九、Linux二进制安装ElasticSearch集群

九、Linux二进制安装ElasticSearch集群

1 下载

官方下载：官方下载
百度网盘：网盘下载

2 安装前准备(单机，集群每台机器都需要配置)

一、关闭防火墙
关闭
systemctl stop firewalld
永久关闭
systemctl disable firewalld.service
也可以开放需要的端口
firewall-cmd --zone=public --add-port=5601/tcp --permanent

二、安装必要环境
yum install -y gcc git wget vim ntp lsof
yum install -y pcre pcre-devel zlib zlib-devel openssl openssl-devel

三、修改系统配置文件
vim /etc/security/limits.conf

1、添加以下内容（带上*号）
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096
 
2、继续修改另一个配置文件
vi /etc/sysctl.conf

3、添加以下内容
vm.swappiness=1
vm.max_map_count=655360

4、刷新配置文件
sysctl -p

修改时区（时区有问题时使用）
rm -f /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

5、新增目录
mkdir /opt/elk

6、新建es用户
useradd esuser
passwd esuser 
输入重复密码： PassW0rd_1234

7、 为用户赋权限 
chown esuser:esuser -R /opt/elk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

3 ElasticSearch单机（7.16.2）

之前写过一版单机版本：ElasticSearch单机安装

4 ElasticSearch集群（8.14.2）

4.1 解压文件（先将下载文件放到/opt下）

tar -zxvf /opt/elasticsearch-8.14.2-linux-x86_64.tar.gz -C /opt/elk
1

4.2 新增数据目录

mkdir /opt/elk/elasticsearch-8.14.2/data
1

4.3 修改配置文件

vi /opt/elk/elasticsearch-8.14.2/config/elasticsearch.yml
1

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: cluster-es
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
# 集群中必须是唯一的
node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /opt/elk/elasticsearch-8.14.2/data
#
# Path to log files:
#
path.logs: /opt/elk/elasticsearch-8.14.2/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 0.0.0.0
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["192.168.200.161", "192.168.200.162","192.168.200.163"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["192.168.200.161"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false
# 不设置密码
xpack.security.enabled: false
xpack.security.transport.ssl.enabled: false
xpack.security.http.ssl.enabled: false
http.cors.enabled: true
http.cors.allow-origin: "*"
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

4.4 启动ES（三台机器都启动）

启动前先确定esuser 有/opt/elk目录操作的权限

如果不是，就使用root用户重新执行一遍

chown esuser:esuser -R /opt/elk
1

切换用户

su esuser
1

/opt/elk/elasticsearch-8.14.2/bin/elasticsearch
1

开始启动会在这卡一会，稍等一下就行


启动成功后验证：

http://192.168.200.163:9200/_cluster/health?pretty
1

http://192.168.200.163:9200/_cat/nodes?v&pretty
1

4.5 ES集群设置密码

4.5.1 主节点配置

/opt/elk/elasticsearch-8.14.2/bin/elasticsearch-certutil ca
1

进入到es文件目录。可以看到生成的文件

cd /opt/elk/elasticsearch-8.14.2
1

/opt/elk/elasticsearch-8.14.2/bin/elasticsearch-certutil cert --ca /opt/elk/elasticsearch-8.14.2/elastic-stack-ca.p12 
1

会弹出三次提示，分别是输入密码，输出文件，输入密码，第一次密码是输入上一步设置的密码，也是123456，输出文件可以直接回车，默认就行。最后一次叫输入密码，什么都不要输入，直接回车就行，否则启动的时候会报错输入刚刚的密码，最后生成elastic-stack-ca.p12密码不要写，直接回车 不然会报错xpack Caused by: java.io.IOException: keystore password was incorrect



最后一共会有两个文件

移动文件到config目录

cd /opt/elk/elasticsearch-8.14.2
mv elastic-* config/
1
2

给文件复制权限（当前操作的用户是esuser，如果你的是root，请执行上面的赋权。切换到esuser进行操作）

chmod 777 /opt/elk/elasticsearch-8.14.2/config/elastic-certificates.p12 
chmod 777 /opt/elk/elasticsearch-8.14.2/config/elastic-stack-ca.p12  
1
2

创建keystore

/opt/elk/elasticsearch-8.14.2/bin/elasticsearch-keystore create
1

4.5.2 从节点配置

此时主节点有三个文件

cd /opt/elk/elasticsearch-8.14.2/config/
1

将这三个配置文件复制到其他从节点的/opt/elk/elasticsearch-8.14.2/config/下，
复制后会发现权限变成了root的。

su root
1

chown esuser:esuser -R /opt/elk
1

su esuser
1

chmod 777 /opt/elk/elasticsearch-8.14.2/config/elastic-certificates.p12 
chmod 777 /opt/elk/elasticsearch-8.14.2/config/elastic-stack-ca.p12  
1
2

4.5.3 修改配置文件

vi /opt/elk/elasticsearch-8.14.2/config/elasticsearch.yml
1

注意修改 node.name: node-1 就行

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: cluster-es
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /opt/elk/elasticsearch-8.14.2/data
#
# Path to log files:
#
path.logs: /opt/elk/elasticsearch-8.14.2/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 0.0.0.0
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["192.168.200.161", "192.168.200.162","192.168.200.163"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["192.168.200.161"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false
# ------------------------------------------------------------------------------------------------------
# 不设置密码
#xpack.security.enabled: false
#xpack.security.transport.ssl.enabled: false
#xpack.security.http.ssl.enabled: false
#http.cors.enabled: true
#http.cors.allow-origin: "*"
# ------------------------------------------------------------------------------------------------------
# 开启x-pack权限认证（三台服务器都添加如下内容并重启）
xpack.license.self_generated.type: basic
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
#开启密码认证
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true

xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /opt/elk/elasticsearch-8.14.2/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /opt/elk/elasticsearch-8.14.2/config/elastic-certificates.p12

#配置https的，如果启动不了，可以先注释下面的配置，启动成功后，设置完密码后再打开这些配置重新启动
#xpack.security.http.ssl.enabled: true
#xpack.security.http.ssl.keystore.path: /opt/elk/elasticsearch-8.14.2/config/elastic-certificates.p12
#xpack.security.http.ssl.truststore.path: /opt/elk/elasticsearch-8.14.2/config/elastic-certificates.p12
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

4.5.4 启动 并设置密码

启动

/opt/elk/elasticsearch-8.14.2/bin/elasticsearch
1

启动完成后，浏览器登陆。发现没有密码。这时我们要去设置密码

http://192.168.200.161:9200/
1

打开主节点的服务器(这一步需要集群是正常运行的)

/opt/elk/elasticsearch-8.14.2/bin/elasticsearch-reset-password --username elastic --interactive
1

4.6 设置https访问

vi /opt/elk/elasticsearch-8.14.2/config/elasticsearch.yml
1

集群配置的最后三行，注释给取消就行

重启es

https://192.168.200.161:9200/
1

5 设置开机自启

su root
1

vi  /etc/systemd/system/elasticsearch.service
1

systemctl daemon-reload
1

systemctl start elasticsearch.service

systemctl stop elasticsearch.service

systemctl enable elasticsearch.service
1
2
3
4
5

启动过程会有点慢，耐心等待一下