下载elastic search
下载网站:https://www.elastic.co/cn/
解压:tar zxvf elasticsearch-7.2.tar.gz
将解压目录重命名:mv elasticsearch-7.2 elasticsearch
创建用户
elasticsearch不允许使用root用户操作,因此需要新建es用户。
创建用户组:groupadd es
创建用户:useradd es -g es
将elasticsearch授权给es用户:chown -R es:es /usr/local/soft/elasticsearch
配置
再次只介绍基础的单节点配置,集群配置会在后续博文中发出。
在/home/es下创建es/data和es/logs目录,用于存储elasticsearch数据和操作日志。
将es授权给es用户:chown -R es:es /home/es/es/
修改elasticsearch安装目录下config/elasticsearch.yml文件:
cluster.name: q-es-01
node.name: q-node-01
path.data: /home/es/es/data
path.logs: /home/es/es/logs
bootstrap.memory_lock: false
network.host: 192.168.1.66
http.port: 9200
discovery.seed_hosts: ["192.168.1.66"]
cluster.initial_master_nodes: ["q-node-01"]
启动
切换es用户:su es
简单启动
进入elasticsearch安装目录/bin目录下,执行./elasticsearch即可启动。
若启动报错:Native controller process has stopped - no new native processes can be started,解决方式如下:
使用root用户,执行命令 vi /etc/security/limits.conf,在该文件中加如下面几行(es是elastic search用户)
es soft nofile 65536
es hard nofile 65536
es soft nproc 4096
es hard nproc 4096
执行命令cd /etc/security/limits.d进入到limits.d目录,执行命令vi 20-nproc.conf,将该文件中* soft nproc 4096中的*改为es用户名,即es soft nproc 4096;执行命令vi /etc/sysctl.conf,在该文件中加入vm.max_map_count = 655360,执行sysctl -p命令使上述配置生效。
重新执行./elasticsearch启动elasticsearch,访问 ip:9200,若返回如下结果,说明启动成功:
后台启动
方式一:通过./elasticsearch -d启动
在elasticsearch安装目录下bin目录执行./elasticsearch -d即可实现后台启动。
方式二:通过systemctl start elasticsearch启动
1. 在/var/run下创建目录elasticsearch用于存储pid文件,并将/var/run/elasticsearch授权给es用户,在/etc/sysconfig/下创建elasticsearch文件,内容如下
#######################
# Elasticsearch #
#######################
# es安装路径
ES_HOME=/usr/local/soft/elasticsearch
# jdk安装目录
JAVA_HOME=/usr/local/soft/java
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JAVA_HOMR/jre/lib
# es配置文件所在目录
ES_PATH_CONF=/usr/local/soft/elasticsearch/config
# pid文件所在目录
PID_DIR=/var/run/elasticsearch
#############################
# Elasticsearch Service #
#############################
# SysV init.d
# The number of seconds to wait before checking if elasticsearch started successfully as a daemon process
ES_STARTUP_SLEEP_TIME=5
################################
# Elasticsearch Properties #
################################
# Specifies the maximum file descriptor number that can be opened by this process
# When using Systemd,this setting is ignored and the LimitNOFILE defined in
# /usr/lib/systemd/system/elasticsearch.service takes precedence
#MAX_OPEN_FILES=65536
# The maximum number of bytes of memory that may be locked into RAM
# Set to "unlimited" if you use the 'bootstrap.memory_lock: true' option
# in elasticsearch.yml.
# When using Systemd,LimitMEMLOCK must be set in a unit file such as
# /etc/systemd/system/elasticsearch.service.d/override.conf.
#MAX_LOCKED_MEMORY=unlimited
# Maximum number of VMA(Virtual Memory Areas) a process can own
# When using Systemd,this setting is ignored and the 'vm.max_map_count'
# property is set at boot time in /usr/lib/sysctl.d/elasticsearch.conf
#MAX_MAP_COUNT=262144
2. 在/usr/lib/systemd/system/下新建文件elasticsearch.service,内容如下
[Unit]
Description=Elasticsearch
Documentation=http://www.elastic.co
Wants=network-online.target
After=network-online.target
[Service]
# es安装目录
Environment=ES_HOME=/usr/local/soft/elasticsearch
# es配置文件目录
Environment=ES_PATH_CONF=/usr/local/soft/elasticsearch/config
# pid文件存储目录
Environment=PID_DIR=/var/run/elasticsearch
# es用户
User=es
# es用户组
Group=es
ExecStart=/usr/local/soft/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid
# StandardOutput is configured to redirect to journalctl since
# some error messages may be logged in standard output before
# elasticsearch logging system is initialized. Elasticsearch
# stores its logs in /var/log/elasticsearch and does not use
# journalctl by default. If you also want to enable journalctl
# logging, you can simply remove the "quiet" option from ExecStart.
StandardOutput=journal
StandardError=inherit
# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65536
# Specifies the maximum number of process
LimitNPROC=4096
# Specifies the maximum size of virtual memory
LimitAS=infinity
# Specifies the maximum file size
LimitFSIZE=infinity
# Disable timeout logic and wait until process is stopped
TimeoutStopSec=0
# SIGTERM signal is used to stop the Java process
KillSignal=SIGTERM
# Send the signal only to the JVM rather than its control group
KillMode=process
# Java process is never killed
SendSIGKILL=no
# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143
[Install]
WantedBy=multi-user.target
执行命令chmod +x /usr/lib/systemd/system/elasticsearch.service赋予elasticsearch.service执行权限;
执行命令systemctl daemon-reload重新加载systemctl;
执行命令systemctl enable elasticsearch.service设置es开机启动;
执行systemctl start elasticsearch启动es(不用切换到es用户,已经在elasticsearch.service中配置es用户了);
执行systemctl status elasticsearch查看es状态;
执行systemctl restart elasticsearch重启es;
执行systemctl stop elasticsearch停止es;
可执行jps查看进程。
设置访问密码
在elasticsearch.yml中添加:
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
重启elastic search,在elasticsearch/bin目录下执行命令./elasticsearch-setup-passwords interactive进行密码设置,设置成功后提示:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
设置成功后,重启elasticsearch,在浏览器中访问ip:9200,输入用户名(elastic)+密码即可访问。
若成功启动后,没法访问elastic search,那么有可能是防火墙端口每开放。