本文档是在 CentOS 7.9 系统上部署一个 3 节点的 Elasticsearch 集群,并开启 x-pack 认证,以及安装 ik, pingyin 插件。
在安装 Elasticsearch 时,要注意 JDK 对应的版本,另外 Elasticsearch 7.x 以上已经内置 JDK 环境配置,不需要本地 JDK 环境支持。这里直接使用 Elasticsearch 内置的 jdk
- Elasticsearch 5.x 安装需要 JDK8 及以上
- Elasticsearch 6.5 安装需要 JDK11 及以上
- Elasticsearch 7.2.x 内置了JDK12
系统配置
各节点通信采用主机名的方式,这种方式与 IP 地址相比较更具有扩展性。所有节点配置 hosts,修改 /etc/hosts,如下:
1
2
3
4
5
6
7
8cat > /etc/hosts <<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.1.40.91 node-1
10.1.40.92 node-2
10.1.40.93 node-3
EOF所有节点关闭防火墙,selinux
1
2
3
4
5
6
7# 关闭并禁用 firewalld, dnsmasq, NetworkManager
systemctl disable --now firewalld
# 临时关闭 selinux
setenforce 0
# 永久关闭 selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config所有节点修改
/etc/security/limits.conf
文件,添加以下配置1
2
3
4
5
6
7
8
9
10# 临时设置
ulimit -SHn 65535
# 永久设置
sed -i '/^# End/i\* soft nofile 655350' /etc/security/limits.conf
sed -i '/^# End/i\* hard nofile 131072' /etc/security/limits.conf
sed -i '/^# End/i\* soft nproc 655350' /etc/security/limits.conf
sed -i '/^# End/i\* hard nproc 655350' /etc/security/limits.conf
sed -i '/^# End/i\* soft memlock unlimited' /etc/security/limits.conf
sed -i '/^# End/i\* hard memlock unlimited' /etc/security/limits.conf所有节点修改内核参数
1
2
3
4
5cat >> /etc/sysctl.conf <<EOF
vm.max_map_count=262144
EOF
sysctl -p
安装 Elasticsearch
从官网下载 Elasticsearch 安装包
1
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.7-linux-x86_64.tar.gz
所有节点解压安装 Elasticsearch
1
2tar xf elasticsearch-7.17.7-linux-x86_64.tar.gz
mv elasticsearch-7.17.7 /usr/local/elasticsearch所有节点添加 Elasticsearch 服务启动用户
1
useradd elastic
所有节点修改 elasticsearch 配置文件
/usr/local/elasticsearch/config/elasticsearch.yml
,主要修改的内容如下1
2
3
4
5
6
7
8
9cluster.name: es-maya-cluster
node.name: node-1
path.data: /data/elasticsearch
path.logs: /var/log/elasticsearch
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["10.1.40.91", "10.1.40.92", "10.1.40.93"]
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"]注意: 每个节点的
node.name
名称不同所有节点创建 elasticsearch 服务数据以及日志存放目录
1
2
3
4
5mkdir -p /data/elasticsearch /var/log/elasticsearch
chown -R elastic:elastic \
/data/elasticsearch \
/var/log/elasticsearch \
/usr/local/elasticsearch所有节点修改
/usr/local/elasticsearch/bin/elasticsearch
文件,在文件开头添加以下环境变量配置1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# CONTROLLING STARTUP:
#
# This script relies on a few environment variables to determine startup
# behavior, those variables are:
#
# ES_PATH_CONF -- Path to config directory
# ES_JAVA_OPTS -- External Java Opts on top of the defaults set
#
# Optionally, exact memory values can be set using the `ES_JAVA_OPTS`. Example
# values are "512m", and "10g".
#
# ES_JAVA_OPTS="-Xms8g -Xmx8g" ./bin/elasticsearch
# 添加以下配置
export ES_JAVA_HOME=/usr/local/elasticsearch/jdk
export PATH=$ES_JAVA_HOME/bin:$PATH所有节点配置 systemctl 管理 elasticsearch 服务
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33cat > /usr/lib/systemd/system/elasticsearch.service <<EOF
[Unit]
Description=elasticsearch
After=network.target
[Service]
Type=forking
User=elastic
ExecStart=/usr/local/elasticsearch/bin/elasticsearch -d
PrivateTmp=true
# 指定此进程可以打开的最大文件数
LimitNOFILE=65535
# 指定此进程可以打开的最大进程数
LimitNPROC=65535
# 最大虚拟内存
LimitAS=infinity
# 最大文件大小
LimitFSIZE=infinity
# 超时设置 0-永不超时
TimeoutStopSec=0
# SIGTERM是停止java进程的信号
KillSignal=SIGTERM
# 信号只发送给给JVM
KillMode=process
# java进程不会被杀掉
SendSIGKILL=no
# 正常退出状态
SuccessExitStatus=143
LimitMEMLOCK=infinity
[Install]
WantedBy=multi-user.target
EOF所有节点启动 elasticsearch 服务,并配置开机启动
1
systemctl enable --now elasticsearch
检查集群状态
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18$ curl --user elastic:Elastic -XGET 'http://localhost:9200/_cluster/health/?pretty'
{
"cluster_name" : "es-maya-cluster",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 3,
"number_of_data_nodes" : 3,
"active_primary_shards" : 11,
"active_shards" : 22,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}查询节点信息
1
2
3
4$ curl --user elastic:Elastic -XGET 'http://localhost:9200/_cat/nodes?pretty'
10.1.40.93 17 98 4 0.03 0.03 0.05 cdfhilmrstw * node-3
10.1.40.92 46 97 1 0.01 0.04 0.08 cdfhilmrstw - node-2
10.1.40.91 56 90 6 0.06 0.08 0.11 cdfhilmrstw - node-1
配置 X-Pack 插件
生成证书,这一步只要在 node-1 节点上执行即可
1
bin/elasticsearch-certutil ca -out config/elastic-certificates.p12 -pass "123456"
创建客户端使用的证书(kibana 需要使用该证书)
1
openssl pkcs12 -nodes -passin pass:"123456" -in elastic-certificates.p12 -out elastic-ca.pem
拷贝生成的证书到其他节点
1
2scp config/{elastic-certificates.p12,elasticsearch.keystore} elastic@10.1.40.92:/usr/local/elasticsearch/config/
scp config/{elastic-certificates.p12,elasticsearch.keystore} elastic@10.1.40.93:/usr/local/elasticsearch/config/所有节点修改
elasticsearch.yml
文件,在文件的最下面增加以下配置1
2
3
4
5
6
7
8
9
10xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.keystore.password: "123456"
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.password: "123456"
xpack.security.http.ssl.keystore.password: "123456"
xpack.security.http.ssl.truststore.password: "123456"所有节点重启 Elasticsearch 服务
1
systemctl restart elasticsearch
为 Elasticsearch 内置用户创建密码
1
2
3cd /usr/local/elasticsearch
./bin/elasticsearch-setup-passwords interactive # 手动输入密码
./bin/elasticsearch-setup-passwords auto # 自动创建随机密码
安装 Kibana 服务
随便找一个节点部署 Kibana 服务即可,这里选择 node-1 节点部署 kibana。
下载 kibana 安装包
1
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.17.7-linux-x86_64.tar.gz
解压安装 kibana 服务
1
2
3tar xf kibana-7.17.7-linux-x86_64.tar.gz
mv kibana-7.17.7-linux-x86_64 /usr/local/kibana
chown -R elastic:elastic /usr/local/kibana配置 kibana,编辑
kibana.yml
配置文件,主要修改以下内容1
2
3
4
5
6
7
8
9server.port: 5601
server.host: "0.0.0.0"
server.publicBaseUrl: "http://10.1.40.91:5601"
elasticsearch.hosts: ["http://10.1.40.91:9200","http://10.1.40.92:9200","http://10.1.40.93:9200"]
kibana.index: ".kibana"
elasticsearch.username: "kibana_system"
elasticsearch.password: "123456"
elasticsearch.ssl.certificateAuthorities: [ "/usr/local/kibana/config/elastic-ca.pem" ]
i18n.locale: "zh-CN"配置 systemctl 管理 kibana 服务
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33cat > /usr/lib/systemd/system/kibana.service <<EOF
[Unit]
Description=kibana
After=network.target
[Service]
User=elastic
Group=elastic
ExecStart=/usr/local/kibana/bin/kibana
ExecStop=/usr/bin/kill -15 $MAINPID
ExecReload=/usr/bin/kill -HUP $MAINPID
Type=simple
RemainAfterExit=yes
PrivateTmp=true
# file size
LimitFSIZE=infinity
# cpu time
LimitCPU=infinity
# virtual memory size
LimitAS=infinity
# open files
LimitNOFILE=65535
# processes/threads
LimitNPROC=64000
# locked memory
LimitMEMLOCK=infinity
# total threads (user+kernel)
TasksMax=infinity
TasksAccounting=false
[Install]
WantedBy=multi-user.target
EOF启动 kibana 并配置开机启动
1
systemctl enable --now kibana
打开浏览器,访问
http://10.1.40.91:5601
,输入账号密码(安装 Elasticsearch 服务时设置的账号密码)
安装 ik 和 pingyin 插件
从 Github 下载 Elasticsearch 对应的插件版本
将下载好的 zip 文件解压到 /usr/local/elasticsearch/plugins 目录
1
2
3
4
5
6# 创建插件目录
mkdir /usr/local/elasticsearch/plugins/{ik,pingyin}
# 解压插件到插件目录
unzip ~/elasticsearch-analysis-pinyin-7.17.7.zip -d /usr/local/elasticsearch/plugins/pingyin
unzip ~/elasticsearch-analysis-ik-7.17.7.zip -d /usr/local/elasticsearch/plugins/ik重启 Elasticsearch 服务
1
systemctl restart elasticsearch
检查集群状态
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18$ curl --user elastic:Elastic -XGET 'http://localhost:9200/_cluster/health/?pretty'
{
"cluster_name" : "es-maya-cluster",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 3,
"number_of_data_nodes" : 3,
"active_primary_shards" : 11,
"active_shards" : 22,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}检查插件状态
1
2
3
4
5
6
7$ curl --user elastic:Elastic -XGET 'http://localhost:9200/_cat/plugins?pretty'
node-3 analysis-ik 7.17.7
node-3 analysis-pinyin 7.17.7
node-2 analysis-ik 7.17.7
node-2 analysis-pinyin 7.17.7
node-1 analysis-ik 7.17.7
node-1 analysis-pinyin 7.17.7