【Linux合集】elasticsearch集群部署

部署elasticsearch
注意: 本次部署的用户为abc用户 --需要注意当前用户是否存在/注册
1、文件操作/系统配置调整

# 解压文件到指定目录 /data/applications
sudo tar xf /data/softwares/elasticsearch-7.13.3-linux-x86_64.tar.gz -C /data/applications/
#做软连接
sudo ln -s /data/applications/elasticsearch-7.13.3/ /data/applications/elasticsearch
​
如果除了这个系统配置没做服务无法重启则说明系统配置需要调整
在sysctl的conf文件下追加下面的信息即可
sudo vi /etc/sysctl.conf
vm.max_map_count=262144
然后生效:sysctl -p
执行: 
sudo sysctl -p

2、服务化内容:

# 服务化编写
sudo vi /usr/lib/systemd/system/elasticsearch.service
[Unit]  
Description=Elasticsearch  
Documentation=http://www.elastic.co  
Wants=network-online.target  
After=network-online.target  
  
[Service]  
Environment="ES_JAVA_HOME=/data/applications/elasticsearch/jdk"
Environment="ES_HOME=/data/applications/elasticsearch"  
Environment="CONF_DIR=/data/applications/elasticsearch/config"  
Environment="DATA_DIR=/data/applications/elasticsearch_data/data"  
Environment="LOG_DIR=/data/applications/elasticsearch_data/logs"  
Environment="PID_DIR=/data/applications/elasticsearch/pids"  
  
User=abc 
Group=abc 
ExecStart=/data/applications/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet  
ExecStop=/bin/kill -s TERM $MAINPID  
Restart=on-failure  
RestartSec=5  
LimitNOFILE=65536  
  
[Install]  
WantedBy=multi-user.target

3、修改目录权限

sudo chown -R abc:abc /data/*

4、服务加载/重启

sudo systemctl daemon-reload 
sudo systemctl start elasticsearch.service 
sudo systemctl status elasticsearch.service

5、做证书/密码认证

cd /data/applications/elasticsearch
./bin/elasticsearch-certutil ca
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

6、其他节点证书分配

mv elastic-* /data/applications/elasticsearch/config/certs/
生成的证书直接传到其他节点机器
(除了证书生成这步骤--第5步之外,其他操作在其他节点都一样操作)

7、编写elasticsearch的yml文件
在其他节点的时候需要先编写elasticsearch.yml文件
sudo mv /data/applications/elasticsearch/config/elasticsearch.yml /data/applications/elasticsearch/config/elasticsearch.yml_bak

sudo vi /data/applications/elasticsearch/config/elasticsearch.yml
#集群名称
cluster.name: cluster-p-es
#节点名称
node.name: cluster-p-es-0004
#数据存储路径
path.data: /data/applications/elasticsearch/data
#日志存储路径
path.logs: /data/applications/elasticsearch/logs
#网络配置,用于指定 ES 节点的 IP 地址和端口号
network.host: 172.202.21.19
http.port: 9200
#启动时不锁定内存
bootstrap.memory_lock: false
#这里指定参与集群的主机节点
discovery.seed_hosts: ["172.202.21.16:9300", "172.202.21.17:9300", "172.202.21.18:9300", "172.202.21.19:9300", "172.202.21.20:9300"]
cluster.initial_master_nodes: ["172.202.21.16", "172.202.21.17", "172.202.21.18", "172.202.21.19", "172.202.21.20"]
#在配置文件末尾添加以下内容,后面es-head连接es群集时需要
http.cors.enabled: true                #添加该行,开启跨域访问支持
http.cors.allow-origin: "*"            #添加该行,跨域访问允许的域名地址
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "X-Requested-With, Content-Type, Content-Length, X-User"
​
​
#字段数据缓存大小,用于指定 ES 的字段数据缓存大小。
indices.fielddata.cache.size: 40%
#是否启用 X-Pack 安全,如果设置为 true,则将启用 X-Pack 安全。
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-stack-ca.p12
xpack.security.transport.ssl.keystore.password: abc123@456
xpack.security.transport.ssl.truststore.password: abc123@456

8、配置密码

集群配置好之后需要配置密码:
./elasticsearch-setup-passwords interactive
abc123@456
./bin/elasticsearch-users useradd elastic -p 'abc123@456'
​

9、验证集群状态

curl -u elastic:abc123@456 -X GET "http://172.202.21.16:9200/_cluster/health?pretty"
{
  "cluster_name" : "cluster-p-es",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 5,
  "number_of_data_nodes" : 5,
  "active_primary_shards" : 0,
  "active_shards" : 0,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

如果未通过的状态:

{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "unable to authenticate user [elastic] for REST request [/_cluster/health?pretty]",
        "header" : {
          "WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
        }
      }
    ],
    "type" : "security_exception",
    "reason" : "unable to authenticate user [elastic] for REST request [/_cluster/health?pretty]",
    "header" : {
      "WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
    }
  },
  "status" : 401
}

本文来自博客园,作者:Unfool,转载请注明原文链接:https://www.cnblogs.com/queryH/p/18589033

本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须在文章页面给出原文连接,否则保留追究法律责任的权利。

posted @ 2024-12-05 17:29  Unfool  阅读(73)  评论(0)    收藏  举报