一、物料準備(注意:必須版本一致):
1、安裝包
elasticsearch-7.17.15-linux-x86_64.tar.gz (這個版本的外掛需要線上使用命令安裝:/es/elasticsearch-7.17.15/bin/elasticsearch-plugin install https://get.infini.cloud/elasticsearch/analysis-ik/7.17.15,或者用我的 傳送門)
analysis-ik.7.17.15.tar.gz
kibana-7.17.15-linux-x86_64.tar.gz
2、機器
三臺centos7虛擬機器
192.168.3.110、192.168.3.120 、192.168.3.130
二、安裝步驟
1、root使用者 修改系統配置
// 在檔案末尾新增下面的引數值
# echo "* soft nofile 65536" >> /etc/security/limits.conf && echo "* hard nofile 131072" >> /etc/security/limits.conf
# echo "* soft memlock unlimited" >> /etc/security/limits.conf && echo "* hard memlock unlimited" >> /etc/security/limits.conf
# echo "vm.max_map_count=655360" >> /etc/sysctl.conf
# 更改生效
# sysctl -p
2、使用root使用者在三臺機器上建立目錄授權給普通使用者es(安裝目錄為: /es 使用者組:es,使用者名稱:es)
# groupadd es && mkdir /es && useradd -m -g es -d /es es && chown -R es:es /es
3、使用es使用者配置elasticsearch
3.1、上傳到安裝包到安裝目錄/es 並解壓:
192.168.3.110 上傳包:elasticsearch-7.17.15-linux-x86_64.tar.gz、analysis-ik.7.17.15.tar.gz、kibana-7.17.15-linux-x86_64.tar.gz
192.168.3.120 上傳包:elasticsearch-7.17.15-linux-x86_64.tar.gz、analysis-ik.7.17.15.tar.gz
192.168.3.130 上傳包:elasticsearch-7.17.15-linux-x86_64.tar.gz、analysis-ik.7.17.15.tar.gz
3.2、三臺機器依次複製解壓的ik外掛到elasticsearch外掛目錄:
$ cp -r analysis-ik elasticsearch-7.17.15/plugins/
3.3、三臺機器依次建立data和日誌目錄:
$ mkdir -p /es/elasticsearch-7.17.15/data && mkdir -p /es/elasticsearch-7.17.15/logs
3.4、在192.168.3.110上生成證書檔案並移動到指定配置目錄後分發到另外兩臺機器:
生成證書檔案,在elasticsearch-7.17.15會生成兩個.p12字尾檔案(提示輸入直接回車,不用指定密碼!):
$ /es/elasticsearch-7.17.15/bin/elasticsearch-certutil ca
$ /es/elasticsearch-7.17.15/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
建立證書目錄並移動證書檔案到該目錄下
$ mkdir -p /es/elasticsearch-7.17.15/config/certs && mv /es/elasticsearch-7.17.15/*.p12 /es/elasticsearch-7.17.15/config/certs/
分發證書到另外兩臺機器:
$ scp -r /es/elasticsearch-7.17.15/config/certs/ es@192.168.3.120:/es/elasticsearch-7.17.15/config/
$ scp -r /es/elasticsearch-7.17.15/config/certs/ es@192.168.3.130:/es/elasticsearch-7.17.15/config/
3.5、修改三臺機器elasticsearch的jvm配置:
$ vim /es/elasticsearch-7.17.15/config/jvm.options
修改堆記憶體大小(以實際情況設定,官方說是設定為總記憶體的50%,官方文件:https://www.elastic.co/guide/en/elasticsearch/reference/7.17/advanced-configuration.html):
-Xms2g
-Xmx2g
3.6、修改三臺機器elasticsearch配置檔案elasticsearch.yml:
$ vim /es/elasticsearch-7.17.15/config/elasticsearch.yml
三臺機器的elasticsearch.yml
cluster.name: es-cls node.name: node1 node.master: true node.data: true path.data: /es/elasticsearch-7.17.15/data path.logs: /es/elasticsearch-7.17.15/logs bootstrap.memory_lock: true bootstrap.system_call_filter: false network.host: 192.168.3.110 http.port: 9200 transport.tcp.port: 9300 discovery.seed_hosts: ["192.168.3.110:9300", "192.168.3.120:9300", "192.168.3.130:9300"] cluster.initial_master_nodes: ["node1", "node2" ,"node3"] http.cors.enabled: true http.cors.allow-origin: "*" xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /es/elasticsearch-7.17.15/config/certs/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /es/elasticsearch-7.17.15/config/certs/elastic-certificates.p12
cluster.name: es-cls node.name: node2 node.master: true node.data: true path.data: /es/elasticsearch-7.17.15/data path.logs: /es/elasticsearch-7.17.15/logs bootstrap.memory_lock: true bootstrap.system_call_filter: false network.host: 192.168.3.120 http.port: 9200 transport.tcp.port: 9300 discovery.seed_hosts: ["192.168.3.110:9300", "192.168.3.120:9300", "192.168.3.130:9300"] cluster.initial_master_nodes: ["node1", "node2" ,"node3"] http.cors.enabled: true http.cors.allow-origin: "*" xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /es/elasticsearch-7.17.15/config/certs/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /es/elasticsearch-7.17.15/config/certs/elastic-certificates.p12
cluster.name: es-cls node.name: node3 node.master: true node.data: true path.data: /es/elasticsearch-7.17.15/data path.logs: /es/elasticsearch-7.17.15/logs bootstrap.memory_lock: true bootstrap.system_call_filter: false network.host: 192.168.3.130 http.port: 9200 transport.tcp.port: 9300 discovery.seed_hosts: ["192.168.3.110:9300", "192.168.3.120:9300", "192.168.3.130:9300"] cluster.initial_master_nodes: ["node1", "node2" ,"node3"] http.cors.enabled: true http.cors.allow-origin: "*" xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /es/elasticsearch-7.17.15/config/certs/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /es/elasticsearch-7.17.15/config/certs/elastic-certificates.p12
3.7、啟動三臺機器的服務,進行內建賬號處理及新增自定義賬號:
依次啟動服務:
$ /es/elasticsearch-7.17.15/bin/elasticsearch -d
三臺都啟動完成後,修改內建賬戶密碼 (在任意一臺機器上修改即可):
$ /es/elasticsearch-7.17.15/bin/elasticsearch-setup-passwords interactive
按提示依次輸入各個賬戶密碼.......,建議設定成一樣的,方便維護!我這裡設定為:es123456
使用內建的使用者elastic新增自定義賬號(任意一臺機器上新增即可,使用curl命令呼叫新增,這裡新增的使用者為 testadmin(url後面),角色為超級管理員:superuser,密碼為:es123456):
$ curl -u elastic:es123456 -X POST "192.168.3.110:9200/_security/user/testadmin?pretty" -H 'Content-Type: application/json' -d \ '{"password":"es123456","roles":["superuser"],"full_name":"testadmin","email":"testadmin@mail.com","metadata":{"intelligence":7}}'
3.8、自定義賬號呼叫查詢驗證:
使用剛剛新增的使用者查詢叢集健康狀況:
$ curl -u testadmin:es123456 http://192.168.3.130:9200/_cluster/health
{ "cluster_name": "es-cls", "status": "green", "timed_out": false, "number_of_nodes": 3, "number_of_data_nodes": 3, "active_primary_shards": 19, "active_shards": 38, "relocating_shards": 0, "initializing_shards": 0, "unassigned_shards": 0, "delayed_unassigned_shards": 0, "number_of_pending_tasks": 0, "number_of_in_flight_fetch": 0, "task_max_waiting_in_queue_millis": 0, "active_shards_percent_as_number": 100.0 }
使用剛剛新增的使用者進行中文分詞驗證:
$ curl -u lcrm:es123456 -X POST "http://192.168.3.130:9200/_analyze" -H 'Content-Type: application/json' -d '{"analyzer": "ik_max_word","text":"elasticsearch分詞外掛ik驗證"}'
{ "tokens": [ { "token": "elasticsearch", "start_offset": 0, "end_offset": 13, "type": "ENGLISH", "position": 0 }, { "token": "分詞", "start_offset": 13, "end_offset": 15, "type": "CN_WORD", "position": 1 }, { "token": "外掛", "start_offset": 15, "end_offset": 17, "type": "CN_WORD", "position": 2 }, { "token": "ik", "start_offset": 17, "end_offset": 19, "type": "ENGLISH", "position": 3 }, { "token": "驗證", "start_offset": 19, "end_offset": 21, "type": "CN_WORD", "position": 4 } ] }
檢視所有索引的狀態
curl -u testadmin:es123456 '192.168.3.120:9200/_cat/indices?v'
4、配置kibana
4.1、切換到 192.168.3.110,修改kibana.yml
server.port: 5601 server.host: "192.168.3.110" server.name: "master" elasticsearch.hosts: ["http://192.168.3.110:9200", "http://192.168.3.120:9200", "http://192.168.3.130:9200"] elasticsearch.username: "testadmin" elasticsearch.password: "es123456" pid.file: /es/kibana-7.17.15-linux-x86_64/kibana.pid i18n.locale: "zh-CN"
4.2、啟動 kibana
$ nohup /es/kibana-7.17.15-linux-x86_64/bin/kibana &
訪問驗證,使用新增的自定義testadmin登入:
http://192.168.3.110:5601
檢視所有使用者:
http://192.168.3.110:5601/app/management/security/users