ExecStart=/usr/local/soft/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid

# StandardOutput is configured to redirect to journalctl since
# some error messages may be logged in standard output before
# elasticsearch logging system is initialized. Elasticsearch
# stores its logs in /var/log/elasticsearch and does not use
# journalctl by default. If you also want to enable journalctl
# logging, you can simply remove the "quiet" option from ExecStart.
StandardOutput=journal
StandardError=inherit

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65536

# Specifies the maximum number of process
LimitNPROC=4096

# Specifies the maximum size of virtual memory
LimitAS=infinity

# Specifies the maximum file size
LimitFSIZE=infinity

# Disable timeout logic and wait until process is stopped
TimeoutStopSec=0

# SIGTERM signal is used to stop the Java process
KillSignal=SIGTERM

# Send the signal only to the JVM rather than its control group
KillMode=process

# Java process is never killed
SendSIGKILL=no

# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143
 
[Install]
WantedBy=multi-user.target

执行命令chmod +x /usr/lib/systemd/system/elasticsearch.service赋予elasticsearch.service执行权限；

执行命令systemctl daemon-reload重新加载systemctl；

执行命令systemctl enable elasticsearch.service设置es开机启动；

执行systemctl start elasticsearch启动es（不用切换到es用户，已经在elasticsearch.service中配置es用户了）；

执行systemctl status elasticsearch查看es状态；

执行systemctl restart elasticsearch重启es；

执行systemctl stop elasticsearch停止es；

可执行jps查看进程。

 

设置访问密码

在elasticsearch.yml中添加：

http.cors.enabled: true

http.cors.allow-origin: "*"

http.cors.allow-headers: Authorization

xpack.security.enabled: true

xpack.security.transport.ssl.enabled: true

重启elastic search，在elasticsearch/bin目录下执行命令./elasticsearch-setup-passwords interactive进行密码设置，设置成功后提示：

Changed password for user [apm_system]

Changed password for user [kibana]

Changed password for user [logstash_system]

Changed password for user [beats_system]

Changed password for user [remote_monitoring_user]

Changed password for user [elastic]

设置成功后，重启elasticsearch，在浏览器中访问ip:9200，输入用户名（elastic）+密码即可访问。

 

若成功启动后，没法访问elastic search，那么有可能是防火墙端口每开放。