es.7.6.1 集群安装

es.7.6.1 集群安装

修改用户文件句柄

• /etc/security/limits.conf

  sed -i "\$a *      -    nofile     1024000"    /etc/security/limits.conf
  sed -i "\$a *      -    nproc      unlimited " /etc/security/limits.conf
  sed -i "\$a *      -    memlock    unlimited " /etc/security/limits.conf
  

下载es 并安装

• 下载es

  wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.1-x86_64.rpm
  

• 安装es(安装包里面包含了jvm)

  yum install elasticsearch-7.6.1-x86_64.rpm -y
  

es集群配置

• /etc/elasticsearch/elasticsearch.yml

cluster.name: es-cluster
node.name: node-1
path.data: /data/elasticsearch
path.logs: /data/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["10.127.40.184","10.127.40.185","10.127.40.186"]
cluster.initial_master_nodes: ["node-1", "node-2","node-3"]
node.master: true
node.data: true
http.cors.enabled: true
http.cors.allow-origin: "*"
indices.fielddata.cache.size: 40%

创建数据和日志目录

mkdir -p /data/elasticsearch /data/log/elasticsearch
chown elasticsearch:elasticsearch  /data/elasticsearch
chown elasticsearch:elasticsearch   /data/log/elasticsearch

启动es

systemctl enable elasticsearch
systemctl start elasticsearch
systemctl status elasticsearch

安装sql 插件

 /usr/share/elasticsearch/bin/elasticsearch-plugin install https://github.com/NLPchina/elasticsearch-sql/releases/download/7.6.1.0/elasticsearch-sql-7.6.1.0.zip

安装cerebro 插件

docker run -d -p 9000:9000 \
--restart=unless-stopped \
--name cerebro \
-v /etc/localtime:/etc/localtime \
-h cerebro \
lmenezes/cerebro

cerebro 插件开启账号登录认证

• 修改/opt/cerebro/conf/application.conf

# Secret will be used to sign session cookies, CSRF tokens and for other encryption utilities.
# It is highly recommended to change this value before running cerebro in production.
secret = "ki:s:[[@=Ag?QI`W2jMwkY:eqvrJ]JqoJyi2axj3ZvOv^/KavOT4ViJSv?6YY4[N"

# Application base path
basePath = "/"

# Defaults to RUNNING_PID at the root directory of the app.
# To avoid creating a PID file set this value to /dev/null
#pidfile.path = "/var/run/cerebro.pid"
pidfile.path=/dev/null

# Rest request history max size per user
rest.history.size = 50 // defaults to 50 if not specified

# Path of local database file
#data.path: "/var/lib/cerebro/cerebro.db"
data.path = "./cerebro.db"

play {
  # Cerebro port, by default it's 9000 (play's default)
  server.http.port = ${?CEREBRO_PORT}
}

es = {
  gzip = true
}

# Authentication
auth = {
  # either basic or ldap
  type: basic
  settings {
    # LDAP
    url = ${?LDAP_URL}
    # OpenLDAP might be something like "ou=People,dc=domain,dc=com"
    base-dn = ${?LDAP_BASE_DN}
    # Usually method should  be "simple" otherwise, set it to the SASL mechanisms to try
    method = ${?LDAP_METHOD}
    # user-template executes a string.format() operation where
    # username is passed in first, followed by base-dn. Some examples
    #  - %s => leave user untouched
    #  - %s@domain.com => append "@domain.com" to username
    #  - uid=%s,%s => usual case of OpenLDAP
    user-template = ${?LDAP_USER_TEMPLATE}
    // User identifier that can perform searches
    bind-dn = ${?LDAP_BIND_DN}
    bind-pw = ${?LDAP_BIND_PWD}
    group-search {
      // If left unset parent's base-dn will be used
      base-dn = ${?LDAP_GROUP_BASE_DN}
      // Attribute that represent the user, for example uid or mail
      user-attr = ${?LDAP_USER_ATTR}
      // Define a separate template for user-attr
      // If left unset parent's user-template will be used
      user-attr-template = ${?LDAP_USER_ATTR_TEMPLATE}
      // Filter that tests membership of the group. If this property is empty then there is no group membership check
      // AD example => memberOf=CN=mygroup,ou=ouofthegroup,DC=domain,DC=com
      // OpenLDAP example => CN=mygroup
      group = ${?LDAP_GROUP}
    }

    # Basic auth
    username = admin
    password = Admin-2021
  }
}

# A list of known hosts
hosts = [
  {
    host = "http://10.127.40.184:9200"
    name = "sgm-es-cluster"
  #  headers-whitelist = [ "x-proxy-user", "x-proxy-roles", "X-Forwarded-For" ]
  }
  # Example of host with authentication
  #{
  #  host = "http://some-authenticated-host:9200"
  #  name = "Secured Cluster"
  #  auth = {
  #    username = "username"
  #    password = "secret-password"
  #  }
  #}
]

• 挂载配置文件运行

 docker run -d -p 9000:9000 --restart=unless-stopped --name cerebro -v /etc/localtime:/etc/localtime -v /data/cerebro/conf/application.conf:/opt/cerebro/conf/application.conf  -h cerebro lmenezes/cerebro

es 通过curl api

---

api接口参考文档

# 查看节点
curl "localhost:9200/_cat/nodes?v"
# 查看master 节点
curl "localhost:9200/_cat/master?v"
# 查看插件
curl "localhost:9200/_cat/plugins?v"
#查看索引
curl "localhost:9200/_cat/indices?v"
#查看别名
curl "http://127.0.0.1:9200/_cat/aliases?v&pretty"
   
tenant_id="dmp"
# 删除索引别名
curl -XPOST 'http://127.0.0.1:9200/_aliases' -H 'Content-Type: application/json' -d "{
    \"actions\": [
        {\"remove\": {\"index\": \"${tenant_id}.profile_v2\", \"alias\": \"${tenant_id}.profile\"}}
    ]
}"
# 删除索引
curl -XDELETE "http://127.0.0.1:9200/${tenant_id}.profile_v2"
# 添加索引
curl -XPUT "http://127.0.0.1:9200/${tenant_id}.profile_v2?pretty" -H 'Content-Type: application/json' -d '{
    "settings":{
        "index.number_of_shards":"15",
        "index.max_result_window":50000,
        "number_of_replicas":0,
        "index.refresh_interval":"300s",
        "index.highlight.max_analyzed_offset":"10000",
        "index.mapping.total_fields.limit":100000
    },
    "mappings":{
        "dynamic_templates":[
            {
                "strings":{
                    "match_mapping_type":"string",
                    "match":"*",
                    "mapping":{
                        "type":"keyword",
                        "norms":false,
                        "fielddata":true
                    }
                }
            }
        ],
        "properties":{
 
        }
    }
}'
 # 索引设置别名
curl -XPOST 'http://127.0.0.1:9200/_aliases' -H 'Content-Type: application/json' -d "{
    \"actions\": [
        {\"add\": {\"index\": \"${tenant_id}.profile_v2\", \"alias\": \"${tenant_id}.profile\"}}
    ]
}"