1,Elasticsearch&JDK版本要求
参考官网链接:https://www.elastic.co/guide/en/elasticsearch/reference/index.html
| ES | JDK |
|---|---|
| 7.X | OpenJDK |
| 6.8 | jdk8 |
7.0版本以后:
ES从7.0版本开始,每个版本的ES都自带JDK,这样就可以在没有安装jdk环境的机器上直接运行。如果自己配置了环境变量JAVA_HOME,则elasticsearh启动时会使用配置的JAVA_HOME作为java路径,否则使用elasticsearh根目录下jdk目录为java路径。
从7.0版本开始jdk版本要求比较高,若JAVA_HOME所配置的java版本【即版本低于要求】不满足需求时会输出信息:
future versions of Elasticsearch will require Java 11; your Java version from [/usr/local/java/jdk1.8/jre] does not meet this requirement
future versions of Elasticsearch will require Java 11; your Java version from [/usr/local/java/jdk1.8/jre] does not meet this requirement
此时,若启动Elasticsearch服务,服务会正常启动,但查看日志发现此时服务是不健康,索引分片失败,如下图:
解决办法:
修改并使用Elasticsearch-7.x自带jdk环境,步骤如下:
1,cd /usr/local/elasticsearch/elasticsearch-7.10.0/bin/
2,vim elasticsearch-env
## 找到以下配置
# now set the path to javai
if [ ! -z "$ES_JAVA_HOME" ]; then
JAVA="$JAVA_HOME/bin/java" #要修改位置
JAVA_TYPE="JAVA_HOME" # 要修改位置
else
if [ "$(uname -s)" = "Darwin" ]; then
# macOS has a different structure
JAVA="$ES_HOME/jdk.app/Contents/Home/bin/java"
else
......
fi
【新增:ES_JAVA_HOME=“/usr/local/elasticsearch-7.10.0/jdk/” ,并修改JAVA_HOME为 ES_JAVA_HOME】
# now set the path to javai
ES_JAVA_HOME="/usr/local/elasticsearch/elasticsearch-7.10.0/jdk" ##新增
if [ ! -z "$ES_JAVA_HOME" ]; then
JAVA="$ES_JAVA_HOME/bin/java" #修改
JAVA_TYPE="ES_JAVA_HOME" #修改
else
......
fi
6.8版本,要求jdk1.8,以下为摘抄ES官网原文【7.0以前版本】
Elasticsearch is built using Java, and requires at least Java 8 in order to run. Only Oracle’s Java and the OpenJDK are supported. The same JVM version should be used on all Elasticsearch nodes and clients.
We recommend installing Java version 1.8.0_131 or a later version in the Java 8 release series. We recommend using a supported LTS version of Java. Elasticsearch will refuse to start if a known-bad version of Java is used.
The version of Java that Elasticsearch will use can be configured by setting the JAVA_HOME environment variable.
2,Linux部署Elasticsearch
2.1,启动报错,几种常见报错:
2.1.1,第一种错误
[2018-05-18T17:44:59,658][INFO ][o.e.b.BootstrapChecks ] [gFOuNlS] bound or publishing to a non-loopback address, enforcing bootstrap checks
ERROR: [2] bootstrap checks failed
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
[2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
[1]: max file descriptors [65535] for elasticsearch process is too low, increase to at least [65536]
解决方法:
1,使用root vim /etc/security/limits.conf
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
此文件修改后需要重新登录用户,才会生效
2, root vim /etc/sysctl.conf
vm.max_map_count=262144
保存后,执行:
sysctl -p
重新启动,成功。
2.1.2,第二种错误
不能使用root用户启动es服务,否则会报错,只能新建一个elasticsearch用户
2.2,权限不够问题
1,新建elasticsearch用户
useradd -m elasticsearch
passwd elasticsearch #设置密码
2,使用root用户创建目录
mkdir -p /user/local/elasticsearch
用root用户,将创建的目录权限赋给elasticsearch用户
chown elasticsearch:elasticsearch elasticsearch-7.10.0-linux-x86_64.tar.gz
查看 xxxx.tar.gz权限
ls -ltr elasticsearch-7.10.0-linux-x86_64.tar.gz
并赋给x权限
chmod -R 777 elasticsearch-7.10.0-linux-x86_64.tar.gz
2.3,es配置文件elasticsearch.yml
2.3.1, 集群节点名称
cluster.name: my-application
2.3.2, es实例节点名称
node.name: elastic-1
2.3.3, 节点角色
node.master: true
node.data: true
2.3.4, 允许外部网路访问
network.host: 0.0.0.0
2.3.5, tcp端口9200,以及内部节点通信端口9300
http.port: 9200
transport.host: localhost
transport.tcp.port: 9300
2.3.6,初始化主节点,和node.name保持一致
cluster.initial_master_nodes: [“elastic-1”]
2.3.7, 解决跨域问题
http.cors.enabled: true
http.cors.allow-origin: “*”
#bootstrap.memory_lock: false
#bootstrap.system_call_filter: false
2.3.8, 集群发现:配置该节点会与哪些候选地址进行通信,默认端口9300,可填ip;ip+port;域名
discovery.seed_hosts: [“39.12.1.1”]
cluster.initial_master_nodes: [“39.12.1.1”]
discovery.zen.minimum_master_nodes: 1
#http.cors.allow-headers: Authorization
#xpack.security.enabled: true
#xpack.security.transport.ssl.enabled: true
2.4,部署服务,资源要求,
2.4.1, 内存/CPU:
2C4G
2.4.2,硬盘大小
>= 30G
【若你看完整篇文章,觉得对你有帮助,请点赞;若有不对之处,请尽管吐槽,打出你的评论,互相学习进步…】
3,ES配置XPack,生成认证elastic-stack-ca.p12证书
3.1,生成p12证书
# cd /usr/elasticsearch/bin
./elasticsearch-certutil ca #会在当前目录生成elastic-stack-ca.p12
./elasticsearch-certutil cert --ca elastic-stack-ca.p12
注:在以上两个命令执行过程中,提示密码不要设置密码,直接回车即可,若设置了密码,在启动的时候,会报解密错误;
3.2,设置密码
/elasticsearch-setup-passwords interactive
#执行此命令,会连续提示设置密码,依次设置同一密码即可,不要输错;
4,完整ES配置文件
# ======================== Elasticsearch Configuration
cluster.name: csd-cluster
# ------------------------------------ Node ------------------------------------
node.name: es-csd-node-1
node.master: true
# ----------------------------------- Paths ------------------------------------
path.data: /opt/elasticsearch/data
# Path to log files:
path.logs: /opt/elasticsearch/logs
# ---------------------------------- Network -----------------------------------
network.host: 0.0.0.0
network.bind_host: ["192.168.1.60"]
network.publish_host: 192.168.1.60
http.port: 9200
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"
# --------------------------------- Discovery ----------------------------------
discovery.zen.ping.unicast.hosts: ["192.168.1.60:9300", "192.168.1.61:9300", "192.168.1.63:9300"]
#
# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
#
discovery.zen.minimum_master_nodes: 2
# ---------------------------------- Various -------------------
#action.destructive_requires_name: true
xpack.security.transport.ssl.enabled: true
xpack.security.enabled: true
#xpack.security.http.ssl.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /opt/elasticsearch/config/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /opt/elasticsearch/config/elastic-certificates.p12
1902
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
