1.环境准备
wget \
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.2-linux-x86_64.tar.gz \
https://artifacts.elastic.co/downloads/kibana/kibana-7.14.2-linux-x86_64.tar.gz \
https://artifacts.elastic.co/downloads/logstash/logstash-7.14.2-linux-x86_64.tar.gz2、解压缩
tar -zxvf elasticsearch-7.14.2-linux-x86_64.tar.gz3、复制解压文件到/user/local目录下(此步骤亦可以省略)
mv elasticsearch-7.14.2 /usr/local/4、创建用户:修改密码:
useradd es
passwd es5、root分配目录权限给es用户:
chown -R es:es elasticsearch-7.14.26、root用户设置系统参数
vim /etc/security/limits.conf
es hard nofile 65536
es soft nofile 65536
保存并退出
vim /etc/sysctl.conf # 在最后面追加下面内容
vm.max_map_count=655360
执行 sysctl -p7、修改 elasticsearch-7.14.2/config文件夹下编辑 jvm.options,Xms和Xmx
8、进入elasticsearch-7.14.2/config文件夹下编辑elasticsearch.yml,cluster.name,和安全xpack
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: xinren-es-cluster
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-3
node.master: true
node.data: true
node.max_local_storage_nodes: 3
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /opt/es/elasticsearch-7.14.2/data
#
# Path to log files:
#
path.logs: /opt/es/elasticsearch-7.14.2/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 0.0.0.0
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
transport.tcp.port: 9300
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["1.1.1.1:9300", "1.1.1.2:9300", "1.1.1.3:9300"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"]
gateway.recover_after_nodes: 2
gateway.recover_after_time: 5m
gateway.expected_nodes: 3
discovery.zen.ping_timeout: 60shttp.cors.enabled: true
http.cors.allow-origin: "*"
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /opt/es/elasticsearch-7.14.2/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /opt/es/elasticsearch-7.14.2/config/elastic-certificates.p12#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
9、生成 TLS 和身份验证,将会在 config 下生成 elastic-certificates.p12 文件,将此文件传到其他两个节点的 config 目录,注意文件权限
bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""10、注意文件权限
su root
chown -R es:es elasticsearch-7.14.211、在节点 1 上执行如下命令,设置用户密码。设置完之后,数据会自动同步到其他节点。
bin/elasticsearch-setup-passwords interactiveTODO 持续更新