netstat -lntup
#jdk 1.8 网盘下载 或者
rpm -ivh jdk-8u211-linux-x64.rpm
cd /usr/java/latest/bin
vim /etc/profile
export JAVA_HOME=/usr/java/latest
[root@bogon ~] vim .bash_profile
export PATH=$JAVA_HOME/bin:$PATH
在开个新的窗口
[root@bogon ~]# java -version
[root@bogon ~]# echo $JAVA_HOME
tar zxvf elasticsearch-6.6.2.tar.gz
mv elasticsearch-6.6.2 /usr/local/
/usr/local/elk/datal里创建 data logs 目录
mkdir -p elk/data
mkdir -p elk/logs
cd /usr/local/elasticsearch-6.6.2/config
vim /usr/local/elasticsearch-6.6.2/config/elasticsearch.yml
http.cors.enabled: true
http.cors.allow-origin: “*”
vim config\jvm.options
-Xms1g
-Xmx1g
随着你的内存来改变的 我改成512m
[root@bogon bin]# ./elasticsearch
[2019-04-25T01:40:23,269][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [node-1] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:163) ~[elasticsearch-6.6.2.jar:6.6.2]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) ~[elasticsearch-6.6.2.jar:6.6.2]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-6.6.2.jar:6.6.2]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-6.6.2.jar:6.6.2]
at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-6.6.2.jar:6.6.2]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:116) ~[elasticsearch-6.6.2.jar:6.6.2]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) ~[elasticsearch-6.6.2.jar:6.6.2]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:103) ~[elasticsearch-6.6.2.jar:6.6.2]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:170) ~[elasticsearch-6.6.2.jar:6.6.2]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-6.6.2.jar:6.6.2]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-6.6.2.jar:6.6.2]
… 6 more
[root@bogon bin]# useradd elk
[root@bogon bin]# cd /usr/local/
[root@bogon local]# ls
bin elasticsearch-6.6.2 elk etc games include lib lib64 libexec sbin share src
[root@bogon local]# ll
total 0
drwxr-xr-x. 2 root root 6 Nov 5 2016 bin
drwxr-xr-x. 8 root root 143 Mar 6 07:18 elasticsearch-6.6.2
drwxr-xr-x. 4 root root 30 Apr 25 00:59 elk
drwxr-xr-x. 2 root root 6 Nov 5 2016 etc
drwxr-xr-x. 2 root root 6 Nov 5 2016 games
drwxr-xr-x. 2 root root 6 Nov 5 2016 include
drwxr-xr-x. 2 root root 6 Nov 5 2016 lib
drwxr-xr-x. 2 root root 6 Nov 5 2016 lib64
drwxr-xr-x. 2 root root 6 Nov 5 2016 libexec
drwxr-xr-x. 2 root root 6 Nov 5 2016 sbin
drwxr-xr-x. 5 root root 49 Apr 23 02:43 share
drwxr-xr-x. 2 root root 6 Nov 5 2016 src
[root@bogon local]# chown -R elk:elk elk
[root@bogon local]# chown -R elk:elk elasticsearch-6.6.2/
[root@bogon local]# su - elk
[elk@bogon ~]$ vim .bash_profile
[elk@bogon ~]$ source .bash_profile
[elk@bogon ~]$ java -version
java version "1.8.0_211"
Java(TM) SE Runtime Environment (build 1.8.0_211-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.211-b12, mixed mode)
[elk@bogon ~]$ cd /usr/local/elasticsearch-6.6.2/bin/
[elk@bogon bin]$ ./elasticsearch
需要切换到root用户 exit
#调试这个文件
vi /etc/security/limits.conf
* soft nofile 65536
* hard nofile 65536
vi /etc/sysctl.conf
vm.max_map_count=262144
#生效
sysctl -p
在新开窗口
#检查 硬件和软件
ulimit -Hn
ulimit -Sn
在新开窗口
su - elk
[elk@bogon elasticsearch-6.6.2]$ touch startup.sh
[elk@bogon elasticsearch-6.6.2]$ vim startup.sh
#!/bin/bash
nohup /export/www/admin-analysis.geenmay.cn/public/elasticsearch7/bin/elasticsearch >> /export/www/admin-analysis.geenmay.cn/public/elasticsearch7/output.log 2>&1 &
[elk@bogon elasticsearch-6.6.2]$ chmod a+x startup.sh
关闭 elasticsearch
ps -ef |grep java
jps
kill -9
对于& 1 更准确的说应该是文件描述符 1,而1标识标准输出,stdout。
对于2 ,表示标准错误,stderr。
2>&1 的意思就是将标准错误重定向到标准输出。这里标准输出已经重定向到了 /dev/null。那么标准错误也会输出到/dev/null
可以把/dev/null 可以看作"黑洞". 它等价于一个只写文件. 所有写入它的内容都会永远丢失. 而尝试从它那儿读取内容则什么也读不到.
偶尔也可以把 & 在命令的最后加上,表示让程序后台执行。
#然后去访问看一看
curl -XGET “127.0.0.1:9200” 或者运行 curl http://localhost:9200 或者 curl http://127.0.0.1:9200 都可以
curl -X GET “xxx.xxx.xxx.xxx:9200/e_index/_search?pretty” -H ‘Content-Type: application/json’ -d’
{
“query”: { “match_all”: {} }
}
’
参考文章
https://www.cnblogs.com/jw-yahui/diary/2019/04/25/10769548.html