一、环境配置
版本
Linux环境:CentOS Linux release 7.9.2009 (Core)
Java:openjdk version 1.8.0_332 (build 25.332-b09, mixed mode)
Elasticsearch版本:7.14.2
配置
节点数量:3
内存:4G
硬盘:30G
CPU个数:1
CPU核心数:2
CPU型号:Intel(R) Core(TM) i5-10500 CPU @ 3.10GHz
hostname | IP地址 | 节点配置 |
---|---|---|
node-1 | 192.168.239.134 | 2C4G |
node-2 | 192.168.239.135 | 2C4G |
node-3 | 192.168.239.136 | 2C4G |
二、linux系统参数设置
- 虚拟内存(Virtual memory) Elasticsearch 默认使用 mmapfs 目录存储其索引。 默认的操作系统对 mmap 计数的限制可能太低,这可能会导致内存不足异常。 在 Linux 上,你可以通过以 root 用户身份运行以下命令来增加限制:
[root@localhost ~]# sysctl -w vm.max_map_count=262144
vm.max_map_count = 262144
要永久设置此值,需要更新 /etc/sysctl.conf 中的 vm.max_map_count 设置。配置完毕后,我们可以使用如下的命令来使之起作用:
代码语言:javascript复制[root@localhost ~]# sysctl -p
vm.max_map_count = 262144
要在重新引导后进行验证,运行
代码语言:javascript复制[root@localhost ~]# sysctl vm.max_map_count
vm.max_map_count = 262144
- 禁用sawpping 禁用sawpping的好处一个是性能问题,开启swap会严重影响性能(包括内存和I/O); 另一个是管理问题,开启swap后通过cgroups设置的内存上限就会失效。
swapoff -a #临时禁用所有的swap文件
vim /etc/fstab #注释掉所有的swap相关的行,永久禁用
- 配置文件描述符
ulimit -n 65535 #临时修改
vim /etc/security/limits.conf #永久修改
* soft nproc 65535
* hard nproc 65535
- 关闭防火墙
[root@node-1 ~]# systemctl stop firewalld.service
[root@node-1 ~]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
- JVM采用elasticsearch自带的,也可自行安装,过程忽略
三、单机ES安装
- 下载并安装Elasticsearch的linux归档文件
[root@localhost ES]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.2-linux-x86_64.tar.gz
[root@localhost ES]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.2-linux-x86_64.tar.gz.sha512
[root@localhost ES]# shasum -a 512 -c elasticsearch-7.14.2-linux-x86_64.tar.gz.sha512
elasticsearch-7.14.2-linux-x86_64.tar.gz: OK
[root@localhost ES]# tar -zxvf elasticsearch-7.14.2-linux-x86_64.tar.gz
[root@localhost ES]# cd elasticsearch-7.14.2/
- 目录介绍: $ES_HOME:/data/hd05/elk/elasticsearch-7.7.0 bin: $ES_HOME/bin #ES启动命令和插件安装命令 conf:$ES_HOME/conf #elasticsearch.yml配置文件目录 data:$ES_HOME/data #对应的参数path.data,用于存放索引分片数据文件 logs:$ES_HOME/logs #对应的参数path.logs,用于存放日志 jdk:$ES_HOME/jdk #自带支持该ES版本的JDK plugins: $ES_HOME/jplugins #插件存放目录 lib: $ES_HOME/lib #存放依赖包,比如Java类库 modules: $ES_HOME/modules #包含所有的ES模块
- 修改elasticsearch.yml的network.host和http.port network.host也可配置为0.0.0.0所有地址均可访问
[root@localhost elasticsearch-7.14.2]# vim config/elasticsearch.yml
[root@localhost elasticsearch-7.14.2]# cat config/elasticsearch.yml | egrep -v '^$|#'
network.host: 192.168.239.134
http.port: 9200
- 创建启动elasticsearch的用户并赋予目录权限
[root@localhost ES]# useradd Elastic
[root@localhost ES]# chown -R Elastic:Elastic /opt/ES/elasticsearch-7.14.2
- 使用Elastic用户启动
[root@localhost ~]# su - Elastic
上一次登录:日 9月 18 16:57:30 CST 2022pts/0 上
[Elastic@localhost ~]$ cd /opt/ES/elasticsearch-7.14.2/
[Elastic@localhost elasticsearch-7.14.2]$ ./bin/elasticsearch ##后面测试没问题后,我们在用“-d”选项放到后台启动
- 验证节点是否正常
[root@node-1 ~]# curl -XGET 192.168.239.134:9200
{
"name" : "localhost.localdomain",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "_na_",
"version" : {
"number" : "7.14.2",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "6bc13727ce758c0e943c3c21653b3da82f627f75",
"build_date" : "2021-09-15T10:18:09.722761972Z",
"build_snapshot" : false,
"lucene_version" : "8.9.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
四、分布式集群部署
- 在其他两台节点执行第一步操作,操作如上第二部分。过程忽略。
- 下载并安装Elasticsearch的linux归档文件
[root@localhost ES]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.2-linux-x86_64.tar.gz
[root@localhost ES]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.2-linux-x86_64.tar.gz.sha512
[root@localhost ES]# shasum -a 512 -c elasticsearch-7.14.2-linux-x86_64.tar.gz.sha512
elasticsearch-7.14.2-linux-x86_64.tar.gz: OK
[root@localhost ES]# tar -zxvf elasticsearch-7.14.2-linux-x86_64.tar.gz
[root@localhost ES]# cd elasticsearch-7.14.2/
- 三台机器配置hosts
[root@node-1 ~]# vim /etc/hosts
192.168.239.134 node-1
192.168.239.135 node-2
192.168.239.136 node-3
- 三台机器互相ping测试联通性
[root@node-1 ~]# ping node-2
PING node-2 (192.168.239.135) 56(84) bytes of data.
64 bytes from node-2 (192.168.239.135): icmp_seq=1 ttl=64 time=0.761 ms
64 bytes from node-2 (192.168.239.135): icmp_seq=2 ttl=64 time=0.736 ms
^C
[root@node-1 ~]# ping node-3
PING node-3 (192.168.239.136) 56(84) bytes of data.
64 bytes from node-3 (192.168.239.136): icmp_seq=1 ttl=64 time=0.386 ms
64 bytes from node-3 (192.168.239.136): icmp_seq=2 ttl=64 time=0.196 ms
64 bytes from node-3 (192.168.239.136): icmp_seq=3 ttl=64 time=1.53 ms
^C
- 配置加密通信证书(三台节点均需操作): 方法1、生产证书
[root@node-1 elasticsearch-7.14.2]# ./bin/elasticsearch-certutil ca -out config/elastic-certificates.p12 -pass "password"
查看config目录,有elastic-certificates.p12文件生成
方法2、
代码语言:javascript复制./bin/elasticsearch-certutil ca #创建集群认证机构,需要交互输入密码
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 #为节点颁发证书,与上面密码一样
执行./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password 并输入第一步输入的密码
执行./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password 并输入第一步输入的密码
将生成的elastic-certificates.p12、elastic-stack-ca.p12文件移动到config目录下
- 配置config/elasticsearch.yml:
[Elastic@node-1 elasticsearch-7.14.2]$ cat config/elasticsearch.yml | egrep -v '^$|#'
cluster.name: my-cluster
node.name: node-1
path.data: /opt/ES/elasticsearch-7.14.2/data
path.logs: /opt/ES/elasticsearch-7.14.2/logs
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["192.168.239.134","192.168.239.135","192.168.239.136"]
cluster.initial_master_nodes: ["node-1", "node-2","node-3"]
discovery.zen.ping_timeout: 60s
http.cors.enabled: true
http.cors.allow-origin: '*'
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /opt/ES/elasticsearch-7.14.2/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /opt/ES/elasticsearch-7.14.2/config/elastic-certificates.p12
- 其他的节点跟上面配置一样,修改上面的node.name和node.master参数,然后要删除data目标,不然会存在报错。 然后使用./bin/elasticsearch -d 后台启动elasticsearch,去掉-d则是前端启动Elasticsearch。 然后./bin/elasticsearch-setup-passwords interactive 配置默认用户的密码:(有如下的交互),可以使用auto自动生成。
[Elastic@node-1 elasticsearch-7.14.2]$ ./bin/elasticsearch-setup-passwords interactive
Enter password for the elasticsearch keystore :
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
1qaz@WSXChanged password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
- 验证是否搭建成功
[root@node-1 elasticsearch-7.14.2]# curl -XGET -uelastic:1234.com 192.168.239.134:9200/_cat/nodes
192.168.239.136 31 95 0 0.38 0.15 0.11 cdfhilmrstw - node-3
192.168.239.135 9 96 0 0.36 0.15 0.09 cdfhilmrstw * node-2
192.168.239.134 17 89 1 0.31 0.14 0.15 cdfhilmrstw - node-1
总结
至此集群就搭建完成了,过程中遇到的坑在下一篇文章
大数据ELK Stack(四):Elasticsearch 集群部署所遇的坑