freebad安装es8
环境:
OS:Freebsd 15
es:8.11
1.查看安装包
root@hxl:/tmp/xbackup # pkg search elasticsearch
elasticsearch7-7.17.29_1 Full-text search engine for Java
elasticsearch8-8.11.3_1 Distributed, RESTful search and analytics engine
2.安装
pkg install elasticsearch8
这里会安装很多的依赖包
配置文件安装目录:
/usr/local/etc/elasticsearch/elasticsearch.yml
默认的数据目录和日志目录:
path.data: /var/db/elasticsearch
path.logs: /var/run/elasticsearch
3.创建数据和日志目录
mkdir -p /home/middle/elasticsearch/data
mkdir -p /home/middle/elasticsearch/logs
4.生成ca文件
/usr/local/bin/elasticsearch-certutil ca
一路回车
/usr/local/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
一路回车
这个时候会在目录下 /usr/local/lib/elasticsearch/ 生成如下2个文件
elastic-certificates.p12 和 elastic-stack-ca.p12
将这两个文件拷贝到es目录下
cd /usr/local/lib/elasticsearch
mv elastic-certificates.p12 /usr/local/etc/elasticsearch/
mv elastic-stack-ca.p12 /usr/local/etc/elasticsearch/
4.修改配置文件
配置文件目录
vim /usr/local/etc/elasticsearch/elasticsearch.yml
path.data: /home/middle/elasticsearch/data
path.logs: /home/middle/elasticsearch/logs
network.host: 192.168.204.218
http.port: 19200
discovery.seed_hosts: ["192.168.1.108"]
##初始化参数,启动后去掉该参数 进行重新启动
cluster.initial_master_nodes: ["192.168.1.108"]
##安全认证
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
##第三方中间件配置参数,看情况需要
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
5.配置jvm
vim /usr/local/etc/elasticsearch/jvm.options
################################################################
## IMPORTANT: JVM heap size
################################################################
##
## The heap size is automatically configured by Elasticsearch
## based on the available memory in your system and the roles
## each node is configured to fulfill. If specifying heap is
## required, it should be done through a file in jvm.options.d,
## which should be named with .options suffix, and the min and
## max should be set to the same value. For example, to set the
## heap to 4 GB, create a new file in the jvm.options.d
## directory containing these lines:
##
## -Xms4g
## -Xmx4g
##
## See https://www.elastic.co/guide/en/elasticsearch/reference/8.11/heap-size.html
## for more information
##
################################################################
-Xms4g
-Xmx4g
6.修改权限
chown -R elasticsearch:elasticsearch /usr/local/etc/elasticsearch
chown -R elasticsearch:elasticsearch /home/middle/elasticsearch
7.启动
设置开机自启
sysrc elasticsearch_enable="YES"
启动
service elasticsearch start
sockstat -4 -l -p 19200
ps aux|grep elasticsearch
8.尝试访问
root@hxl:/usr/local/etc/elasticsearch # curl http://192.168.1.108:19200/?pretty
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : [
"Basic realm=\"security\" charset=\"UTF-8\"",
"ApiKey"
]
}
}
],
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : [
"Basic realm=\"security\" charset=\"UTF-8\"",
"ApiKey"
]
}
},
"status" : 401
}
9.安装安全认证(我这里密码全部设置为 elastic)
root@hxl:/usr/local/etc/elasticsearch # /usr/local/bin/elasticsearch-setup-passwords interactive
******************************************************************************
Note: The 'elasticsearch-setup-passwords' tool has been deprecated. This command will be removed in a future release.
******************************************************************************
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
10.再次验证
curl -u elastic:elastic http://192.168.1.108:19200/?pretty
curl -u elastic:elastic -X GET "192.168.1.108:19200/_cat/indices?v"
11.注释掉如下参数并重启
配置文件目录
vim /usr/local/etc/elasticsearch/elasticsearch.yml
##初始化参数,启动后去掉该参数 进行重新启动
##cluster.initial_master_nodes: ["192.168.1.108"]
root@hxl:/usr/local/etc/elasticsearch #service elasticsearch stop
root@hxl:/usr/local/etc/elasticsearch #service elasticsearch start
浙公网安备 33010602011771号