elastic下载地址:
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.3.2-linux-x86_64.tar.gz
ik分词器:
https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.14.2/elasticsearch-analysis-ik-7.14.2.zip
本文采用7.14.2
三台执行
1、编辑 /etc/security/limits.conf 追加或修改
* soft nofile 655360
* hard nofile 655360
* soft nproc 655360
* hard nproc 655360
* hard memlock unlimited
* soft memlock unlimited
2、在/etc/sysctl.conf文件最后添加一行
vm.max_map_count=262144
3、修改system.conf
sed -i 's/#DefaultLimitMEMLOCK=/DefaultLimitMEMLOCK=infinity/g' /etc/systemd/system.conf
开始安装
1、将elastic包解压
tar xf elasticsearch-7.14.2-linux-x86_64.tar.gz -C /data/clusters/
2、修改es使用内存
sed -i 's/## -Xmx4g/-Xmx10g/g' /data/elasticsearch-7.14.2/config/jvm.options
sed -i 's/## -Xms4g/-Xms10g/g' /data/elasticsearch-7.14.2/config/jvm.options
3、修改elasticsearch.yml配置(这一步在8.17-master上,别的等8.17配置完复制过去)
vim /data/elasticsearch-7.14.2/config/elasticsearch.yml
cluster.name: dev-cluster
node.name: es-master
node.master: true
node.data: true
node.ingest: true
bootstrap.memory_lock: true
bootstrap.system_call_filter: false
network.host: 192.168.8.17
http.port: 9200
transport.tcp.port: 9300
transport.tcp.compress: true
http.cors.enabled: true
http.cors.allow-origin: "*"
cluster.initial_master_nodes: ["es-master","node-2","node-3"]
discovery.zen.ping.unicast.hosts: ["192.168.8.17:9300","192.168.8.18:9300","192.168.8.19:9300"]
discovery.zen.minimum_master_nodes: 1
#启用脚本 默认painless
cluster.routing.allocation.same_shard.host: true
#超时时间
discovery.zen.ping_timeout: 5s
discovery.zen.fd.ping_timeout: 5s
#禁止自动创建索引
action.auto_create_index: true
#一个集群中的N个节点启动后,才允许进行恢复处理
gateway.recover_after_nodes: 1
#设置初始化恢复过程的超时时间,超时时间从上一个配置中配置的N个节点启动后算起
gateway.recover_after_time: 5m
#设置这个集群中期望有多少个节点.一旦这N个节点启动(并且recover_after_nodes也符合),
#立即开始恢复过程(不等待recover_after_time超时)
gateway.expected_nodes: 2
#线程池
thread_pool.search.size: 100
thread_pool.search.queue_size: 1000
#xpack 插件的授权类型,basic是免费的,还有其他收费版本
xpack.license.self_generated.type: basic
#是否开启安全验证
xpack.security.enabled: true
#是否开启远程访问安全验证
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
#证书位置,该文件在下面流程会生成
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
#证书位置,该文件在下面流程会生成
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
完事复制过去
scp /data/clusters/elasticsearch-7.14.2/config/elasticsearch.yml 192.168.8.18:/data/clusters/elasticsearch-7.14.2/config/
scp /data/clusters/elasticsearch-7.14.2/config/elasticsearch.yml 192.168.8.19:/data/clusters/elasticsearch-7.14.2/config/
完事再在slave节点改一下这个文件
改一下:node.name
改一下:network.host
3、创建elasticsearch用户
useradd elasticsearch
passwd elasticsearch
4、授权目录,进入
chown -R elasticsearch:elasticsearch /data/elasticsearch-7.14.2/
su elasticsearch
cd /data/elasticsearch-7.14.2/
5、生成ca证书和密钥
bin/elasticsearch-certutil ca ##一路回车就行
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 ##一路回车就行
6、移动证书
在config目录下创建certs
mkdir config/certs
证书移动到certs目录
mv elastic-certificates.p12 config/certs/
#复制私钥到slave节点上
scp elastic-certificates.p12 elasticsearch@192.168.8.18:/data/clusters/elasticsearch-7.14.2/
config/certs/
scp elastic-certificates.p12 elasticsearch@192.168.8.19:/data/clusters/elasticsearch-7.14.2/
config/certs/
7、启动es
bin/elasticsearch -d
出现提示的话
修改JAVA_HOME i为 ES_JAVA_HOME
修改jvm.options文件配置,将 -XX:+UseConcMarkSweepGC 改为 -XX:+UseG1GC。并重启es
8、在master设置密码 slave节点不用设置,因为已经把密钥拷贝过去了
bin/elasticsearch-setup-passwords interactive
密码为:123456
重置密码
1、curl -XDELETE -u elastic:123456 http://192.168.8.17:9200/.security-7
2、bin/elasticsearch-setup-passwords interactive
9、出现以下报错
Failed to authenticate user ‘elastic’ against http://192.168.8.19:9200/_security/_authenticate?pretty
检查9200 9300 端口有没有启动 可能需要稍微等一下
若还是报错 报错的第四行显示
The password for the ‘elastic’ user has already been changed on this cluster
就不用管了 开始第十步
10、访问每个机器的9200端口
输入账号密码 显示如下就没问题
访问http://192.168.8.17:9200/_cat/nodes?v
访问http://192.168.8.17:9200/_cat/health?v
显示如下就结束了 主要看status是否为green
此外 欢迎运维小伙伴关注我的公众号 会不定期更新linux软件包的部署方式 harbor私有docker仓库:https://mp.weixin.qq.com/s/USVt66wvz7-6uyV3hD3Agw
jumpserver开源堡垒机:https://mp.weixin.qq.com/s/1LM59mYIgwzNUFXuCFlPdA