Elasticsearch(简称 ES)是一个开源的分布式搜索和分析引擎,由 Elastic 公司开发,基于 Apache Lucene 库构建。它专为处理海量数据而设计,能够实时存储、搜索和分析结构化、非结构化和向量数据,支持全文检索、聚合分析和 AI 驱动的应用。 ES 以其高性能、可扩展性和简单 RESTful API 接口而闻名,常用于日志分析、网站搜索、安全监控和业务智能等领域。
- 环境准备
- 集群配置
环境准备
这次准备三台Linux主机安装es集群, Elasticsearch版本为v8.17.2,注意我们这里采用自签SSL证书。
|
主机名 |
IP地址 |
|
es-a |
192.168.64.50 |
|
es-b |
192.168.64.51 |
|
es-c |
192.168.64.52 |
- 分别登陆三台主机设置对应主机名并且增加文件句柄限制和内核参数
$ hostnamectl set-hostname es-xcat >> /etc/security/limits.conf <<EOF
# 置一个名为 elastic 的用户或用户组的资源限制
elastic hard nofile 65535
elastic soft nofile 65535
elastic nproc 4096
elastic hard memlock unlimited
elastic soft memlock unlimited
EOF
cat >> /etc/sysctl.conf <<EOF
# 允许最小程度的交换和最大内存映射区域数量
vm.swappiness=1
vm.max_map_count=262144
EOF- 三台主机分别添加hosts文件映射
192.168.64.50 es-a
192.168.64.51 es-b
192.168.64.52 es-c- 三台主机分别创建用户和准备配置文件
$ useradd elastic -d /data/elastic
# 设置密码
$ passwd elastic
$ chmod 755 /data/elastic
$ mkdir -p /data/elastic/{data,logs} && chown elastic:elastic /data/elastic -R- 下载 Elasticsearch,解压并且重命名, 移动到/usr/local/目录下
$ tar xf elasticsearch-8.17.2-linux-x86_64.tar.gz && mv elasticsearch-8.17.2 elasticsearch
$ mv elasticsearch /usr/local/集群配置
- 根据文章 自签SSL 将证书ca.crt、server.crt、server.key分别移动到/usr/local/elasticsearch/config/目录下
- 分别修改es配置文件elasticsearch.yml 内容如下,为了节省篇幅每个节点,只需要对应Linux修改node.name值即可,这里不一一列举。
cluster.name: es-cluster
node.name: es-a
path.data: /data/elastic/data
path.logs: /data/elastic/logs
network.host: 0.0.0.0
http.port: 9200
transport.host: 0.0.0.0
transport.port: 9300
# 集群发现(三个节点)
discovery.seed_hosts: ["192.168.64.50", "192.168.64.51", "192.168.64.52"]
cluster.initial_master_nodes: ["es-a", "es-b", "es-c"]
# 启用安全
xpack.security.enabled: true
# 传输层 TLS 启用了双向认证(节点间通信,必选)
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.certificate: /usr/local/elasticsearch/config/server.crt
xpack.security.transport.ssl.key: /usr/local/elasticsearch/config/server.key
xpack.security.transport.ssl.certificate_authorities: ["/usr/local/elasticsearch/config/ca.crt"]
# HTTP 层 TLS(客户端访问,必选)
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.certificate: /usr/local/elasticsearch/config/server.crt
xpack.security.http.ssl.key: /usr/local/elasticsearch/config/server.key
xpack.security.http.ssl.certificate_authorities: ["/usr/local/elasticsearch/config/ca.crt"]- 三个节点分别添加service文件vi /etc/systemd/system/elasticsearch.service内容如下
[Unit]
Description=Elasticsearch
After=network.target
[Service]
User=elastic
Group=elastic
ExecStart=/usr/local/elasticsearch/bin/elasticsearch
Environment="ES_JAVA_OPTS=-Xms2g -Xmx2g"
Restart=always
LimitMEMLOCK=infinity
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
systemctl enable elasticsearch
systemctl start elasticsearch- 启动es集群
$ chown elastic:elastic /usr/local/elasticsearch -R
$ systemctl enable elasticsearch && systemctl start elasticsearch- 登录es-a主机设置es的密码
$ ./elasticsearch-setup-passwords interactive© 版权声明
文章版权归作者所有,未经允许请勿转载。
相关文章
暂无评论...
