安装elasticsearch6.5集群

发表于 2023-12-01 分类于运维

Elasticsearch6.5集群+Head插件的安装：

安装elasticsearch6.5集群

软件	版本
java	8u361
nodejs	10.15.0
elasticsearch	6.5.4

节点	IP	系统	功能	CPU	内存	硬盘
node1	10.80.10.1	centos7.9	elasticsearch	4核心	8GB	20GB
node2	10.80.10.2	centos7.9	elasticsearch	4核心	8GB	20GB
node3	10.80.10.3	centos7.9	elasticsearch	4核心	8GB	20GB

node1、node2、node3

修改文件描述符限制，重新登录生效：

# vim /etc/security/limits.conf
# 尾行，添加配置
*               soft    nofile           65536
*               hard    nofile           65536
*               soft    nproc            4096
*               hard    nproc            4096

修改内存限制：

1
2
3

# vim /etc/sysctl.conf
# 尾行，添加配置
vm.max_map_count = 262144

1	# sysctl -p

下载安装java：

下载地址：https://www.oracle.com/java/technologies/javase/javase8u211-later-archive-downloads.html

1 2	# cd /usr/local/src/ # tar -xzvf jdk-8u361-linux-x64.tar.gz -C /usr/local/

添加环境变量：

# vim /etc/profile
# 尾行，添加配置
export JAVA_HOME=/usr/local/jdk1.8.0_361
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JRE_HOME=$JAVA_HOME/jre

# source /etc/profile
# java -version
java version "1.8.0_361"
Java(TM) SE Runtime Environment (build 1.8.0_361-b09)
Java HotSpot(TM) 64-Bit Server VM (build 25.361-b09, mixed mode)

创建用户：

1 2	# adduser es # echo 'Luna@2023!!!' \| passwd --stdin es

下载安装elasticsearch：

下载地址：https://www.elastic.co/cn/downloads/past-releases/elasticsearch-6-5-3

# cd /usr/local/src/
# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.5.3.tar.gz
# tar -xzvf elasticsearch-6.5.3.tar.gz -C /usr/local/
# cp /usr/local/elasticsearch-6.5.3/config/elasticsearch.yml{,.bak}
# chown -R es:es /usr/local/elasticsearch-6.5.3/

修改elasticsearch配置文件，注意修改主机名和ip地址：

# vim /usr/local/elasticsearch-6.5.3/config/elasticsearch.yml
# 17行，取消注释，修改配置
cluster.name: my-es
# 23行，取消注释，修改配置
node.name: node1
# 33行，取消注释，修改配置
path.data: data
# 37行，取消注释，修改配置
path.logs: logs
# 55行，取消注释，修改配置
network.host: 10.80.10.1
# 59行，取消注释
http.port: 9200
# 68行，取消注释，修改配置
discovery.zen.ping.unicast.hosts: ["10.80.10.1", "10.80.10.2", "10.80.10.3"]
# 72行，取消注释，修改配置
discovery.zen.minimum_master_nodes: 2
# 尾行，添加配置
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,Content-Type,X-Requested-with,Content-Length

启动elasticsearch：

1
2
3

# su - es
$ /usr/local/elasticsearch-6.5.3/bin/elasticsearch -d
$ tail -f /usr/local/elasticsearch-6.5.3/logs/my-es.log

访问测试，集群内任意节点都一样，带型号是master节点：

$ curl 10.80.10.1:9200
{
  "name" : "node1",
  "cluster_name" : "my-es",
  "cluster_uuid" : "dhgxy4SSQ061G-5jUoGGsw",
  "version" : {
    "number" : "6.5.3",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "159a78a",
    "build_date" : "2018-12-06T20:11:28.826501Z",
    "build_snapshot" : false,
    "lucene_version" : "7.5.0",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}
$ curl 10.80.10.1:9200/_cat/nodes?v
ip         heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
10.80.10.2           28          35   4    0.13    0.07     0.04 mdi       -      node2
10.80.10.3           30          35   4    0.25    0.10     0.06 mdi       *      node3
10.80.10.1           27          35   4    0.02    0.06     0.05 mdi       -      node1

添加密码认证：

$ vim /usr/local/elasticsearch-6.5.3/config/elasticsearch.yml
# 尾行，添加配置
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

创建目录：

1	$ mkdir -p /usr/local/elasticsearch-6.5.3/config/certs

node3

master节点激活xpack：

1 2	$ curl -H "Content-Type:application/json" -XPOST http://10.80.10.3:9200/_xpack/license/start_trial?acknowledge=true {"acknowledged":true,"trial_was_started":true,"type":"trial"}

master节点生成证书：

$ cd /usr/local/elasticsearch-6.5.3/
$ ./bin/elasticsearch-certutil ca
回车
回车
$ ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
回车
回车
回车

拷贝到指定位置：

1
2
3

$ cp elastic-certificates.p12 config/certs/
$ scp elastic-certificates.p12 10.80.10.1:/usr/local/elasticsearch-6.5.3/config/certs/
$ scp elastic-certificates.p12 10.80.10.2:/usr/local/elasticsearch-6.5.3/config/certs/

node1、node2、node3

重启elasticsearch：

1
2
3

$ ps -ef | grep elastic | grep -v grep | awk '{print $2}' | xargs kill
$ /usr/local/elasticsearch-6.5.3/bin/elasticsearch -d
$ tail -f /usr/local/elasticsearch-6.5.3/logs/my-es.log

node1

创建密码，集群内任意节点都可以：

1
2
3

$ /usr/local/elasticsearch-6.5.3/bin/elasticsearch-setup-passwords interactive
y
全部是123456

默认的六个账号：

apm_system
kibana
logstash_system
beats_system
remote_monitoring_user
elastic

访问测试需要指定账户密码，否则报错：

$ curl 10.80.10.1:9200
{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication token for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}
$ curl -u elastic:123456 10.80.10.1:9200
{
  "name" : "node1",
  "cluster_name" : "my-es",
  "cluster_uuid" : "dhgxy4SSQ061G-5jUoGGsw",
  "version" : {
    "number" : "6.5.3",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "159a78a",
    "build_date" : "2018-12-06T20:11:28.826501Z",
    "build_snapshot" : false,
    "lucene_version" : "7.5.0",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}

测试集群：

$ curl -u elastic:123456 10.80.10.1:9200/_cluster/health?pretty
{
  "cluster_name" : "my-es",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 1,
  "active_shards" : 2,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}
$ curl -u elastic:123456 10.80.10.1:9200/_cat/nodes?v
ip         heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
10.80.10.2           32          35   1    0.03    0.07     0.06 mdi       -      node2
10.80.10.3           34          35   1    0.02    0.29     0.25 mdi       *      node3
10.80.10.1           29          35   1    0.03    0.07     0.06 mdi       -      node1

node1、node2、node3

下载安装nodejs：

下载地址：https://nodejs.org/dist/

$ exit
# cd /usr/local/src/
# wget https://nodejs.org/dist/v10.15.0/node-v10.15.0-linux-x64.tar.gz
# tar -xzvf node-v10.15.0-linux-x64.tar.gz
# mv node-v10.15.0-linux-x64 /usr/local/node-v10.15.0
# chown -R es:es /usr/local/node-v10.15.0/

配置环境变量：

# vim /etc/profile
# 尾行，添加配置
export NODE_PATH=/usr/local/node-v10.15.0
export PATH=$PATH:$NODE_PATH/bin

1
2
3

# source /etc/profile
# node -v
v10.15.0

下载安装head插件：

下载地址：https://github.com/mobz/elasticsearch-head

# yum install -y bzip2
# cd /usr/local/src/
# wget https://github.com/mobz/elasticsearch-head/archive/refs/heads/master.zip -O elasticsearch-head-master.zip
# unzip elasticsearch-head-master.zip
# mv elasticsearch-head-master/ /usr/local/
# chown -R es:es /usr/local/elasticsearch-head-master/
# su - es
$ cd /usr/local/elasticsearch-head-master/
$ npm install -g grunt-cli --registry=https://registry.npm.taobao.org
$ npm install --registry=https://registry.npm.taobao.org

打包插件：

1	# tar -xzvf elasticsearch-head-master.tar.gz elasticsearch-head-master

启动head插件：

1 2	$ npm run start & $ exit

浏览器访问：http://10.80.10.1:9100/?auth_user=elastic&auth_password=123456

1	连接：http://10.80.10.1:9200/

node1

插入索引测试：

1 2	# curl -u elastic:123456 -X PUT http://10.80.10.1:9200/test {"acknowledged":true,"shards_acknowledged":true,"index":"test"}

删除索引：

1 2	# curl -u elastic:123456 -X DELETE http://10.80.10.1:9200/test {"acknowledged":true}