freebad安装es8

环境:
OS:Freebsd 15
es:8.11

 

1.查看安装包

root@hxl:/tmp/xbackup # pkg search elasticsearch
elasticsearch7-7.17.29_1       Full-text search engine for Java
elasticsearch8-8.11.3_1        Distributed, RESTful search and analytics engine

 

2.安装
pkg install elasticsearch8
这里会安装很多的依赖包

配置文件安装目录:
/usr/local/etc/elasticsearch/elasticsearch.yml
默认的数据目录和日志目录:
path.data: /var/db/elasticsearch
path.logs: /var/run/elasticsearch

 

3.创建数据和日志目录
mkdir -p /home/middle/elasticsearch/data
mkdir -p /home/middle/elasticsearch/logs


4.生成ca文件
/usr/local/bin/elasticsearch-certutil ca
一路回车

/usr/local/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
一路回车

这个时候会在目录下 /usr/local/lib/elasticsearch/ 生成如下2个文件
elastic-certificates.p12 和 elastic-stack-ca.p12

将这两个文件拷贝到es目录下
cd /usr/local/lib/elasticsearch
mv elastic-certificates.p12 /usr/local/etc/elasticsearch/
mv elastic-stack-ca.p12 /usr/local/etc/elasticsearch/

 

4.修改配置文件
配置文件目录

vim /usr/local/etc/elasticsearch/elasticsearch.yml

path.data: /home/middle/elasticsearch/data
path.logs: /home/middle/elasticsearch/logs
network.host: 192.168.204.218
http.port: 19200
discovery.seed_hosts: ["192.168.1.108"]
##初始化参数,启动后去掉该参数 进行重新启动
cluster.initial_master_nodes: ["192.168.1.108"]

##安全认证
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

##第三方中间件配置参数,看情况需要
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type

 

5.配置jvm
vim /usr/local/etc/elasticsearch/jvm.options

################################################################
## IMPORTANT: JVM heap size
################################################################
##
## The heap size is automatically configured by Elasticsearch
## based on the available memory in your system and the roles
## each node is configured to fulfill. If specifying heap is
## required, it should be done through a file in jvm.options.d,
## which should be named with .options suffix, and the min and
## max should be set to the same value. For example, to set the
## heap to 4 GB, create a new file in the jvm.options.d
## directory containing these lines:
##
## -Xms4g
## -Xmx4g
##
## See https://www.elastic.co/guide/en/elasticsearch/reference/8.11/heap-size.html
## for more information
##
################################################################
-Xms4g
-Xmx4g

 

6.修改权限
chown -R elasticsearch:elasticsearch /usr/local/etc/elasticsearch
chown -R elasticsearch:elasticsearch /home/middle/elasticsearch

7.启动
设置开机自启
sysrc elasticsearch_enable="YES"

启动
service elasticsearch start


sockstat -4 -l -p 19200
ps aux|grep elasticsearch

 

8.尝试访问

root@hxl:/usr/local/etc/elasticsearch # curl http://192.168.1.108:19200/?pretty
{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "missing authentication credentials for REST request [/?pretty]",
        "header" : {
          "WWW-Authenticate" : [
            "Basic realm=\"security\" charset=\"UTF-8\"",
            "ApiKey"
          ]
        }
      }
    ],
    "type" : "security_exception",
    "reason" : "missing authentication credentials for REST request [/?pretty]",
    "header" : {
      "WWW-Authenticate" : [
        "Basic realm=\"security\" charset=\"UTF-8\"",
        "ApiKey"
      ]
    }
  },
  "status" : 401
}

 

9.安装安全认证(我这里密码全部设置为 elastic)

root@hxl:/usr/local/etc/elasticsearch # /usr/local/bin/elasticsearch-setup-passwords interactive
******************************************************************************
Note: The 'elasticsearch-setup-passwords' tool has been deprecated. This       command will be removed in a future release.
******************************************************************************

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y

 

10.再次验证
curl -u elastic:elastic http://192.168.1.108:19200/?pretty
curl -u elastic:elastic -X GET "192.168.1.108:19200/_cat/indices?v"


11.注释掉如下参数并重启
配置文件目录
vim /usr/local/etc/elasticsearch/elasticsearch.yml
##初始化参数,启动后去掉该参数 进行重新启动
##cluster.initial_master_nodes: ["192.168.1.108"]

root@hxl:/usr/local/etc/elasticsearch #service elasticsearch stop
root@hxl:/usr/local/etc/elasticsearch #service elasticsearch start

 

posted @ 2026-06-22 15:54  slnngk  阅读(6)  评论(0)    收藏  举报