准備工作
3台虛擬機,內存2g+,硬盤20g
| ip | 節點 | 角色 | 系統 |
|---|---|---|---|
| 192.168.94.145 | node0 | master1 | centos7 |
| 192.168.94.147 | node1 | slave1 | centos7 |
| 192.168.94.148 | node2 | slave2 | centos7 |
-
關閉防火牆selinux
systemctl stop firewalld && systemctl disable firewalld setenforce 0 -
設置內核參數
[esuser@node0 elasticsearch-7.16.2]$ vim /etc/sysctl.conf vm.max_map_count=262144 [esuser@node0 elasticsearch-7.16.2]$ vim /etc/security/limits.conf * soft nofile 65536 * hard nofile 65536 sysctl -p -
部署java環境
yum -y install java #若是二進制安裝則需要配置環境變量指定$JAVA_HOME -
安裝常用命令(如果有就不用)
yum -y install vim wget
安裝
部署
#下載二進制包
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.16.2-linux-x86_64.tar.gz
#解壓到指定目錄
tar -xf elasticsearch-7.16.2-linux-x86_64.tar.gz -C /opt/
#創建es用戶
groupadd esuser
useradd -g esuser esuser
#創建數據存放目錄
mkdir /opt/esdata
#更改屬主組為esuser
chown -R esuser:esuser /opt/e.*
#填寫本地配置(三台都要)
vim config/elasticsearch.yml
cluster.name: estest
node.name: esnode1#(是哪個節點就改成對應節點名字,不能重復)
node.master: true
node.data: true
path.data: /opt/esdata
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
network.host: 0.0.0.0
http.port: 9200#綁定網頁訪問端口
http.cors.enabled: true
http.cors.allow-origin: "*"
cluster.initial_master_nodes: ["192.168.94.145","192.168.94.146","192.168.94.147"]#定義集群初始主節點
discovery.seed_hosts: ["192.168.94.145","192.168.94.146","192.168.94.147"]#定義集群所有節點
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
配置密碼
#生成證書(在當前目錄生成)
[esuser@node0 elasticsearch-7.16.2]$ ./bin/elasticsearch-certutil ca
...
Please enter the desired output file [elastic-stack-ca.p12]:#按回車
Enter password for elastic-stack-ca.p12 :#按回車
#頒發證書(在當前目錄生成)
[esuser@node0 elasticsearch-7.16.2]$ ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 #直接按回車,不輸入密碼
#分發證書到對應節點
chmod 777 elastic-certificates.p12
mv elastic-certificates.p12 config/
[root@node0 elasticsearch-7.16.2]# scp elastic-stack-ca.p12 192.168.94.146:/opt/elasticsearch-7.16.2/config
[root@node0 elasticsearch-7.16.2]# scp elastic-stack-ca.p12 192.168.94.147:/opt/elasticsearch-7.16.2/config
#啟動服務(各節點都要)
[root@node0 elasticsearch-7.16.2]# su esuser
[root@node0 elasticsearch-7.16.2]# ./opt/elasticsearch-7.16.2/bin/elasticsearch -d &
#修改密碼(主節點)
[root@node0 elasticsearch-7.16.2]# ./bin/elasticsearch-setup-passwords interactive
#每個用戶會讓你輸入2遍密碼
訪問驗證
#訪問驗證
[esuser@node0 bin]$ curl -u elastic:123456 http://192.168.94.145:9200/_cat/nodes?v
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
192.168.94.147 28 94 0 0.00 0.01 0.05 cdfhilrstw - esnode3
192.168.94.146 11 96 0 0.00 0.01 0.05 cdfhilmrstw - esnode2
192.168.94.145 61 70 0 0.00 0.01 0.05 cdfhilmrstw * esnode1