centos7.9 部署elasticsearch 7.4.2与kibana

软件包下载地址

  • 1、elasticsearch
https://mirrors.huaweicloud.com/elasticsearch/7.4.2/elasticsearch-7.4.2-linux-x86_64.tar.gz
  • 2、kibana
https://repo.huaweicloud.com/kibana/7.4.2/kibana-7.4.2-linux-x86_64.tar.gz
  • 3、jdk 11
 https://repo.huaweicloud.com/java/jdk/11+28/jdk-11_linux-x64_bin.tar.gz
  • 服务器规划
centos 7.9 软件目录:/opt/module
cat>>/etc/hosts<-EOF
172.18.1.100 es01
172.18.1.101 es02
172.18.1.102 es03
EOF

Elasticsearch 部署

  • 解压
三台机器都执行
mkdir /data/es
mkidr /opt/module/
tar -xf elasticsearch-7.4.2-linux-x86_64.tar.gz -C /opt/module/
ln -s /opt/module/elasticsearch-7.4.2  /opt/module/elasticsearch
sudo groupadd es
sudo useradd -s /sbin/nologin -M -g es es
chown -R  es.es /opt/module/elastic* /data/es

二 配置文件修改

es01
vim /opt/module/elasticsearch/config/elasticsearch.yml
cluster.name: sms-elastic
node.name: es01
path.data: /data/es/data
path.logs: /data/es/logs
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["es01", "es02","es03"]
cluster.initial_master_nodes: ["es01","es02"]

es02
vim /opt/module/elasticsearch/config/elasticsearch.yml
cluster.name: sms-elastic
node.name: es02
path.data: /data/es/data
path.logs: /data/es/logs
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["es01", "es02","es03"]
cluster.initial_master_nodes: ["es01","es02"]

es03
vim /opt/module/elasticsearch/config/elasticsearch.yml
cluster.name: sms-elastic
node.name: es03
path.data: /data/es/data
path.logs: /data/es/logs
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["es01", "es02","es03"]
cluster.initial_master_nodes: ["es01","es02"]
  • 3、启动命令
cat >/opt/module/elasticsearch/bin/start.sh<<EOF
#!/bin/bash
nohup /opt/module/elasticsearch/bin/elasticsearch >/data/es/logs/es.log 2>&1 &
EOF
三台机器分别启动
su - es
sh /opt/module/elasticsearch/bin/start.sh
  • 4、验证
curl http://172.18.1.100:9200
curl http://172.18.1.101:9200
curl http://172.18.1.102:9200

Elastcisearch 集成安全验证X-pack

  • 1、配置elasticsearch x-pack
三个节点都执行:
cat>> /opt/module/elasticsearch/config/elasticsearch.yml<<-EOF
 xpack.security.enabled: true
EOF

es01执行
/opt/module/elasticsearch/bin/elasticsearch-certutil ca -out /opt/module/elasticsearch/config/elastic-certificates.p12 -pass 
把生成的elastic-certificates.p12 分发到es02 es 03的 /opt/module/elasticsearch/config
修改权限
chmod 644 /opt/module/elasticsearch/config
chown -R es. /opt/module/elasticsearch
三个节点都执行:
cat>> /opt/module/elasticsearch/config/elasticsearch.yml<<-EOF
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
EOF
重启elasticsearch
  • 2、设置elasticsearch 集群密码
/opt/module/elasticsearch/bin/elasticsearch-setup-passwords interactive
输入12次es123
完成后elasticsearch 使用就需要密码登陆
用户名:elastic
密码:es123

部署kibana

tar -xf kibana-7.4.2-linux-x86_64.tar.gz -C /opt/module/
ln -s /opt/module/kibana-7.4.2-linux-x86_64 /opt/module/kibana
chown -R es.es /opt/module/kibana*
cat >/opt/module/kibana/bin/start.sh<<-EOF
#!/bin/bash
nohup /opt/module/kibana/bin/kibana -c /opt/module/kibana/config/kibana.yml > /dev/null 2>&1 &
EOF
cat>/opt/module/kibana/config/kibana.yml<<-EOF
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://node102:9200"]
elasticsearch.username: "elastic"
elasticsearch.password: "es123"
i18n.locale: "zh-CN"
xpack.security.enabled: true
EOF
启动
sh /opt/module/kibana/bin/start.sh
登陆:http://IP:5601
用户名:elastic
密码:es123
posted @ 2021-07-12 16:10  dbstack  阅读(153)  评论(0)    收藏  举报