elasticsearch部署教程(7.1.1)

去官网下载es

https://www.elastic.co/cn/downloads/

创建es安装路径

mkdir -p /data/software/elk/elasticsearch-7.1.1/data
mkdir -p /data/software/elk/elasticsearch-7.1.1/logs

创建es用户

useradd esuser
chown -R esuser:/data/software/elk/elasticsearch-7.1.1

root权限配置

• soft nofile 65536
• hard nofile 65536
• soft nproc 65536
• hard nproc 65536

vim配置文件/etc/sysctl.conf，加入以下内容

vm.overcommit_memory = 1
vm.max_map_count=655360

执行sysctl -p使配置生效

sysctl -p

上传es安装包到es目录下，并解压

cd /data/software/elk
tar -zxvf elasticsearch-7.1.1-linux-x86_64.tar.gz

修改配置文件，进入es安装目录config目录下，修改elasticsearch.yml文件

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
#cluster.initial_master_nodes: ["node-1"]
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
#
# Path to log files:
#

#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
#
# Set a custom port for HTTP:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

cluster.name: elkbdp-cluster #集群名称
node.name: elk    	  #节点名称
cluster.initial_master_nodes: ["elk"] #主节点信息
bootstrap.memory_lock: false   
bootstrap.system_call_filter: false
network.host: 0.0.0.0				#所有ip可以访问，
discovery.seed_hosts: ["192.168.1.71"] #输出至elasticsearch服务器
discovery.zen.minimum_master_nodes: 2 	#最多有几个可参与主节点选举
path.data: /data/software/elk/elasticsearch-7.1.1/data
path.logs: /data/software/elk/elasticsearch-7.1.1/logs
http.cors.enabled: true
http.max_initial_line_length: "1024k"
http.max_header_size: "1024k"
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate		# 证书认证级别
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

修改jvm.options文件

cd /data/nusp/es/elasticsearch-7.1.1/config/
vim jvm.options

-Xms4g
-Xmx4g

安装ik分词器

将准备好的ik分词器安装包解压后将文件复制到 es的安装目录/plugins/ik下面即可，没有目录则自行创建目录，目录文件夹下不能有其他东西。

启动动es服务，进入es的安装目录/bin下执行（后台启动，无任何错误表示启动完成，此时通过访问http://ip:9200即可）。

记得先切换es的用户,这里为esuser,不然会启动报错

su esuser
./elasticsearch -d

测试es服务，在浏览器中输入http://ip:9200回车，启动成功就会显示如下页面。

配置TLS和身份验证

生成CA证书

cd /data/software/elk/elasticsearch-7.1.1/bin
./elasticsearch-certutil ca		# 两次回车
./elasticsearch-certutil cert --ca elastic-stack-ca.p12		# 三次回车

赋予权限（并把证书文件 elastic-certificates.p12 复制到其他master节点并赋予权限）。

mkdir /data/software/elk/elasticsearch-7.1.1/config/certs
mv elastic-*.p12 config/certs/ ## 我没记错的话,应该是生成到了es根目录下,即/data/software/elk/elasticsearch-7.1.1
chown -R esuser:esuser config/certs/

修改配置文件（将所有master配置文件添加ssl）

vim /data/software/elk/elasticsearch-7.1.1/config/elasticsearch.yml

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate		# 证书认证级别
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

重启 elasticsearch

kill -9 {es启动的进程pid}
./elasticsearch -d

设置默认密码（输入y，分别设置 elastic、apm_system、kibana、logstash_system、beats_system、remote_monitoring_user账号的密码，我这里为了方便都输入统一密码123456）

./elasticsearch-setup-passwords interactive interactive # 中间可能报错,需要查看es配置是否有问题