说明:elasticsearch 运行基于jdk,所以提前请配置好Java环境变量。
步骤一: 拷贝、解压(此处略过)。
步骤二:创建用户:els 不能用root用户启动,所以必须创建一个用户
adduser elk
chown elk:elk -R elasticsearch-6.8.1
步骤三:修改配置文件
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1
#
# Add custom attributes to the node:
#
node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /usr/local/package/elasticsearch-6.8.1/data
#
# Path to log files:
#
path.logs: /usr/local/package/elasticsearch-6.8.1/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: false
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.zen.ping.unicast.hosts: ["127.0.0.1"]
#
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
#
#discovery.zen.minimum_master_nodes:
#
# For more information, consult the zen discovery module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
gateway.recover_after_nodes: 1
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
步骤四: 启动elasticsearch(切换到刚才新建的elk用户)
./bin/elasticsearch -d
说明: -d 在后台进程运行。
步骤五:验证是否启动成功:
输入:http://192.169.239.132:9200, 返回以下内容,则正常运行:
{
"name" : "node-1",
"cluster_name" : "my-application",
"cluster_uuid" : "Mh72sbXURlC5H4Zp-XgIAA",
"version" : {
"number" : "6.8.1",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "1fad4e1",
"build_date" : "2019-06-18T13:16:52.517138Z",
"build_snapshot" : false,
"lucene_version" : "7.7.0",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
异常问题处理:
1. max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536] memory locking requested for elasticsearch process but memory is not locked
解决方法:
[root@bogon bin]# vim /etc/security/limits.conf(在文件最后添加)
* hard nofile 65536
* soft nofile 65536
* soft memlock unlimited
* hard memlock unlimited
2. max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
解决办法:
修改vim /etc/sysctl.conf 文件,
添加 “vm.max_map_count=262144”设置
并执行:sysctl -p
3. max number of threads [3895]
for
user [esuser]
is
too low, increase to at least [4096]
解决办法:
1、vim /etc/security/limits.d/20-nproc.conf文件尾添加
* soft nproc 204800
* hard nproc 204800
2、vim /etc/security/limits.d/def.conf文件尾添加
* soft nofile 204800
* hard nofile 204800