一.下载Elasticsearch8.13.0的安装包
代码语言:bash复制curl -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.13.0-linux-x86_64.tar.gz
curl https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.13.0-linux-x86_64.tar.gz.sha512 | shasum -a 512 -c -
tar -xzf elasticsearch-8.13.0-linux-x86_64.tar.gz
cd elasticsearch-8.13.0/ 二.配置JVM运行环境
代码语言:bash复制vi /etc/profile
#在profile中添加以下几行内容
export JAVA_HOME=/data/elasticsearch-8.13.0/jdk
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
#保存退出
:wq
#编译文件,更新配置
source /etc/profile三.修改Elasticsearch节点的JVM堆内存额度
代码语言:bash复制cd /data/elasticsearch-8.13.0
vi config/jvm.options
#将以下两行修改为节点内存的一半,最大设置为32G
-Xms32g
-Xmx32g
#保存退出
:wq四.设置Elasticsearch配置文件,配置集群运行参数
代码语言:yml复制#编辑elasticsearch.yml
vi elasticsearch.yml
#更新以下配置内容
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: es-cluster
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: DATA-01
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /esdata
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 20.20.1.1
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
transport.port: 9300
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["20.20.1.1", "20.20.1.2", "20.20.1.2"]
discovery.find_peers_interval: 120s
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
node.roles: [master,data_content,data_hot,data_cold,data_warm,remote_cluster_client,ingest,transform,ml]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["DATA-01", "DATA-02", "DATA-03"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false
#保存退出
:wq五.生成pem证书,配置xpack安全认证
代码语言:yml复制#使用 Elasticsearch 自带的证书生成工具来创建 CA 和证书
./bin/elasticsearch-certutil ca
#使用生成的 CA 证书为集群生成证书
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
#生成的证书可以放置在适当的位置,并更新 elasticsearch.yml 中的 xpack.security.transport.ssl 设置,指向新的证书文件
#在 elasticsearch.yml更新如下安全配置
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.keystore.path: /data/elasticsearch-8.13.0/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /data/elasticsearch-8.13.0/elastic-certificates.p12
xpack.security.enabled: true可以使用以下命令验证证书是否正确。
代码语言:bash复制openssl pkcs12 -info -in /data/elasticsearch-8.13.0/elastic-stack-ca.p12六.设置vm.max_map_count
代码语言:bash复制#系统的虚拟内存区域的最大映射数 (vm.max_map_count) 配置不足,导致 Elasticsearch 无法分配足够的内存。Elasticsearch 需要更大的虚拟内存区域来正常运行
#编辑sysctl.conf文件
vi /etc/sysctl.conf
#在文件末尾添加
vm.max_map_count=262144
#保存退出
:wq
#更新配置,立即生效
sudo sysctl -p
#执行以下命令,确保 vm.max_map_count 已设置为262144
sysctl vm.max_map_count七.将证书密码存储至Elasticsearch密钥库
代码语言:bash复制#在每台Elasticsearch节点上执行以下两条命令,并输入生成证书时设置的密码
./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password八.配置Elasticsearch账户,并修改相关权限
代码语言:bash复制useradd elasticsearch
groupadd elasticsearch
usermod -a -G elasticsearch elasticsearch
#修改Elasticsearch安装目录及文件的用户与用户组
chown -R elasticsearch:elasticsearch elasticsearch-8.13.0
九.启动Elasticsearch
代码语言:bash复制#Elasticsearch服务启动时不允许使用root账户启动,所以需要切换至Elasticsearch账户。
su elasticsearch
#启动Elasticsearch,检查是否正常启动有无报错。
./bin/elasticsearch
#如果启动正常,则可以使用守护进程方式进行启动。
./bin/elasticsearch -d -p pid十.验证Elasticsearch是否启动成功
代码语言:txt复制ps -aux|grep elasticsearch
curl -u elastic:passwd 20.20.1.1:9200
