版本选择
# centos7也类似,改一下yum源即可
centos8.5
elasticsearch 8.2
基础服务器信息--节点角色规划
10.4.2.101 8C16G64G data-hot client centos8 16C48G(JVM24G)
10.4.2.102 8C16G64G data-hot client centos8 16C48G(JVM24G)
10.4.2.103 8C16G64G data-hot client centos8 16C48G(JVM24G)
10.4.2.104 8C16G64G data-warm centos8 16C48G(JVM24G)
10.4.2.105 8C16G64G data-warm centos8 16C48G(JVM24G)
10.4.2.106 8C16G64G data-warm centos8 16C48G(JVM24G)
10.4.2.107 8C16G64G master centos8 8C16G(JVM8G) 临时data
10.4.2.108 8C16G64G master centos8 8C16G(JVM8G)
10.4.2.109 8C16G64G master centos8 8C16G(JVM8G)
一、基础配置
基础配置-略
关闭selinux
关闭防火墙/关闭开机防火墙自启
修改主机名
hostnamectl set-hostname elasticsearch-secure107
hostnamectl set-hostname elasticsearch-secure108
hostnamectl set-hostname elasticsearch-secure109
基础配置优化
修改/etc/security/limits.conf,做以下配置,*表示所有用户,也可以指定用户elastic
~]# vi /etc/security/limits.conf
* soft nproc 65536
* hard nproc 65536
* soft nofile 65536
* hard nofile 65536
重新bash,然后命令 ulimit -Hn 即显示 65536
~]# bash
~]# ulimit -Hn
65536
2、
~]# echo "vm.max_map_count=262144" >>/etc/sysctl.conf
~]# sysctl -p
安装基本工具
yum -y install vim net-tools
时间同步
~]# yum -y install chrony
~]# systemctl restart chronyd
二、添加yum,安装软件,添加阿里云的yum即可
添加dns,然后
~]# rm -rf /etc/yum.repos.d/*
~]# echo "nameserver 119.29.29.29" >/etc/resolv.conf
华为源
~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://repo.huaweicloud.com/repository/conf/CentOS-8-reg.repo
[root@localhost yum.repos.d]# ls
bak CentOS-Base.repo
阿里源
~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
~]# vi /etc/yum.repos.d/Centos-Linux-PowerTools.repo
[powertools]
name=CentOS Linux $releasever - PowerTools
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=PowerTools&infra=$infra
baseurl=https://mirrors.aliyun.com/centos-vault/8.5.2111/PowerTools/x86_64/os/
#baseurl=https://mirrors.tuna.tsinghua.edu.cn/$contentdir/$releasever/PowerTools/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
配置elasticsearch源
~]# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
~]# vi /etc/yum.repos.d/elasticsearch.repo
[elasticsearch]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=0
autorefresh=1
type=rpm-md
sudo yum install --enablerepo=elasticsearch elasticsearch
三、创建数据目录,三台 master
~]# mkdir -p /data/elasticsearch
~]# chown elasticsearch:elasticsearch /data/elasticsearch
四、正式配置---master
~]# cd /etc/elasticsearch/
]# ll
total 48
drwxr-x--- 2 root elasticsearch 62 Jun 12 03:23 certs
-rw-rw---- 1 root elasticsearch 536 Jun 12 03:23 elasticsearch.keystore
-rw-rw---- 1 root elasticsearch 1042 May 25 23:52 elasticsearch-plugins.example.yml
-rw-rw---- 1 root elasticsearch 4244 Jun 12 03:23 elasticsearch.yml
-rw-rw---- 1 root elasticsearch 3046 May 25 23:52 jvm.options
drwxr-s--- 2 root elasticsearch 6 May 25 23:54 jvm.options.d
-rw-rw---- 1 root elasticsearch 16644 May 25 23:52 log4j2.properties
-rw-rw---- 1 root elasticsearch 473 May 25 23:52 role_mapping.yml
-rw-rw---- 1 root elasticsearch 197 May 25 23:52 roles.yml
-rw-rw---- 1 root elasticsearch 0 May 25 23:52 users
-rw-rw---- 1 root elasticsearch 0 May 25 23:52 users_roles
配置jvm内存为内存的一半
~]# vi jvm.options
-Xms8g
-Xmx8g
配置配置文件
]# cp elasticsearch.yml elasticsearch.yml-ys
]# cat elasticsearch.yml
cluster.name: elasticsearch-secure
node.name: elasticsearch-secure107 # 其他节点需要修改对应主机名
node.roles: [ data, master ] # 其他master节点不需要data
path.data: /data/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 10.4.2.107 # 其他节点需要修改对应IP
http.port: 9200
discovery.seed_hosts: ["10.4.2.107", "10.4.2.108", "10.4.2.109"]
xpack.security.enabled: false # 安全配置
xpack.security.enrollment.enabled: false # 安全配置
xpack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["elasticsearch-secure107", "elasticsearch-secure108", "elasticsearch-secure109"]
http.host: 0.0.0.0
transport.host: 10.4.2.107 # 其他节点需要修改对应IP
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Type,Content-Length
将文件拷贝到其他节点,修改对应的内容
启动es
]# systemctl restart elasticsearch
测试
可看到3个master节点,其中10.4.2.108为主节点,10.4.2.107为数据节点
~]#curl http://127.0.0.1:9200/_cat/nodes
10.4.2.107 10 61 0 0.00 0.00 0.00 dm - elasticsearch-secure107
10.4.2.108 2 59 0 0.00 0.00 0.00 m * elasticsearch-secure108
10.4.2.109 48 61 2 0.18 0.20 0.15 m - elasticsearch-secure109
其他
后面文章添加密码认证