Elasticsearch单节点部署脚本

es_install.sh

#!/bin/bash
# Author: goujinyang
# Elasticsearch单节点部署

# 变量设置
#IP_ADDR=$(ifconfig eth0 | awk -F"[: ]+" 'NR == 2 {print $4}')
IP_ADDR=$(ip addr show eth0 | grep 'inet\b' | awk '{print $2}' | cut -d/ -f1)
ES_VERSION=elasticsearch-7.9.1
ES_HOME="/data/elasticsearch"
ES_DATA="$ES_HOME/data"
ES_LOGS="$ES_HOME/logs"


# 安装Elasticsearch
tar xvf $ES_VERSION-linux-x86_64.tar.gz
mv $ES_VERSION $ES_HOME

# 创建用户和组
groupadd elasticsearch
useradd elasticsearch -g elasticsearch -d $ES_HOME

# 设置文件和目录权限
mkdir -p $ES_DATA $ES_LOGS
chown -R elasticsearch:elasticsearch $ES_HOME

# 配置系统参数
echo -e "* hard nofile 65536\n* soft nofile 65536\n* hard memlock unlimited\n* soft memlock unlimited" >> /etc/security/limits.conf
echo "vm.max_map_count=262144" >> /etc/sysctl.conf
sysctl -p

# 配置Elasticsearch
cat <<EOF >> $ES_HOME/config/elasticsearch.yml
cluster.name: my-application
node.name: node-1
node.attr.rack: r1
path.data: $ES_DATA
path.logs: $ES_LOGS
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
transport.port: 9300
discovery.seed_hosts: ["$IP_ADDR:9300"]
cluster.initial_master_nodes: ["node-1"]
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: $ES_HOME/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: $ES_HOME/config/elastic-certificates.p12
EOF

# 以elasticsearch用户身份执行命令
su - elasticsearch <<EOF
set -e
# 生成证书
echo -e "\n\n" | ./bin/elasticsearch-certutil ca && \
echo -e "\n\n\n" | ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 && \
  
# 复制证书到配置目录
cp elastic-certificates.p12 $ES_HOME/config/elastic-certificates.p12 && \
  
# 停止Elasticsearch(如果已运行)
#pkill -f "$ES_HOME/bin/elasticsearch" && \
  
# 以守护进程方式启动Elasticsearch
./bin/elasticsearch -d && \
# 等待 Elasticsearch 启动,这里使用更健壮的检查方式(示例为curl,需要确保Elasticsearch已监听HTTP)  
while ! curl -s --output /dev/null http://$IP_ADDR:9200; do  
  echo "Waiting for Elasticsearch to start..."  
  sleep 5  
done 
# 非交互式设置密码
echo -e "y\n" |./bin/elasticsearch-setup-passwords auto > /tmp/elasticsearch_passwords.txt
sleep 15
EOF

# 检查密码文件是否已生成且包含内容  
if [ -s /tmp/elasticsearch_passwords.txt ]; then  
  # 读取生成的密码  
  elastic_password=$(grep "elastic" /tmp/elasticsearch_passwords.txt | awk '/^PASS/ {print $4}')  
    
  # 输出密码(注意:实际使用中应避免在生产环境中直接输出密码)  
  echo "Elasticsearch password for 'elastic' user: ${elastic_password}"  
else  
  echo "Password file was not generated or is empty."  
  exit 1  
fi

 

posted @ 2024-07-17 15:07  太阳的阳ฅ  阅读(12)  评论(0)    收藏  举报