1.elasticsearch7.11.1分布式集群规划表
OS Version | ES Version | IP/Http Port | Node Name | Role |
CentOS Linux release 7.9.2009 (Core) | 7.11.1 | 192.168.10.243/9201 | node_1 | node.master: true node.data: true |
CentOS Linux release 7.9.2009 (Core) | 7.11.1 | 192.168.10.243/9202 | node_2 | node.master: true node.data: true |
CentOS Linux release 7.9.2009 (Core) | 7.11.1 | 192.168.10.243/9203 | node_3 | node.master: true node.data: true |
CentOS Linux release 7.9.2009 (Core) | 7.11.1 | 192.168.10.243/9204 | node_4 | node.master: false node.data: true |
2.关闭防火墙与selinux
具体参考:
3.安装jdk
具体参考:
https://blog.csdn.net/z19861216/article/details/136479909
如果没有设置 $JAVA_HOME环境变量,可以使用elasticsearch介质中自带的jdk;不过建议安装单独的jdk
4.elasticsearch安装用户创建及系统参数优化
以root用户登录服务器
1).创建elasticsearch安装用户
命令:
groupadd elk
useradd elk -g elk
id elk
[root@elasticsearch ~]# groupadd elk
[root@elasticsearch ~]#
[root@elasticsearch ~]# useradd elk -g elk
[root@elasticsearch ~]#
[root@elasticsearch ~]# id elk
uid=1000(elk) gid=1000(elk) groups=1000(elk)
[root@elasticsearch ~]#
2).ulimit参数调优
vim /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535
* soft noproc 65535
* hard noproc 65535
* soft stack 65535
* hard stack 65535
elk hard memlock unlimited
elk soft memlock unlimited
退出登录生效。
3).vm参数优化
vim /etc/sysctl.conf
vm.max_map_count=655360
vm.swappiness=1
执行sysctl -p生效
5.elasticsearch7.11.1下载
地址:
Past Releases of Elastic Stack Software | Elastic
-->以root用户登录,上传elasticsearch7.11.1版本至CentOS7.9.2009并解压
命令:
tar -zxvf elasticsearch-7.11.1-linux-x86_64.tar.gz -C /usr/local/
-->复制elasticsearch-7.11.1并授权
命令:
cd /usr/local
cp -rp elasticsearch-7.11.1 elasticsearch1
cp -rp elasticsearch-7.11.1 elasticsearch2
cp -rp elasticsearch-7.11.1 elasticsearch3
cp -rp elasticsearch-7.11.1 elasticsearch4
chown -R elk:elk elasticsearch1
chown -R elk:elk elasticsearch2
chown -R elk:elk elasticsearch3
chown -R elk:elk elasticsearch4
ls -ld elasticsearch*
[root@elasticsearch local]# ls -ld elasticsearch*
drwxr-xr-x 10 elk elk 167 Oct 25 09:39 elasticsearch1
drwxr-xr-x 10 elk elk 167 Oct 25 09:39 elasticsearch2
drwxr-xr-x 10 elk elk 167 Oct 25 09:39 elasticsearch3
drwxr-xr-x 10 elk elk 167 Oct 25 09:39 elasticsearch4
drwxr-xr-x 10 elk elk 167 Oct 25 09:39 elasticsearch-7.11.1
[root@elasticsearch local]#
6.配置elasticsearch分布式集群
1).参数释义
参数 | 说明 |
cluster.name | 集群名称,相同名称为一个集群 |
node.name | 节点名称,es默认会随机指定一个名字,用户也可自行配置。集群模式下每个节点名称唯一 |
node.master | 当前节点是否可以被选举为master节点,是:true;否:false |
node.data | 当前节点是否用于存储数据,是:true;否:false |
node.max_local_storage_nodes | 最大集群节点数 |
path.data | 索引数据存放的位置 |
path.logs | 日志文件存放的位置 |
path.conf | 设置配置文件的存储路径,tar或zip包安装默认在es根目录下的config目录,rpm包安装默认在/etc/elasticsearch目录 |
path.plugins | 设置插件的存放路径,默认是es根目录下的plugins目录 |
bootstrap.memory_lock | 是否锁住物理内存,避免内存进行swap,是:true;否:false |
bootstrap.system_call_filter | SecComp检测,是:true;否:false |
network.host | 监听地址,用于访问该es |
network.publish_host | 集群内各节点之间通信地址 |
http.port | es对外提供的http端口,默认:9200 |
transport.port | 集群内部节点之间通信端口,默认:9300 |
discovery.seed_hosts | es7.x 之后新增的配置,写入候选主节点的设备地址,在开启服务后可以被选为主节点 |
cluster.initial_master_nodes | es7.x 之后新增的配置,初始化一个新的集群时需要此配置来选举master |
http.cors.enabled | 是否支持跨域,是:true,在使用head插件时需要此配置 |
http.cors.allow-origin | 表示支持所有域名 |
http.cors.allow-headers | 所支持的请求头 |
http.cors.allow-credentials | 是否支持认证,是:true |
discovery.zen.minimum_master_nodes | 最少要有N个节点才能选举出主节点 |
discovery.zen.ping.timeout | 设置es自动发现节点连接超时的时间,默认为3s |
action.destructive_requires_name | 删除索引时是否必须要实际索引名 |
gateway.recover_after_nodes | 至少恢复N个节点及以上,集群节点才可以被访问 |
2).elasticsearch集群配置
vim /usr/local/elasticsearch1/config/elasticsearch.yml
vim /usr/local/elasticsearch2/config/elasticsearch.yml
vim /usr/local/elasticsearch3/config/elasticsearch.yml
vim /usr/local/elasticsearch4/config/elasticsearch.yml
node1
cluster.name: my_es
node.name: node_1
node.master: true
node.data: true
node.max_local_storage_nodes: 3
transport.port: 9301
path.data: /usr/local/elasticsearch1/data
path.logs: /usr/local/elasticsearch1/logs
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9201
discovery.seed_hosts: ["192.168.10.243:9301", "192.168.10.243:9302", "192.168.10.243:9303"]
cluster.initial_master_nodes: ["node_1", "node_2", "node_3"]
bootstrap.system_call_filter: false
http.cors.allow-origin: "*"
http.cors.enabled: true
http.cors.allow-headers: X-Requested-With,X-Auth-Token,Content-Type,Content-Length,Authorization
http.cors.allow-credentials: true
node2
cluster.name: my_es
node.name: node_2
node.master: true
node.data: true
node.max_local_storage_nodes: 3
transport.port: 9302
path.data: /usr/local/elasticsearch2/data
path.logs: /usr/local/elasticsearch2/logs
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9202
discovery.seed_hosts: ["192.168.10.243:9301", "192.168.10.243:9302", "192.168.10.243:9303"]
cluster.initial_master_nodes: ["node_1", "node_2", "node_3"]
bootstrap.system_call_filter: false
http.cors.allow-origin: "*"
http.cors.enabled: true
http.cors.allow-headers: X-Requested-With,X-Auth-Token,Content-Type,Content-Length,Authorization
http.cors.allow-credentials: true
node3
cluster.name: my_es
node.name: node_3
node.master: true
node.data: true
node.max_local_storage_nodes: 3
transport.port: 9303
path.data: /usr/local/elasticsearch3/data
path.logs: /usr/local/elasticsearch3/logs
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9203
discovery.seed_hosts: ["192.168.10.243:9301", "192.168.10.243:9302", "192.168.10.243:9303"]
cluster.initial_master_nodes: ["node_1", "node_2", "node_3"]
bootstrap.system_call_filter: false
http.cors.allow-origin: "*"
http.cors.enabled: true
http.cors.allow-headers: X-Requested-With,X-Auth-Token,Content-Type,Content-Length,Authorization
http.cors.allow-credentials: true
node4
cluster.name: my_es
node.name: node_4
node.master: false
node.data: true
transport.port: 9304
path.data: /usr/local/elasticsearch4/data
path.logs: /usr/local/elasticsearch4/logs
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9204
discovery.seed_hosts: ["192.168.10.243:9301", "192.168.10.243:9302", "192.168.10.243:9303"]
bootstrap.system_call_filter: false
3).elasticsearch实例启动
su - elk
whoami
/usr/local/elasticsearch1/bin/elasticsearch -d -p /tmp/elasticsearch1.pid
/usr/local/elasticsearch2/bin/elasticsearch -d -p /tmp/elasticsearch2.pid
/usr/local/elasticsearch3/bin/elasticsearch -d -p /tmp/elasticsearch3.pid
/usr/local/elasticsearch4/bin/elasticsearch -d -p /tmp/elasticsearch4.pid
[elk@elasticsearch ~]$ whoami
elk
[elk@elasticsearch ~]$
[elk@elasticsearch ~]$ /usr/local/elasticsearch1/bin/elasticsearch -d -p /tmp/elasticsearch1.pid
Java HotSpot(TM) 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
[elk@elasticsearch ~]$
[elk@elasticsearch ~]$ /usr/local/elasticsearch2/bin/elasticsearch -d -p /tmp/elasticsearch2.pid
Java HotSpot(TM) 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
[elk@elasticsearch ~]$
[elk@elasticsearch ~]$ /usr/local/elasticsearch3/bin/elasticsearch -d -p /tmp/elasticsearch3.pid
[elk@elasticsearch ~]$ Java HotSpot(TM) 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
[elk@elasticsearch ~]$ /usr/local/elasticsearch4/bin/elasticsearch -d -p /tmp/elasticsearch4.pid
Java HotSpot(TM) 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
[elk@elasticsearch ~]$
以下告警无需关注
Java HotSpot(TM) 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
4).进程、日志、端口验证
进程验证
[elk@elasticsearch ~]$ p