这次ES8集群部署花的时间真不少,还熬了两夜,原本是比较简单的,同事搞就可以了,结果还是超出了预期,不熟悉的东西部署也是相当耗时间的。开始是准备基于Docker部署的,但是没有成功,网上参考了很多,调各个配置参数,就是没成功,后来看到这个文章:https://www.zsjweblog.com/2022/03/09/elasticsearch8-1-0集群搭建/,改为直接使用安装包进行部署,在测试机上尝试是可以把几个节点服务连接成一个集群的。
像这类需要部署成集群的,还是使用原生部署比较好,之前部署doris的经历也是类似,开始使用docker部署,各种踩坑,后来还是改用原生进行部署,才成功了。
以下是熬了两天的成果:
部署4个节点的ES8集群:
节点 | IP | http.port | transport.port |
|---|---|---|---|
node-1 | ip1 | 9200 | 9300 |
node-2 | ip2 | 9200 | 9300 |
node-3 | ip3 | 9200 | 9300 |
node-4 | ip4 | 9200 | 9300 |
IP换成实际的IP地址,通常是使用内网IP。如果同一个服务器上部署多个节点,则部署时可以使用不同的端口号进行区分。
1. 下载ES8
代码语言:javascript复制cd 安装目录
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.1.0-linux-x86_64.tar.gz
# 解压
tar -zxf elasticsearch-8.1.0-linux-x86_64.tar.gz
如果连不了外网,则在本地下载好上传到安装目录。
这个步骤每个服务都要执行一次。
2. 生成证书
代码语言:javascript复制cd elasticsearch-8.10.4
# 连续回车,在当前目录生成文件:elastic-stack-ca.p12
bin/elasticsearch-certutil ca
# 生成证书
# 连续回车,在当前目录生成证书文件:elastic-certificates.p12
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
# 移动到配置目录
mv elastic-certificates.p12 config/
这个步骤只需要在节点1执行即可,在其他节点服务器只需要将该证书文件elastic-certificates.p12赋值到对应的config目录即可。
3. 修改配置
vim config/elasticsearch.yml
代码语言:javascript复制# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
# 可以根据需要进行修改
cluster.name: deeao
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
#path.data: /path/to/data
#
# Path to log files:
#
#path.logs: /path/to/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
#network.host: 192.168.0.1
network.host: 0.0.0.0
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
transport.port: 9300
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
# 根据实际进行配置
discovery.seed_hosts: ["ip1:9300", "ip2:9300", "ip3:9300", "ip4:9300"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
# 节点名称要注意对应
cluster.initial_master_nodes: ["node-1", "node-2", "node-3", "node-4"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false
#
#
# -----------------------------------------------------------------------------
#
# 是否支持跨域
http.cors.enabled: true
# 默认为*表示支持所有域名跨域访问,也可以指定域名跨域,或者使用正则表达式匹配。
http.cors.allow-origin: "*"
# 跨域允许设置的头信息
http.cors.allow-headers: Authorization
# 是否返回设置的跨域Access-Control-Allow-Credentials头
http.cors.allow-credentials: true
# 开启x-pack
xpack.security.enabled: true
# 开启ssl认证
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.client_authentication: required
# 配置生成的ca证书,这里的路径可以根据
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.authc.api_key.enabled: true
在其他节点服务器上,通常把该配置文件复制过去,再要修改节点名称即可。注意节点名称,一定要在cluster.initial_master_nodes中。
4. 启动ES服务
在每一个服务器上启动服务
代码语言:javascript复制# 测试期间可以直接启动
./bin/elasticsearch
# 启动后台服务
nohup ./bin/elasticsearch &
# 查看集群日志
tail -f logs/deeao.log
5. 设置集群密码
这个步骤只需要在节点1上执行即可。
代码语言:javascript复制bin/elasticsearch-setup-passwords auto
这个命令会自动生成随机密码,输出大概如下,注意保存:
代码语言:javascript复制Changed password for user apm_system
PASSWORD apm_system = VadTJ7fWqL5hCJAjE3Co
Changed password for user kibana_system
PASSWORD kibana_system = 0B5d8WESa3TDsRdJ64eZ
Changed password for user kibana
PASSWORD kibana = 0B5d8WESa3TDsRdJ64eZ
Changed password for user logstash_system
PASSWORD logstash_system = EaRC1iKNioa8x0uRO3mN
Changed password for user beats_system
PASSWORD beats_system = mMnDSqF2oTuQPhqukUga
Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = P4DLXc1VBDyFBWaQNqZw
Changed password for user elastic
PASSWORD elastic = fHNY2y8x78CqGNBSKqRp
如果需要单独设置某用户的密码可以使用:
代码语言:javascript复制bin/elasticsearch-setup-passwords interactive
6. 检查集群是否健康
在任意节点上执行的效果应该都类似的:
代码语言:javascript复制curl -u "elastic:fHNY2y8x78CqGNBSKqRp" -XGET "ip:9200/
_cluster/health"
输出大致如下:
{"cluster_name":"deeao","status":"green","timed_out":false,"number_of_nodes":4,"number_of_data_nodes":4,"active_primary_shards":1,"active_shards":4,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":0,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":100.0}
表示deeao这个集群现在有4个节点,集群状态为green。
