本文改自 https://www.cnblogs.com/reblue520/p/12219116.html

JDK建議13版本

服務(wù)器服務(wù)系統(tǒng)ES版本

192.168.8.218	node.master/node.data	centos7.3	es7.5
192.168.8.219	node.data	centos7.3	es7.5
192.168.8.220	node.data	centos7.3	es7.5

服務(wù)器基礎(chǔ)優(yōu)化
Linux中，每個進程默認打開的最大文件句柄數(shù)是1000,對于服務(wù)器進程來說，顯然太小，通過修改/etc/security/limits.conf來增大打開最大句柄數(shù)和/etc/security/limits.d/20-nproc.conf 配置

#elk用戶添加 groupadd -g 100 elk useradd -u 100 -g elk elk

參數(shù)修改

echo "fs.file-max = 1000000" >> /etc/sysctl.conf echo "vm.max_map_count=262144" >> /etc/sysctl.conf echo "vm.swappiness = 0" >> /etc/sysctl.conf sysctl -p sed -i 's/* soft nofile 65535/* soft nofile 655350/g' /etc/security/limits.conf sed -i 's/* hard nofile 65535/* hard nofile 655350/g' /etc/security/limits.conf sed -i 's#* soft nproc 4096##' /etc/security/limits.d/20-nproc.conf #修改/etc/security/limits.d/20-nproc.conf * soft memlock unlimited * hard memlock unlimited

JDK建議13版本，文件下載存儲:/home/elk

https://www.oracle.com/technetwork/java/javase/downloads/jdk13-downloads-5672538.html
JDK環(huán)境變量配置,每個節(jié)點都需要提前配置

export JAVA_HOME=/home/elk/jdk-13.0.2 export PATH=$JAVA_HOME/bin:$PATH export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

集群配置
192.168.8.218 master配置

cd /home/elk wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.0-linux-x86_64.tar.gz #解壓 tar -xvf elasticsearch-7.5.0-linux-x86_64.tar.gz

新建日志、存儲、備份目錄

mkdir -p /home/elk/data && mkdir -p /home/elk/logs && mkdir /home/elk/esback chown -Rf elk.elk /home/elk [elk@localhost elasticsearch-7.5.0]$ su -elk [elk@localhost elasticsearch-7.5.0]$ cd /home/elk/elasticsearch-7.5.0/ [elk@localhost elasticsearch-7.5.0]$ cat config/elasticsearch.yml # ======================== Elasticsearch Configuration ========================= cluster.name: fengyu node.name: fengyu218 path.data: /home/elk/data path.logs: /home/elk/logs path.repo: ["/home/elk/esback"] bootstrap.memory_lock: true network.host: 192.168.8.218 http.port: 9200 transport.tcp.port: 9300 node.master: true node.data: true discovery.seed_hosts: ["192.168.8.218:9300", "192.168.8.219:9300", "192.168.8.220:9300"] cluster.initial_master_nodes: ["192.168.8.218"] gateway.recover_after_nodes: 2 transport.tcp.compress: true # 以下配置可以減少當(dāng)es節(jié)點短時間宕機或重啟時shards重新分布帶來的磁盤io讀寫浪費 discovery.zen.fd.ping_timeout: 300s discovery.zen.fd.ping_retries: 8 discovery.zen.fd.ping_interval: 30s discovery.zen.ping_timeout: 180s #啟動 ./bin/elasticsearch #PS:如果用root啟動過一次，需要重新將elk目錄重新賦權(quán)給elk。要不elk無法正常啟動 #能看到端口起來就正常 [2020-04-13T19:46:41,471][INFO ][o.e.x.s.a.s.FileRolesStore] [fengyu218] parsed [0] roles from file [/home/elk/elasticsearch-7.5.0/config/roles.yml] [2020-04-13T19:46:42,379][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [fengyu218] [controller/7071] [Main.cc@110] controller (64 bit): Version 7.5.0 (Build 17d1c724ca38a1) Copyright (c) 2019 Elasticsearch BV [2020-04-13T19:46:42,977][DEBUG][o.e.a.ActionModule ] [fengyu218] Using REST wrapper from plugin org.elasticsearch.xpack.security.Security [2020-04-13T19:46:43,100][INFO ][o.e.d.DiscoveryModule ] [fengyu218] using discovery type [zen] and seed hosts providers [settings] [2020-04-13T19:46:43,995][INFO ][o.e.n.Node ] [fengyu218] initialized [2020-04-13T19:46:43,996][INFO ][o.e.n.Node ] [fengyu218] starting ... [2020-04-13T19:46:44,108][INFO ][o.e.t.TransportService ] [fengyu218] publish_address {192.168.8.218:9300}, bound_addresses {192.168.8.218:9300} [2020-04-13T19:46:44,270][INFO ][o.e.b.BootstrapChecks ] [fengyu218] bound or publishing to a non-loopback address, enforcing bootstrap checks [2020-04-13T19:46:44,273][INFO ][o.e.c.c.Coordinator ] [fengyu218] cluster UUID [upnpaUuXTDmqYoQGzXWGlw] [2020-04-13T19:46:44,584][INFO ][o.e.c.s.MasterService ] [fengyu218] elected-as-master ([1] nodes joined)[{fengyu218}{GKJ2npj9Rc-wQUvCm8W_Ow}{b-sp6dmTR0apAdmpBtjrOg}{192.168.8.218}{192.168.8.218:9300}{dilm}{ml.machine_memory=3975491584, xpack.installed=true, ml.max_open_jobs=20} elect leader, _BECOME_MASTER_TAS _, _FINISH_ELECTION_], term: 2, version: 22, delta: master node changed {previous [], current [{fengyu218}{GKJ2npj9Rc-wQUvCm8W_Ow}{b-sp6dmTR0apAdmpBtjrOg}{192.168.8.218}{192.168.8.218:9300}{dilm}{ml.machine_memory=3975491584, xpack.installed=true, ml.max_open_jobs=20}]}

網(wǎng)頁訪問:http://192.168.8.218:9200/

node 192.168.8.219 配置

cd /home/elk wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.0-linux-x86_64.tar.gz #解壓 tar -xvf elasticsearch-7.5.0-linux-x86_64.tar.gz

新建日志、存儲、備份目錄

mkdir -p /home/elk/data && mkdir -p /home/elk/logs && mkdir /home/elk/esback chown -Rf elk.elk /home/elk

#更改elasticsearch.yml

[elk@localhost elasticsearch-7.5.0]$ cd /home/elk/elasticsearch-7.5.0 [elk@localhost elasticsearch-7.5.0]$ cat config/elasticsearch.yml cluster.name: fengyu node.name: fengyu219 path.data: /home/elk/data path.logs: /home/elk/logs path.repo: ["/home/elk/esback"] bootstrap.memory_lock: true network.host: 192.168.8.219 http.port: 9200 transport.tcp.port: 9300 node.master: false node.data: true discovery.seed_hosts: ["192.168.8.218:9300", "192.168.8.219:9300", "192.168.8.220:9300"] cluster.initial_master_nodes: ["192.168.8.218"] gateway.recover_after_nodes: 2 transport.tcp.compress: true # 以下配置可以減少當(dāng)es節(jié)點短時間宕機或重啟時shards重新分布帶來的磁盤io讀寫浪費 discovery.zen.fd.ping_timeout: 300s discovery.zen.fd.ping_retries: 8 discovery.zen.fd.ping_interval: 30s discovery.zen.ping_timeout: 180s

啟動

[root@localhost ~]# su - elk Last login: Mon Apr 13 19:48:11 CST 2020 on pts/1 [elk@localhost ~]$ cd elasticsearch-7.5.0/ [elk@localhost elasticsearch-7.5.0]$ ./bin/elasticsearch [2020-04-13T19:51:24,689][INFO ][o.e.t.TransportService ] [fengyu219] publish_address {192.168.8.219:9300}, bound_addresses {192.168.8.219:9300} [2020-04-13T19:51:24,853][INFO ][o.e.b.BootstrapChecks ] [fengyu219] bound or publishing to a non-loopback address, enforcing bootstrap checks [2020-04-13T19:51:24,856][INFO ][o.e.c.c.Coordinator ] [fengyu219] cluster UUID [upnpaUuXTDmqYoQGzXWGlw] [2020-04-13T19:51:26,065][INFO ][o.e.c.s.ClusterApplierService] [fengyu219] master node changed {previous [], current [{fengyu218}{GKJ2npj9Rc-wQUvCm8W_Ow}{b-sp6dmTR0apAdmpBtjrOg}{192.168.8.218}{192.168.8.218:9300}{dilm}{ml.machine_memory=3975491584, ml.max_open_jobs=20, xpack.installed=true}]}, added {{fengyu218}{ KJ2npj9Rc-wQUvCm8W_Ow}{b-sp6dmTR0apAdmpBtjrOg}{192.168.8.218}{192.168.8.218:9300}{dilm}{ml.machine_memory=3975491584, ml.max_open_jobs=20, xpack.installed=true}}, term: 2, version: 23, reason: ApplyCommitRequest{term=2, version=23, sourceNode={fengyu218}{GKJ2npj9Rc-wQUvCm8W_Ow}{b-sp6dmTR0apAdmpBtjrOg}{192.168.8.21}{192.168.8.218:9300}{dilm}{ml.machine_memory=3975491584, ml.max_open_jobs=20, xpack.installed=true}}[2020-04-13T19:51:26,123][INFO ][o.e.h.AbstractHttpServerTransport] [fengyu219] publish_address {192.168.8.219:9200}, bound_addresses {192.168.8.219:9200} [2020-04-13T19:51:26,124][INFO ][o.e.n.Node ] [fengyu219] started [2020-04-13T19:51:26,370][INFO ][o.e.l.LicenseService ] [fengyu219] license [7e965786-92b3-47c3-b8fc-b349c1c48d53] mode [basic] - valid [2020-04-13T19:51:26,371][INFO ][o.e.x.s.s.SecurityStatusChangeListener] [fengyu219] Active license is now [BASIC]; Security is enabled

驗證:

#同樣的方式啟動192.168.8.220，elasticsearch.yml配置

[elk@localhost elasticsearch-7.5.0]$ cat config/elasticsearch.yml cluster.name: fengyu node.name: fengyu220 path.data: /home/elk/data path.logs: /home/elk/logs path.repo: ["/home/elk/esback"] bootstrap.memory_lock: true network.host: 192.168.8.220 http.port: 9200 transport.tcp.port: 9300 node.master: false node.data: true discovery.seed_hosts: ["192.168.8.218:9300", "192.168.8.219:9300", "192.168.8.220:9300"] cluster.initial_master_nodes: ["192.168.8.218"] gateway.recover_after_nodes: 2 transport.tcp.compress: true # 以下配置可以減少當(dāng)es節(jié)點短時間宕機或重啟時shards重新分布帶來的磁盤io讀寫浪費 discovery.zen.fd.ping_timeout: 300s discovery.zen.fd.ping_retries: 8 discovery.zen.fd.ping_interval: 30s discovery.zen.ping_timeout: 180s

啟動后驗證

集群狀態(tài)驗證，當(dāng)status 為green時候，集群狀態(tài)正常

[elk@localhost elasticsearch-7.5.0]$ curl -u elastic:jumeng123! http://192.168.8.218:9200/_cluster/health?pretty {"cluster_name" : "fengyu","status" : "green","timed_out" : false,"number_of_nodes" : 3,"number_of_data_nodes" : 3,"active_primary_shards" : 1,"active_shards" : 2,"relocating_shards" : 0,"initializing_shards" : 0,"unassigned_shards" : 0,"delayed_unassigned_shards" : 0,"number_of_pending_tasks" : 0,"number_of_in_flight_fetch" : 0,"task_max_waiting_in_queue_millis" : 0,"active_shards_percent_as_number" : 100.0 }

增加密碼校驗
在各個節(jié)點的elasticsearch.yml 最后增加

# 密碼部分的配置最好等集群配置沒有問題后再進行 xpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /home/elk/elasticsearch-7.5.0/config/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /home/elk/elasticsearch-7.5.0/config/elastic-certificates.p12

添加完以后不重啟，制作證書

#必須用elk用戶制作證書 [elk@localhost elasticsearch-7.5.0]$ ./bin/elasticsearch-certutil ca Please enter the desired output file [elastic-stack-ca.p12]: #回車 Enter password for elastic-stack-ca.p12 : #回車 [elk@localhost elasticsearch-7.5.0]$ bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 #直接回車就好 [elk@localhost elasticsearch-7.5.0]$ cp elastic-certificates.p12 config/ #重啟elasticsearch [elk@localhost elasticsearch-7.5.0]$ pkill -9 -f elk [elk@localhost elasticsearch-7.5.0]$ ./bin/elasticsearch #如果此時無法啟動，是證書制作有問題 #將證書一次傳到其他的節(jié)點 [elk@localhost elasticsearch-7.5.0]$ for i in 192.168.8.219 192.168.8.220; do scp /home/elk/elasticsearch-7.5.0/config/elastic-certificates.p12 $i:/home/elk/elasticsearch-7.5.0/config; done #依次重啟其他節(jié)點 #獲取集裝狀態(tài) [elk@localhost elasticsearch-7.5.0]$ curl -u elastic:jumeng123! http://192.168.8.218:9200/_cluster/health?pretty {"cluster_name" : "fengyu","status" : "green","timed_out" : false,"number_of_nodes" : 3,"number_of_data_nodes" : 3,"active_primary_shards" : 1,"active_shards" : 2,"relocating_shards" : 0,"initializing_shards" : 0,"unassigned_shards" : 0,"delayed_unassigned_shards" : 0,"number_of_pending_tasks" : 0,"number_of_in_flight_fetch" : 0,"task_max_waiting_in_queue_millis" : 0,"active_shards_percent_as_number" : 100.0 } #密碼初始化 輸入你的密碼 [elk@localhost elasticsearch-7.5.0]$ bin/elasticsearch-setup-passwords interactive Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: Reenter password for [elastic]: Enter password for [apm_system]: Reenter password for [apm_system]: Enter password for [kibana]: Reenter password for [kibana]: Enter password for [logstash_system]: Reenter password for [logstash_system]: Enter password for [beats_system]: Reenter password for [beats_system]: Enter password for [remote_monitoring_user]: Reenter password for [remote_monitoring_user]: Changed password for user [apm_system] Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [remote_monitoring_user] Changed password for user [elastic]

配置后，后續(xù)訪問elastaicsearch需要輸入密碼

總結(jié)

以上是生活随笔為你收集整理的elasticsearch7.5.0 集群部署的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。