Elasticsearch 7.17 集群添加账号密码
1. 环境信息
1.1 主机列表
| IP | 主机名 | 操作系统 | JAVA_HOME |
|---|---|---|---|
| 10.0.0.22 | SY-AFP-ES01 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.23 | SY-AFP-ES02 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.24 | SY-AFP-ES03 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.25 | SY-AFP-ES04 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.26 | SY-AFP-ES05 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.27 | SY-AFP-ES06 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.28 | SY-AFP-ES07 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.29 | SY-AFP-ES08 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.30 | SY-AFP-ES09 | Red Hat Enterprise Linux release 8.6 (Ootpa) | /opt/app/middles/jdk1.8.0_471 |
| 10.0.0.31 | sy-afp-bigdata01 | Red Hat Enterprise Linux Server release 7.9 (Maipo) |
1.2 集群信息
| IP | 主机名 | Elasticsearch/Kibana 版本 | 节点类型/部署服务 | HTTP 端口 | 集群部署与启停用户 |
|---|---|---|---|---|---|
| 10.0.0.22 | SY-AFP-ES01 | elasticsearch-7.17.14 | master、data | master node 9201 data node 9200 | afp |
| 10.0.0.23 | SY-AFP-ES02 | elasticsearch-7.17.14 | master、data | master node 9201 data node 9200 | afp |
| 10.0.0.24 | SY-AFP-ES03 | elasticsearch-7.17.14 | master、data | master node 9201 data node 9200 | afp |
| 10.0.0.25 | SY-AFP-ES04 | elasticsearch-7.17.14 | data | data node 9200 | afp |
| 10.0.0.26 | SY-AFP-ES05 | elasticsearch-7.17.14 | data | data node 9200 | afp |
| 10.0.0.27 | SY-AFP-ES06 | elasticsearch-7.17.14 kibana-7.12.1 | kibana、data | kibana 5601 data node 9200 | afp |
| 10.0.0.28 | SY-AFP-ES07 | elasticsearch-7.17.14 | data | data node 9200 | afp |
| 10.0.0.29 | SY-AFP-ES08 | elasticsearch-7.17.14 | data | data node 9200 | afp |
| 10.0.0.30 | SY-AFP-ES09 | elasticsearch-7.17.14 | data | data node 9200 | afp |
| 10.0.0.31 | sy-afp-bigdata01 |
1.3 说明
为简化上线时的操作,使用 sy-afp-bigdata01 机器作为管理机,通过此机器的 afp 用户 ssh 到其他机器的 afp 用户进行远程批量操作,完成集群配置。
2. 集群管理脚本
2.1 afp-elasticsearch-prod.sh
#!/bin/bash
# ======================================================================
# Script Name: afp-elasticsearch-prod.sh
# Description: Elasticsearch 集群管理脚本
# Author: 老地瓜大数据
# Create Date: 2025-11-18
# ======================================================================
ELASTICSEARCH_MASTER_NODES="SY-AFP-ES01 SY-AFP-ES02 SY-AFP-ES03"
ELASTICSEARCH_DATA_NODES="SY-AFP-ES01 SY-AFP-ES02 SY-AFP-ES03 SY-AFP-ES04 SY-AFP-ES05 SY-AFP-ES06 SY-AFP-ES07 SY-AFP-ES08 SY-AFP-ES09"
ELASTICSEARCH_MASTER_NODE_HOME=/opt/app/middles/elasticsearch-7.17.14-masternode
ELASTICSEARCH_DATA_NODE_HOME=/opt/app/middles/elasticsearch-7.17.14-datanode
ELASTICSEARCH_MASTER_NODE_HTTP_PORT=9201
ELASTICSEARCH_DATA_NODE_HTTP_PORT=9200
ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE="$ELASTICSEARCH_MASTER_NODE_HOME/config/elasticsearch.yml"
ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE="$ELASTICSEARCH_DATA_NODE_HOME/config/elasticsearch.yml"
RANDOM_AVAILABLE_HOST=""
ELASTICSEARCH_CONFIG_KEY=""
ELASTICSEARCH_STATIC_CONFIG_VALUE=""
ELASTICSEARCH_DYNAMIC_CONFIG_JSON=""
ELASTICSEARCH_USER="elastic"
ELASTICSEARCH_PASSWORD="HJgl12#$"
ELASTICSEARCH_SECURITY_ENABLED=true
dest_java_home=/opt/app/middles/jdk1.8.0_471
source /etc/profile
operations="start stop status restart start_master stop_master status_master restart_master start_data stop_data status_data restart_data get_config set_dynamic_config set_static_config delete_static_config generate_cert_file"
if [[ -z "$1" || ! $operations =~ $1 ]]; then
echo "
Usage: afp-elasticsearch.sh operations
The following operations are supported:
start
stop
restart
status
start_master
stop_master
restart_master
status_master
start_data
stop_data
restart_data
status_data
get_config
set_dynamic_config
set_static_config
delete_static_config
generate_cert_file
Your arg is: $1
"
exit -1
fi
if [[ "$1" == "get_config" ]]; then
if [[ $# -ne 2 ]]; then
echo "
Usage: afp-elasticsearch.sh get_config config_key
Examples: afp-elasticsearch.sh get_config xpack.security.enabled
"
exit -1
else
ELASTICSEARCH_CONFIG_KEY=$2
fi
fi
if [[ "$1" == "delete_static_config" ]]; then
if [[ $# -ne 2 ]]; then
echo "
Usage: afp-elasticsearch.sh delete_static_config config_key
Examples: afp-elasticsearch.sh delete_static_config xpack.security.enabled
"
exit -1
else
ELASTICSEARCH_CONFIG_KEY=$2
fi
fi
if [[ "$1" == "set_dynamic_config" ]]; then
if [[ $# -ne 2 ]]; then
echo "
Usage: afp-elasticsearch.sh set_dynamic_config json_str
Examples: afp-elasticsearch.sh set_dynamic_config '{\"persistent\":{\"cluster.max_shards_per_node\":\"10000\"}}'
Examples: afp-elasticsearch.sh set_dynamic_config '{\"transient\":{\"cluster.max_shards_per_node\":\"10000\"}}'
"
exit -1
else
ELASTICSEARCH_DYNAMIC_CONFIG_JSON=$2
fi
fi
if [[ "$1" == "set_static_config" ]]; then
if [[ $# -ne 3 ]]; then
echo "
Usage: afp-elasticsearch.sh set_config config_key config_value
Examples: afp-elasticsearch.sh set_config xpack.security.enabled false
"
exit -1
else
ELASTICSEARCH_CONFIG_KEY=$2
ELASTICSEARCH_STATIC_CONFIG_VALUE="$3"
fi
fi
line="-----------------------------------------------------------------------------"
function stop_master() {
echo
for node in $ELASTICSEARCH_MASTER_NODES; do
echo "Stop elasticsearch master node in $node"
echo $line
ssh $node "
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;32mThe elasticsearch service has not been started and does not need to stopped\033[0m\"
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
kill -SIGTERM \$pid
# 检测60次,每次间隔5s,即:如果5分钟还无法停止服务,则宣告服务停止失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
break
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service stop failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully stopped\033[0m\"
fi
fi
"
echo
done
}
function stop_data() {
echo
for node in $ELASTICSEARCH_DATA_NODES; do
echo "Stop elasticsearch data node in $node"
echo $line
ssh $node "
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;32mThe elasticsearch service has not been started and does not need to stopped\033[0m\"
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
kill -SIGTERM \$pid
# 检测60次,每次间隔5s,即:如果5分钟还无法停止服务,则宣告服务停止失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
break
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service stop failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully stopped\033[0m\"
fi
fi
"
echo
done
}
function stop() {
stop_master
stop_data
}
function restart_master() {
echo
for node in $ELASTICSEARCH_MASTER_NODES; do
echo "Restart elasticsearch master node in $node"
echo $line
ssh $node "
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;32mThe elasticsearch service has not been started and does not need to stopped\033[0m\"
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
kill -SIGTERM \$pid
# 检测60次,每次间隔5s,即:如果5分钟还无法停止服务,则宣告服务停止失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
break
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service stop failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully stopped\033[0m\"
fi
fi
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
nohup ${ELASTICSEARCH_MASTER_NODE_HOME}/bin/elasticsearch -d >/dev/null 2>&1 &
# 检测60次,每次间隔5s,即:如果5分钟还无法启动服务,则宣告服务启动失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
break
else
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service start failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully started\033[0m\"
fi
"
echo
done
}
function restart_data() {
echo
for node in $ELASTICSEARCH_DATA_NODES; do
echo "Restart elasticsearch data node in $node"
echo $line
ssh $node "
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;32mThe elasticsearch service has not been started and does not need to stopped\033[0m\"
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
kill -SIGTERM \$pid
# 检测60次,每次间隔5s,即:如果5分钟还无法停止服务,则宣告服务停止失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
break
else
echo -e \"\033[1;32mStop elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service stop failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully stopped\033[0m\"
fi
fi
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
nohup ${ELASTICSEARCH_DATA_NODE_HOME}/bin/elasticsearch -d >/dev/null 2>&1 &
# 检测60次,每次间隔5s,即:如果5分钟还无法启动服务,则宣告服务启动失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
break
else
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service start failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully started\033[0m\"
fi
"
echo
done
}
function restart() {
restart_master
restart_data
}
function status_master() {
echo
for h in $ELASTICSEARCH_MASTER_NODES; do
echo "Elasticsearch master node status in $h"
echo $line
process_name=$(ssh $h "lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null" 2>/dev/null)
if [ "x$process_name" == "x" ];
then
echo -e "Elasticsearch master node process is \033[1;31mNOT RUNNING\033[0m"
else
echo -e "Elasticsearch master node process is \033[1;32mRUNNING, ${process_name}\033[0m"
fi
echo
done
}
function status_data() {
echo
for h in $ELASTICSEARCH_DATA_NODES; do
echo "Elasticsearch data node status in $h"
echo $line
process_name=$(ssh $h "lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null" 2>/dev/null)
if [ "x$process_name" == "x" ];
then
echo -e "Elasticsearch data node process is \033[1;31mNOT RUNNING\033[0m"
else
echo -e "Elasticsearch data node process is \033[1;32mRUNNING, ${process_name}\033[0m"
fi
echo
done
}
function status() {
status_master
status_data
}
function start_master() {
echo
for node in $ELASTICSEARCH_MASTER_NODES; do
echo "Start elasticsearch master node in $node"
echo $line
ssh $node "
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;32mThe elasticsearch service was started and does not need to start\033[0m\"
else
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
nohup ${ELASTICSEARCH_MASTER_NODE_HOME}/bin/elasticsearch -d >/dev/null 2>&1 &
# 检测60次,每次间隔5s,即:如果5分钟还无法启动服务,则宣告服务启动失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
break
else
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_MASTER_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service start failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully started\033[0m\"
fi
fi
"
echo
done
}
function start_data() {
echo
for node in $ELASTICSEARCH_DATA_NODES; do
echo "Start elasticsearch data node in $node"
echo $line
ssh $node "
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;32mThe elasticsearch service was started and does not need to start\033[0m\"
else
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
nohup ${ELASTICSEARCH_DATA_NODE_HOME}/bin/elasticsearch -d >/dev/null 2>&1 &
# 检测60次,每次间隔5s,即:如果5分钟还无法启动服务,则宣告服务启动失败
for i in {1..60}; do
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
break
else
echo -e \"\033[1;32mStart elasticsearch service...\033[0m\"
fi
done
sleep 5
pid=\$(lsof -i :$ELASTICSEARCH_DATA_NODE_HTTP_PORT | tail -1 | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;31mThe elasticsearch service start failure!\033[0m\"
else
echo -e \"\033[1;32mThe elasticsearch service has been successfully started\033[0m\"
fi
fi
"
echo
done
}
function start() {
start_master
start_data
}
function find_available_es_host() {
available_host_str=""
host_array=($(echo "$ELASTICSEARCH_DATA_NODES" | awk '{for(i=1;i<=NF;i++) print $i}'))
for host in ${host_array[@]}
do
if [[ "$ELASTICSEARCH_SECURITY_ENABLED" == "true" ]]; then
return_code=$(curl -u "$ELASTICSEARCH_USER:$ELASTICSEARCH_PASSWORD" -I http://$host:$ELASTICSEARCH_DATA_NODE_HTTP_PORT 2>> /dev/null | awk '/HTTP\/1\.[0-9] [0-9]{3}/ {print $2}')
else
return_code=$(curl -I http://$host:$ELASTICSEARCH_DATA_NODE_HTTP_PORT 2>> /dev/null | awk '/HTTP\/1\.[0-9] [0-9]{3}/ {print $2}')
fi
if [ $return_code == "200" ];then
if [ -z "$available_host_str" ];then
available_host_str=$host
else
available_host_str=$available_host_str" "$host
fi
fi
done
available_host_array=($available_host_str)
random_index=$((RANDOM % ${#available_host_array[@]}))
RANDOM_AVAILABLE_HOST=${available_host_array[$random_index]}
if [ -z "$RANDOM_AVAILABLE_HOST" ];then
echo -e "\033[1;31mNo available es host!\033[0m"
exit -1
fi
}
function get_config() {
find_available_es_host
if [[ "$ELASTICSEARCH_SECURITY_ENABLED" == "true" ]]; then
curl -u "$ELASTICSEARCH_USER:$ELASTICSEARCH_PASSWORD" -s "http://${RANDOM_AVAILABLE_HOST}:${ELASTICSEARCH_DATA_NODE_HTTP_PORT}/_nodes/settings?flat_settings=true" | grep -Eo "(\"$ELASTICSEARCH_CONFIG_KEY\"|\"host\"):\"[^\"]*\""
else
curl -s "http://${RANDOM_AVAILABLE_HOST}:${ELASTICSEARCH_DATA_NODE_HTTP_PORT}/_nodes/settings?flat_settings=true" | grep -Eo "(\"$ELASTICSEARCH_CONFIG_KEY\"|\"host\"):\"[^\"]*\""
fi
}
function set_dynamic_config() {
find_available_es_host
if [[ "$ELASTICSEARCH_SECURITY_ENABLED" == "true" ]]; then
msg=$(curl "$ELASTICSEARCH_USER:$ELASTICSEARCH_PASSWORD" -i -H "Content-Type: application/json" -XPUT "http://${RANDOM_AVAILABLE_HOST}:${ELASTICSEARCH_DATA_NODE_HTTP_PORT}/_cluster/settings" -d "$ELASTICSEARCH_DYNAMIC_CONFIG_JSON" 2>/dev/null)
else
msg=$(curl -i -H "Content-Type: application/json" -XPUT "http://${RANDOM_AVAILABLE_HOST}:${ELASTICSEARCH_DATA_NODE_HTTP_PORT}/_cluster/settings" -d "$ELASTICSEARCH_DYNAMIC_CONFIG_JSON" 2>/dev/null)
fi
code=$(echo "$msg" | grep 'HTTP/1.1 200 OK' | awk '{print $2}')
if [ "${code}" == "200" ];then
echo -e "\033[1;32mOperate successfully!\033[0m"
else
echo -e "\033[1;31mOperate failed! ${msg}\033[0m"
exit -1
fi
}
function set_static_config() {
echo
for node in $ELASTICSEARCH_MASTER_NODES; do
echo "Update $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE in $node"
echo $line
ssh $node "
old_config=\$(grep \"^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY:\" $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE)
if [[ \"x\$old_config\" == \"x\" ]]; then
echo \"$ELASTICSEARCH_CONFIG_KEY: "$ELASTICSEARCH_STATIC_CONFIG_VALUE"\" >> $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE
else
sed -i -e 's|^$ELASTICSEARCH_CONFIG_KEY:.*|$ELASTICSEARCH_CONFIG_KEY: "$ELASTICSEARCH_STATIC_CONFIG_VALUE"|' $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE
fi
grep -w \"^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY\" $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE
"
echo
done
echo
for node in $ELASTICSEARCH_DATA_NODES; do
echo "Update $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE in $node"
echo $line
ssh $node "
old_config=\$(grep \"^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY:\" $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE)
if [[ \"x\$old_config\" == \"x\" ]]; then
echo \"$ELASTICSEARCH_CONFIG_KEY: "$ELASTICSEARCH_STATIC_CONFIG_VALUE"\" >> $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE
else
sed -i -e 's|^$ELASTICSEARCH_CONFIG_KEY:.*|$ELASTICSEARCH_CONFIG_KEY: "$ELASTICSEARCH_STATIC_CONFIG_VALUE"|' $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE
fi
grep -w \"^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY\" $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE
"
echo
done
}
function delete_static_config() {
echo
for node in $ELASTICSEARCH_MASTER_NODES; do
echo "Delete config in $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE in $node"
echo $line
ssh $node "
sed -i \"/^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY:/d\" $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE
grep -w \"^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY\" $ELASTICSEARCH_MASTER_NODE_YML_CONFIG_FILE
"
echo
done
echo
for node in $ELASTICSEARCH_DATA_NODES; do
echo "Delete config in $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE in $node"
echo $line
ssh $node "
sed -i \"/^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY:/d\" $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE
grep -w \"^[[:space:]]*$ELASTICSEARCH_CONFIG_KEY\" $ELASTICSEARCH_DATA_NODE_YML_CONFIG_FILE
"
echo
done
}
function generate_cert_file() {
echo
RANDOM_AVAILABLE_HOST=$(echo $ELASTICSEARCH_DATA_NODES | awk '{print $3}')
echo "Generate cert file"
echo $line
ssh $RANDOM_AVAILABLE_HOST "
rm -f ${ELASTICSEARCH_DATA_NODE_HOME}/*.p12 ${ELASTICSEARCH_DATA_NODE_HOME}/*.keystore
${ELASTICSEARCH_DATA_NODE_HOME}/bin/elasticsearch-certutil ca --out ${ELASTICSEARCH_DATA_NODE_HOME}/elastic-stack-ca.p12 --pass \"\"
${ELASTICSEARCH_DATA_NODE_HOME}/bin/elasticsearch-certutil cert --ca ${ELASTICSEARCH_DATA_NODE_HOME}/elastic-stack-ca.p12 --out ${ELASTICSEARCH_DATA_NODE_HOME}/elastic-certificates.p12 --pass \"\" --ca-pass \"\"
echo y | ${ELASTICSEARCH_DATA_NODE_HOME}/bin/elasticsearch-keystore create
"
scp $RANDOM_AVAILABLE_HOST:${ELASTICSEARCH_DATA_NODE_HOME}/elastic-stack-ca.p12 /tmp/
scp $RANDOM_AVAILABLE_HOST:${ELASTICSEARCH_DATA_NODE_HOME}/elastic-certificates.p12 /tmp/
scp $RANDOM_AVAILABLE_HOST:${ELASTICSEARCH_DATA_NODE_HOME}/config/elasticsearch.keystore /tmp/
for node in $ELASTICSEARCH_DATA_NODES; do
ssh $node "rm -f ${ELASTICSEARCH_DATA_NODE_HOME}/*.p12 ${ELASTICSEARCH_DATA_NODE_HOME}/*.keystore"
scp /tmp/elastic-stack-ca.p12 $node:${ELASTICSEARCH_DATA_NODE_HOME}/config/
scp /tmp/elastic-certificates.p12 $node:${ELASTICSEARCH_DATA_NODE_HOME}/config/
scp /tmp/elasticsearch.keystore $node:${ELASTICSEARCH_DATA_NODE_HOME}/config/
done
for node in $ELASTICSEARCH_MASTER_NODES; do
ssh $node "rm -f ${ELASTICSEARCH_MASTER_NODE_HOME}/*.p12 ${ELASTICSEARCH_MASTER_NODE_HOME}/*.keystore"
scp /tmp/elastic-stack-ca.p12 $node:${ELASTICSEARCH_MASTER_NODE_HOME}/config/
scp /tmp/elastic-certificates.p12 $node:${ELASTICSEARCH_MASTER_NODE_HOME}/config/
scp /tmp/elasticsearch.keystore $node:${ELASTICSEARCH_MASTER_NODE_HOME}/config/
done
rm -rf /tmp/elastic-stack-ca.p12 /tmp/elastic-certificates.p12 /tmp/elasticsearch.keystore
echo
for node in $ELASTICSEARCH_MASTER_NODES; do
echo "cert file in master node $node"
echo $line
ssh $node "
ls -l ${ELASTICSEARCH_MASTER_NODE_HOME}/config/*.p12
"
echo
done
echo
for node in $ELASTICSEARCH_DATA_NODES; do
echo "cert file in data node $node"
echo $line
ssh $node "
ls -l ${ELASTICSEARCH_DATA_NODE_HOME}/config/*.p12
"
echo
done
}
function set_password() {
# ${ELASTICSEARCH_DATA_NODE_HOME}/bin/elasticsearch-setup-passwords auto
}
case $1 in
"start")
start
;;
"start_master")
start_master
;;
"start_data")
start_data
;;
"status")
status
;;
"status_master")
status_master
;;
"status_data")
status_data
;;
"stop")
stop
;;
"stop_master")
stop_master
;;
"stop_data")
stop_data
;;
"restart")
restart
;;
"restart_master")
restart_master
;;
"restart_data")
restart_data
;;
"status")
status_elasticsearch
;;
"get_config")
get_config
;;
"set_dynamic_config")
set_dynamic_config
;;
"set_static_config")
set_static_config
;;
"delete_static_config")
delete_static_config
;;
"generate_cert_file")
generate_cert_file
;;
*)
;;
esac
2.1 afp-kibana.sh
#!/bin/bash
# ======================================================================
# Script Name: afp-kibana.sh
# Description: Kibana 服务管理脚本
# Author: 北银金融科技有限责任公司/人工智能部/杨云鹤
# Create Date: 2025-11-13
# ======================================================================
KIBANA_NODES="SY-AFP-ES06"
KIBANA_HOME=/opt/app/middles/kibana-7.12.1-linux-x86_64
KIBANA_HTTP_PORT=5601
KIBANA_CONFIG_KEY=""
KIBANA_CONFIG_VALUE=""
KIBANA_YML_CONFIG_FILE="$KIBANA_HOME/config/kibana.yml"
KIBANA_LOG_DIR="/opt/log/kibana"
KIBANA_LOG_FILE="$KIBANA_LOG_DIR/kibana.log"
dest_java_home=/opt/app/middles/jdk1.8.0_471
source /etc/profile
operations="start stop restart status delete_config set_config"
if [[ -z "$1" || ! $operations =~ $1 ]]; then
echo "
Usage: afp-kibana.sh operations
The following operations are supported:
$operations
Your arg is: $1
"
exit -1
fi
if [[ "$1" == "delete_config" ]]; then
if [[ $# -ne 2 ]]; then
echo "
Usage: afp-kibana.sh delete_config config_key
Examples: afp-kibana.sh delete_config i18n.locale
"
exit -1
else
KIBANA_CONFIG_KEY=$2
fi
fi
if [[ "$1" == "set_config" ]]; then
if [[ $# -ne 3 ]]; then
echo "
Usage: afp-kibana.sh set_config config_key config_value
Examples: afp-kibana.sh set_config i18n.locale zh-CN
"
exit -1
else
KIBANA_CONFIG_KEY=$2
KIBANA_CONFIG_VALUE=$3
fi
fi
line="-----------------------------------------------------------------------------"
function stop_kibana() {
echo
for node in $KIBANA_NODES; do
echo "Stop kibana in $node"
echo $line
ssh $node "
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;32mThe kibana service has not been started and does not need to stopped\033[0m\"
else
echo -e \"\033[1;32mStop kibana service...\033[0m\"
kill -SIGTERM \$pid
# 检测60次,每次间隔5s,即:如果5分钟还无法停止服务,则宣告服务停止失败
for i in {1..60}; do
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
break
else
echo -e \"\033[1;32mStop kibana service...\033[0m\"
fi
done
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;31mThe kibana service stop failure!\033[0m\"
else
echo -e \"\033[1;32mThe kibana service has been successfully stopped\033[0m\"
fi
fi
"
echo
done
}
function restart_kibana() {
echo
for node in $KIBANA_NODES; do
echo "Restart kibana in $node"
echo $line
ssh $node "
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;32mThe kibana service has not been started and does not need to stopped\033[0m\"
else
echo -e \"\033[1;32mStop kibana service...\033[0m\"
kill -SIGTERM \$pid
# 检测60次,每次间隔5s,即:如果5分钟还无法停止服务,则宣告服务停止失败
for i in {1..60}; do
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
break
else
echo -e \"\033[1;32mStop kibana service...\033[0m\"
fi
done
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;31mThe kibana service stop failure!\033[0m\"
else
echo -e \"\033[1;32mThe kibana service has been successfully stopped\033[0m\"
fi
fi
echo -e \"\033[1;32mStart kibana service...\033[0m\"
mkdir -p $KIBANA_LOG_DIR
nohup $KIBANA_HOME/bin/kibana > $KIBANA_LOG_FILE 2>&1 &
# 检测60次,每次间隔5s,即:如果5分钟还无法启动服务,则宣告服务启动失败
for i in {1..60}; do
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
break
else
echo -e \"\033[1;32mStart kibana service...\033[0m\"
fi
done
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;31mThe kibana service start failure!\033[0m\"
else
echo -e \"\033[1;32mThe kibana service has been successfully started\033[0m\"
fi
"
echo
done
}
function status_kibana() {
echo
for h in $KIBANA_NODES; do
echo "Kibana process status in $h"
echo $line
pid=$(ssh $h "ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null")
if [ "x$pid" == "x" ];
then
echo -e "Kibana process is \033[1;31mNOT RUNNING\033[0m"
else
echo -e "Kibana process is \033[1;32mRUNNING, $pid\033[0m"
fi
echo
done
}
function start_kibana() {
echo
for node in $KIBANA_NODES; do
echo "Start kibana in $node"
echo $line
ssh $node "
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
echo -e \"\033[1;32mThe kibana service was started and does not need to start\033[0m\"
else
echo -e \"\033[1;32mStart kibana service...\033[0m\"
mkdir -p $KIBANA_LOG_DIR
nohup $KIBANA_HOME/bin/kibana > $KIBANA_LOG_FILE 2>&1 &
# 检测60次,每次间隔5s,即:如果5分钟还无法启动服务,则宣告服务启动失败
for i in {1..60}; do
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" != \"x\" ]; then
break
else
echo -e \"\033[1;32mStart kibana service...\033[0m\"
fi
done
sleep 5
pid=\$(ps -ef | grep node/bin/node | grep -v grep | awk '{print \$2}' 2>/dev/null)
if [ \"x\$pid\" == \"x\" ]; then
echo -e \"\033[1;31mThe kibana service start failure!\033[0m\"
else
echo -e \"\033[1;32mThe kibana service has been successfully started\033[0m\"
fi
fi
"
echo
done
}
function set_config() {
echo
for node in $KIBANA_NODES; do
echo "Update $KIBANA_YML_CONFIG_FILE in $node"
echo $line
ssh $node "
old_config=\$(grep \"^[[:space:]]*$KIBANA_CONFIG_KEY:\" $KIBANA_YML_CONFIG_FILE)
if [[ \"x\$old_config\" == \"x\" ]]; then
echo "$KIBANA_CONFIG_KEY: $KIBANA_CONFIG_VALUE" >> $KIBANA_YML_CONFIG_FILE
else
sed -i -e \"s|^$KIBANA_CONFIG_KEY:.*|$KIBANA_CONFIG_KEY: $KIBANA_CONFIG_VALUE|\" $KIBANA_YML_CONFIG_FILE
fi
grep -w \"^[[:space:]]*$KIBANA_CONFIG_KEY\" $KIBANA_YML_CONFIG_FILE
"
echo
done
}
function delete_config() {
echo
for node in $KIBANA_NODES; do
echo "Delete config in $KIBANA_YML_CONFIG_FILE in $node"
echo $line
ssh $node "
sed -i \"/^[[:space:]]*$KIBANA_CONFIG_KEY:/d\" $KIBANA_YML_CONFIG_FILE
grep -w \"^[[:space:]]*$KIBANA_CONFIG_KEY\" $KIBANA_YML_CONFIG_FILE
"
echo
done
}
case $1 in
"start")
start_kibana
;;
"stop")
stop_kibana
;;
"restart")
restart_kibana
;;
"status")
status_kibana
;;
"set_config")
set_config
;;
"delete_config")
delete_config
;;
*)
;;
esac
3. 操作步骤
3.1 上传文件
- 将文件 afp-elasticsearch-prod.sh 上传到 sy-afp-bigdata01 的 /usr/local/bin 目录下
- 将文件 afp-kibana.sh 上传到 sy-afp-bigdata01 的 /usr/local/bin 目录下
使用 root 用户登录 sy-afp-bigdata01 执行命令:
chown afp:afp /usr/local/bin/afp-elasticsearch-prod.sh /usr/local/bin/afp-kibana.sh
chmod 755 /usr/local/bin/afp-elasticsearch-prod.sh /usr/local/bin/afp-kibana.sh
3.2 远程连接配置
作用:配置在 sy-afp-bigdata01 服务器上,使用 afp 用户免密码连接 ES 集群中的任意机器。
使用 root 用户登录 sy-afp-bigdata01,修改 /etc/hosts 文件,追加如下内容:
10.0.0.22 SY-AFP-ES01
10.0.0.23 SY-AFP-ES02
10.0.0.24 SY-AFP-ES03
10.0.0.25 SY-AFP-ES04
10.0.0.26 SY-AFP-ES05
10.0.0.27 SY-AFP-ES06
10.0.0.28 SY-AFP-ES07
10.0.0.29 SY-AFP-ES08
10.0.0.30 SY-AFP-ES09
使用 afp 用户登录 sy-afp-bigdata01 执行命令:
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES01
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES02
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES03
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES04
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES05
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES06
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES07
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES08
ssh-copy-id -i ~/.ssh/id_rsa.pub afp@SY-AFP-ES09
此命令需要输入目标机器的 afp 用户的密码,请在生产环境提前申请密码。
3.3 生成认证文件
使用 afp 用户登录 sy-afp-bigdata01 执行命令:
afp-elasticsearch-prod.sh generate_cert_file
# 输出
cert file in master node SY-AFP-ES01
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-masternode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-masternode/config/elastic-stack-ca.p12
cert file in master node SY-AFP-ES02
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-masternode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-masternode/config/elastic-stack-ca.p12
cert file in master node SY-AFP-ES03
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-masternode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-masternode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES01
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES02
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES03
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES04
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES05
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES06
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES07
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES08
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
cert file in data node SY-AFP-ES09
-----------------------------------------------------------------------------
-rw------- 1 afp afp 3596 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-certificates.p12
-rw------- 1 afp afp 2672 Nov 18 15:48 /opt/app/middles/elasticsearch-7.17.14-datanode/config/elastic-stack-ca.p12
3.4 安全配置
作用:修改 elasticsearch.yml 文件,添加安全配置
使用 afp 用户登录 sy-afp-bigdata01 执行命令:
# 以下配置是设置账号密码必须的配置
afp-elasticsearch-prod.sh set_static_config xpack.security.enabled true
afp-elasticsearch-prod.sh set_static_config xpack.security.transport.ssl.enabled true
afp-elasticsearch-prod.sh set_static_config xpack.security.transport.ssl.verification_mode certificate
afp-elasticsearch-prod.sh set_static_config xpack.security.transport.ssl.client_authentication required
afp-elasticsearch-prod.sh set_static_config xpack.security.transport.ssl.keystore.path elastic-certificates.p12
afp-elasticsearch-prod.sh set_static_config xpack.security.transport.ssl.truststore.path elastic-certificates.p12
# 以下配置与设置账号密码的操作无关
# 而是集群已存在的调优参数,之前是调用 REST API 进行配置的
# 本次写入到配置文件
afp-elasticsearch-prod.sh set_static_config xpack.security.audit.enabled true
afp-elasticsearch-prod.sh set_static_config xpack.security.audit.logfile.events.include '["authentication_success", "access_granted", "access_denied"]'
afp-elasticsearch-prod.sh set_static_config indices.fielddata.cache.size 25%
afp-elasticsearch-prod.sh set_static_config indices.breaker.request.limit 70%
afp-elasticsearch-prod.sh set_static_config indices.breaker.fielddata.limit 30%
afp-elasticsearch-prod.sh set_static_config indices.queries.cache.size 20%
afp-elasticsearch-prod.sh set_static_config indices.requests.cache.size 5%
afp-elasticsearch-prod.sh set_static_config cluster.max_shards_per_node 10000
说明:
afp-elasticsearch-prod.sh set_static_config xpack.security.audit.logfile.events.include '["authentication_success", "access_granted" "access_denied"]'命令的作用是把 xpack.security.audit.logfile.events.include 的值设置为 ["authentication_success", "access_granted" "access_denied"],但是执行第一次的时候,写入的值为 [authentication_success, access_granted, access_denied],不符合 yaml 文件的规范,再执行一次就可以写入带双引号的值,原因未查明,记录一下。
3.5 重启 ES 集群
使用 afp 用户登录 sy-afp-bigdata01 执行命令:
afp-elasticsearch-prod.sh restart
afp-elasticsearch-prod.sh status
# 输出
Elasticsearch master node status in SY-AFP-ES01
-----------------------------------------------------------------------------
Elasticsearch master node process is RUNNING, 6250
Elasticsearch master node status in SY-AFP-ES02
-----------------------------------------------------------------------------
Elasticsearch master node process is RUNNING, 5398
Elasticsearch master node status in SY-AFP-ES03
-----------------------------------------------------------------------------
Elasticsearch master node process is RUNNING, 5013
Elasticsearch data node status in SY-AFP-ES01
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 6508
Elasticsearch data node status in SY-AFP-ES02
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 5678
Elasticsearch data node status in SY-AFP-ES03
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 5285
Elasticsearch data node status in SY-AFP-ES04
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 3016
Elasticsearch data node status in SY-AFP-ES05
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 3071
Elasticsearch data node status in SY-AFP-ES06
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 2036
Elasticsearch data node status in SY-AFP-ES07
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 3177
Elasticsearch data node status in SY-AFP-ES08
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 3162
Elasticsearch data node status in SY-AFP-ES09
-----------------------------------------------------------------------------
Elasticsearch data node process is RUNNING, 3075
3.6 设置集群密码
使用 afp 用户登录 sy-afp-bigdata01 执行命令:
ssh afp@SY-AFP-ES01 "echo y | /opt/app/middles/elasticsearch-7.17.14-datanode/bin/elasticsearch-setup-passwords auto"
# 输出
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
The passwords will be randomly generated and printed to the console.
Changed password for user apm_system
PASSWORD apm_system = fbfMldiJokiCTQpL6TDC
Changed password for user kibana_system
PASSWORD kibana_system = 8WqMrFp4AFl4Z75jALJV
Changed password for user kibana
PASSWORD kibana = 8WqMrFp4AFl4Z75jALJV
Changed password for user logstash_system
PASSWORD logstash_system = KweyEYUBGlXF6UTaq3JU
Changed password for user beats_system
PASSWORD beats_system = hHWUEcTRHlSU8hFQIOMO
Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = LHJevisVFLNknqbjPUqD
Changed password for user elastic
PASSWORD elastic = Y6Gr5JOC6evRvPfgUawW
说明:输出的账号密码非常重要,请保存好!!!
3.7 修改 kibana 的配置并重启 kibana
使用 afp 用户登录 sy-afp-bigdata01 执行命令:
afp-kibana.sh set_config elasticsearch.username kibana_system
# 密码为上一步骤输出的 "PASSWORD kibana_system = 8WqMrFp4AFl4Z75jALJV"
afp-kibana.sh set_config elasticsearch.password 8WqMrFp4AFl4Z75jALJV
afp-kibana.sh restart
afp-kibana.sh status
3.8 修改集群管理脚本
使用 root 用户登录 sy-afp-bigdata01 执行命令:
sed -i -e 's|^ELASTICSEARCH_SECURITY_ENABLED=.*|ELASTICSEARCH_SECURITY_ENABLED=true|' /usr/local/bin/afp-elasticsearch-prod.sh
sed -i -e 's|^ELASTICSEARCH_PASSWORD=.*|ELASTICSEARCH_PASSWORD="Y6Gr5JOC6evRvPfgUawW"|' /usr/local/bin/afp-elasticsearch-prod.sh
# 验证
afp-elasticsearch-prod.sh get_config cluster.max_shards_per_node
"host":"10.0.0.26"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.22"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.30"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.22"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.23"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.27"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.24"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.28"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.25"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.24"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.23"
"cluster.max_shards_per_node":"10000"
"host":"10.0.0.29"
"cluster.max_shards_per_node":"10000"
4. 验证
使用 afp 用户登录 sy-afp-bigdata01 执行命令:
$ curl -u elastic:Y6Gr5JOC6evRvPfgUawW http://sy-afp-es01:9200
{
"name" : "data01",
"cluster_name" : "afp-es",
"cluster_uuid" : "U1H9NZ26RxSm8hvuc7Tqxw",
"version" : {
"number" : "7.17.14",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "774e3bfa4d52e2834e4d9d8d669d77e4e5c1017f",
"build_date" : "2023-10-05T22:17:33.780167078Z",
"build_snapshot" : false,
"lucene_version" : "8.11.1",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
$ curl -u kibana_system:8WqMrFp4AFl4Z75jALJV http://sy-afp-es01:9200
{
"name" : "data01",
"cluster_name" : "afp-es",
"cluster_uuid" : "U1H9NZ26RxSm8hvuc7Tqxw",
"version" : {
"number" : "7.17.14",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "774e3bfa4d52e2834e4d9d8d669d77e4e5c1017f",
"build_date" : "2023-10-05T22:17:33.780167078Z",
"build_snapshot" : false,
"lucene_version" : "8.11.1",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
登录:http://10.0.0.27:5601/kibana
输入账号密码 elastic/Y6Gr5JOC6evRvPfgUawW 登录。
登录成功,则本次运维配置完成!
浙公网安备 33010602011771号