Elasticsearch 单机与集群安装部署及可视化工具
一、单机部署
1. 原生部署
A. 下载elasticsearch-7.14.0-linux-x86_64.tar.gz包并解压到指定目录;
B. 编辑conf/elasticsearch.yml文件
# 单节点 discovery.type: single-node # 设置存储数据的路径 path.data: /data/elasticsearch/data # 设置日志文件的路径 path.logs: /data/elasticsearch/logs # 允许外部访问 network.host: 0.0.0.0 # 开启安全特性 xpack.security.enabled: true
C. 开启账号认证时需设置密码:
方式一:将elastic用户的密码写入到elasticsearch-keystore中,bin/elasticsearch-keystore add "bootstrap.password",输入密码即可;若报错ERROR: Elasticsearch keystore not found,添加bin/elasticsearch-keystore create -E path.conf=./config
方式二:将elastic用户与密码写入到.security-X索引中 ,bin/elasticsearch-setup-passwords interactive 按要求输入密码;
D. 创建非root账户:useradd elasticsearch && chown -R elasticsearch:elasticsearch /data/elasticsearch
E. 启动ES:su elasticsearch -c "bin/elasticsearch -d"。
2. Docker方式部署:编写配置文件compose.yml
version: "3"
networks:
rhxy-network:
external: true
services:
elasticsearch:
image: docker.m.daocloud.io/library/elasticsearch:7.14.0
container_name: elasticsearch
hostname: elasticsearch
restart: always
ports:
- 9200:9200
- 9300:9300
networks:
- rhxy-network
volumes:
- "/data/elasticsearch/data:/usr/share/elasticsearch/data"
- "/data/elasticsearch/logs:/usr/share/elasticsearch/logs"
# IK分词器
- "/data/elasticsearch/ik:/usr/share/elasticsearch/plugins/ik"
environment:
TZ: Asia/Shanghai
discovery.type: single-node
# 开启账号密码验证
xpack.security.enabled: "true"
ELASTIC_PASSWORD: "123456"
ES_JAVA_OPTS: "-Xmx512m -Xms512m"
ELASTIC_PASSWORD设置的密码是存储在elasticsearch-keystore中
二、集群部署
1. 原生部署
A. 安装单机版的Elasticsearch搭建三个重复节点,可单台搭建伪集群;
B. 编辑conf/elasticsearch.yml文件
# 设置Elasticsearch集群的名称 cluster.name: rhxy-es-cluster # 设置节点的名称,在集群中必须是唯一的 node.name: es-node-1 # 设置Elasticsearch存储数据的路径 path.data: /data/elasticsearch/data # 设置Elasticsearch日志文件的路径 path.logs: /data/elasticsearch/logs # 设置Elasticsearch节点对外服务的HTTP端口,默认是 9200 http.port: 19201 # 集群通讯端口,默认是9300 transport.tcp.port: 19301 # 设置Elasticsearch监听的网络接口 network.host: 0.0.0.0 # 设置集群中的节点发现主机,注意端口是集群通讯端口而非WEB端口 discovery.seed_hosts: ["11.11.101.119:19301", "11.11.101.119:19302", "11.11.101.119:19303"] # 7.0新引入的配置项,初始仲裁,仅在整个集群首次启动时才需要初始仲裁,该选项配置为node.name的值 cluster.initial_master_nodes: ["es-node-1", "es-node-2", "es-node-3"] # 开启安全特性 xpack.security.enabled: true # 若开启了安全特性,则必须开启传输层安全验证 xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /data/elasticsearch/config/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /data/elasticsearch/config/elastic-certificates.p12
C. 增加/etc/security/limits.conf配置
elasticsearch hard nofile 65536 elasticsearch soft nofile 65536 elasticsearch hard nproc 4096 elasticsearch soft nproc 4096
D. 增加/etc/sysctl.conf配置:vm.max_map_count=262144,用sysctl -p生效;
E. 创建证书:
第一步生产ca证书:在某一个节点执行./bin/elasticsearch-certutil ca 回车后第一个提示是命名文件,第二个提示是输入密码;
第二步签发节点证书:./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 回车后第一个输入第一步的密码,第二个是命名文件,第三个是输入密码;
第三步将节点证书分发:将节点证书elastic-certificates.p12迁移到指定目录,并将该文件复制到其它节点上;
第四步添加密码:./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password和./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password;
第五步修改权限:chown -R elasticsearch:elasticsearch /data/elasticsearch。
F. 集群启动:逐个启动节点即可su elasticsearch -c "bin/elasticsearch -d"
2. Docker方式部署:编写配置文件stack.yml
# ElasticSearch集群
es-master-1:
image: es/elasticsearch:7.7.0
deploy:
mode: global
placement:
constraints:
- node.labels.es-master-1 == true
hostname: es-master-1
networks:
- rws-mp
volumes:
- /etc/localtime:/etc/localtime
- es-master-1-data:/usr/share/elasticsearch/data
- es-master-1-logs:/usr/share/elasticsearch/logs
environment:
ES_JAVA_OPTS: "-Xms256m -Xmx256m -Duser.timezone=Asia/Shanghai"
node.name: es-master-1
node.master: "true"
node.data: "false"
node.ingest: "false"
network.host: 0.0.0.0
cluster.name: rws-uat-es
cluster.initial_master_nodes: es-master-1,es-master-2,es-master-3
discovery.seed_hosts: es-master-2,es-master-3
xpack.security.enabled: "false"
bootstrap.memory_lock: "false"
MAX_LOCKED_MEMORY: unlimited
es-master-2:
image: es/elasticsearch:7.7.0
deploy:
mode: global
placement:
constraints:
- node.labels.es-master-2 == true
hostname: es-master-2
networks:
- rws-mp
volumes:
- /etc/localtime:/etc/localtime
- es-master-2-data:/usr/share/elasticsearch/data
- es-master-2-logs:/usr/share/elasticsearch/logs
environment:
ES_JAVA_OPTS: "-Xms256m -Xmx256m -Duser.timezone=Asia/Shanghai"
node.name: es-master-2
node.master: "true"
node.data: "false"
node.ingest: "false"
network.host: 0.0.0.0
cluster.name: rws-uat-es
cluster.initial_master_nodes: es-master-1,es-master-2,es-master-3
discovery.seed_hosts: es-master-1,es-master-3
xpack.security.enabled: "false"
bootstrap.memory_lock: "false"
MAX_LOCKED_MEMORY: unlimited
es-master-3:
image: es/elasticsearch:7.7.0
deploy:
mode: global
placement:
constraints:
- node.labels.es-master-3 == true
hostname: es-master-3
networks:
- rws-mp
volumes:
- /etc/localtime:/etc/localtime
- es-master-3-data:/usr/share/elasticsearch/data
- es-master-3-logs:/usr/share/elasticsearch/logs
environment:
ES_JAVA_OPTS: "-Xms256m -Xmx256m -Duser.timezone=Asia/Shanghai"
node.name: es-master-3
node.master: "true"
node.data: "false"
node.ingest: "false"
network.host: 0.0.0.0
cluster.name: rws-uat-es
cluster.initial_master_nodes: es-master-1,es-master-2,es-master-3
discovery.seed_hosts: es-master-1,es-master-2
xpack.security.enabled: "false"
bootstrap.memory_lock: "false"
MAX_LOCKED_MEMORY: unlimited
es-data-1:
image: es/elasticsearch:7.7.0
deploy:
mode: global
placement:
constraints:
- node.labels.es-data-1 == true
hostname: es-data-1
networks:
- rws-mp
volumes:
- /etc/localtime:/etc/localtime
- es-data-1-data:/usr/share/elasticsearch/data
- es-data-1-logs:/usr/share/elasticsearch/logs
environment:
ES_JAVA_OPTS: "-Xms1024m -Xmx1024m -Duser.timezone=Asia/Shanghai"
node.name: es-data-1
node.master: "false"
node.data: "true"
node.ingest: "false"
network.host: 0.0.0.0
cluster.name: rws-uat-es
cluster.initial_master_nodes: es-master-1,es-master-2,es-master-3
discovery.seed_hosts: es-data-2,es-data-3,es-master-1,es-master-2,es-master-3
xpack.security.enabled: "false"
bootstrap.memory_lock: "false"
MAX_LOCKED_MEMORY: unlimited
es-data-2:
image: es/elasticsearch:7.7.0
deploy:
mode: global
placement:
constraints:
- node.labels.es-data-2 == true
hostname: es-data-2
networks:
- rws-mp
volumes:
- /etc/localtime:/etc/localtime
- es-data-2-data:/usr/share/elasticsearch/data
- es-data-2-logs:/usr/share/elasticsearch/logs
environment:
ES_JAVA_OPTS: "-Xms1024m -Xmx1024m -Duser.timezone=Asia/Shanghai"
node.name: es-data-2
node.master: "false"
node.data: "true"
node.ingest: "false"
network.host: 0.0.0.0
cluster.name: rws-uat-es
cluster.initial_master_nodes: es-master-1,es-master-2,es-master-3
discovery.seed_hosts: es-data-1,es-data-3,es-master-1,es-master-2,es-master-3
xpack.security.enabled: "false"
bootstrap.memory_lock: "false"
MAX_LOCKED_MEMORY: unlimited
es-data-3:
image: harbor.surfilter.com:8701/rws/elasticsearch:7.7.0
deploy:
mode: global
placement:
constraints:
- node.labels.es-data-3 == true
hostname: es-data-3
networks:
- rws-mp
volumes:
- /etc/localtime:/etc/localtime
- es-data-3-data:/usr/share/elasticsearch/data
- es-data-3-logs:/usr/share/elasticsearch/logs
environment:
ES_JAVA_OPTS: "-Xms1024m -Xmx1024m -Duser.timezone=Asia/Shanghai"
node.name: es-data-3
node.master: "false"
node.data: "true"
node.ingest: "false"
network.host: 0.0.0.0
cluster.name: rws-uat-es
cluster.initial_master_nodes: es-master-1,es-master-2,es-master-3
discovery.seed_hosts: es-data-1,es-data-2,es-master-1,es-master-2,es-master-3
xpack.security.enabled: "false"
bootstrap.memory_lock: "false"
MAX_LOCKED_MEMORY: unlimited
# ES集群监控
cerebro:
image: cerebro/cerebro:latest
deploy:
mode: global
placement:
constraints:
- node.role == manager
hostname: cerebro
command:
- -Dhosts.0.host=http://172.17.0.1:8200
ports:
- "8763:9000"
networks:
- rws-mp
volumes:
- /etc/localtime:/etc/localtime
- cerebro:/opt/cerebro
三、ES数据检索工具
A. 浏览器安装Elasticsearch的head可视化插件;
B. Kibana组件:ES的DSL查询;
C. Dbeaver工具:ES的SQL查询。
四、安装错误
1. docker单机版安装启动报错:Error opening log file ‘logs/gc.log‘: Permission denied
解决方式:提示文件权限问题,赋予权限chmod -R 777 /data/elasticsearch;
2. Dbeaver连接Elasticsearch时报:current license is non-compliant for [jdbc]
解决方式:将ES的license授权改为30天使用版,如:curl -X POST "http://127.0.0.1:9200/_license/start_trial?acknowledge=true&pretty。
3. 原生搭建ES集群时报:ES master not discovered yet
解决方式:elasticsearch.yml配置错误,重点检查discovery.seed_hosts、cluster.initial_master_nodes、transport.tcp.port三个参数,我的就是discovery.seed_hosts中端口配置9200引起的,应该是9300。
浙公网安备 33010602011771号