ES集群安装
初始化失败记得删除data目录
1、创建非root用户
如果有非root用户则可以省略该步骤
useradd esuser
passwd esuser
2、准备安装包并解压(所有节点的 非root用户路径下)
已经准备好安装包在文件夹当中
cd /home/esuser
tar -zxvf elasticsearch-7.4.2-linux-x86_64.tar.gz
#root用户操作
su root
chown -R esuser.esuser elasticsearch-7.4.2/
3、修改文件句柄数 和虚拟内存配置(root 用户)(如果之前配置过可忽略)
vi /etc/security/limits.conf
* soft nofile 65536
* hard nofile 65536
* soft nproc 2048
* hard nproc 4096
vi /etc/sysctl.conf
#添加以下两句:
vm.max_map_count=655360
fs.file-max=655360
/sbin/sysctl -p
4、修改es配置文件
4.1 非加密集群
4.1.1 非加密集群配置文件
cluster.name: my-application
node.name: node-3
node.master: true
node.data: true
path.data: /home/esuser/elasticsearch-7.4.2/data
path.logs: /home/esuser/elasticsearch-7.4.2/logs
bootstrap.memory_lock: false
http.port: 9200
transport.tcp.port: 9300
discovery.seed_hosts: ["10.170.130.004","10.170.130.006"]
cluster.initial_master_nodes: ["10.170.130.004","10.170.130.006"]
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS,HEAD,GET,POST,PUT,DELETE
http.cors.allow-headers: X-Requested-With,Content-Type,Content-Length,Authorization,Content-Encoding,Accept-Encoding
4.2 加密集群破解密匙 生成的文件移动到所有节点的 conf 目录下
#bin目录执行命令
./elasticsearch-certutil ca
#一路回车 直接回车默认是生成文件 elastic-stack-ca.p12
Please enter the desired output file [elastic-stack-ca.p12]:
#es目录下生成 elastic-stack-ca.p12后,执行命令elasticsearch-certutil
./elasticsearch-certutil cert --ca $ES_HOME/elastic-stack-ca.p12
#直接回车生成elastic-certificates.p12文件
#然后将生成的文件移动到conf目录下
mv elastic-certificates.p12 conf/
4.2.1 修改配置文件(所有节点 可复制 然后修改 nodeName 即可)
vim elasticsearch.yml
#集群名称
cluster.name: my-application
#节点名
node.name: node-1
#自动选举主节点
node.master: true
node.data: true
#数据路径
path.data: /home/esuser/elasticsearch-7.4.2/data
#日志路径
path.logs: /home/esuser/elasticsearch-7.4.2/logs
#是否锁定内存 true:锁定 false:不锁定,可以使用交换机内存
bootstrap.memory_lock: false
#当前节点IP
network.host: 10.170.130.002
network.publish_host: 10.170.130.002
#端口号
http.port: 9200
#所有节点的IP
discovery.seed_hosts: ["10.170.130.002", "10.170.130.003","10.170.130.004"]
#配置所有节点
cluster.initial_master_nodes: ["node-1", "node-2","node-3"]
#使用xpack 非免密登录
xpack.security.transport.ssl.enabled: true
xpack.security.enabled: true
xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
#加密http通信-每个节点容器都要添加
xpack.security.http.ssl.enabled: true
#指定使用的证书
xpack.security.http.ssl.keystore.path: elastic-certificates.p12
#密钥存储库包含CA证书,因此也可以用作信任存储库
xpack.security.http.ssl.truststore.path: elastic-certificates.p12
#外域访问
http.cors.enabled: true
http.cors.allow-origin: "*"
5、安装分词器等插件
将 esplugins.tar 上传到服务器上并解压到 es的plugins目录下
tar -zxvf esplugins.tar
cd esplugins
cp -r elasticsearch-analysis-ik-7.4.2 /home/esuser/elasticsearch-7.4.2/plugins
cp -r elasticsearch-analysis-pinyin-7.4.2/ /home/esuser/elasticsearch-7.4.2/plugins
cp -r elasticsearch-analysis-stconvert-7.4.2/ /home/esuser/elasticsearch-7.4.2/plugins
6、启动
su esuser
./elasticsearch -d
6、配置账号密码(上述配置加密了需要,非加密集群忽略)
./elasticsearch-setup-passwords interactive
y
然后一路设置密码
es 用户名为 elastic
https://blog.csdn.net/yyoc97/article/details/104518885
7、ES conf文件夹中添加analys文件夹(每台节点)
8、创建索引(非加密)
curl -H "Content-Type: application/json" -XPUT http://10.170.130.002:9200/comment -d @comment.json
curl -H "Content-Type: application/json" -XPUT http://10.170.130.002:9200/dictionary -d @dictionary.json
curl -H "Content-Type: application/json" -XPUT http://10.170.130.002:9200/dictionary_apply -d @dictionary_apply.json
curl -H "Content-Type: application/json" -XPUT http://10.170.130.002:9200/yf_document -d @yfdm.json
8、创建ES索引(加密)
相关索索引json文件在ES安装文件夹下
curl -k -H "Content-Type: application/json" -XPUT http://elastic:12345678@10.170.130.002:9200/comment -d @comment.json
curl -k -H "Content-Type: application/json" -XPUT http://elastic:12345678@10.170.130.002:9200/dictionary -d @dictionary.json
curl -k -H "Content-Type: application/json" -XPUT http://elastic:12345678@10.170.130.002:9200/dictionary_apply -d @dictionary_apply.json
curl -k -H "Content-Type: application/json" -XPUT http://elastic:12345678@10.170.130.002:9200/yf_document -d @yfdm.json
参数说明:
在请求时需要加上用户名密码 elastic:12345678@10.170.130.002:9200
利用已经安装过的文件夹安装ES(一下均为所有节点)
1、创建非root用户
useradd esuser
passwd esuser
2、准备安装文件
将 elasticsearch-7.4.2.tar 分发到所有节点的 /home/esuser/ 下
tar -zxvf elasticsearch-7.4.2.tar
3、授权
#root用户操作
su root
chown -R esuser.esuser elasticsearch-7.4.2/
4、修改文件句柄数
vi /etc/security/limits.conf
* soft nofile 65536
* hard nofile 65536
* soft nproc 2048
* hard nproc 4096
vi /etc/sysctl.conf
#添加以下两句:
vm.max_map_count=655360
fs.file-max=655360
/sbin/sysctl -p
5、修改配置文件相关IP
6、启动
su esuser
./elasticsearch -d