Linux 安装部署 Elasticsearch 8.12.2

(1) root用户下进行操作,或者用sudo命令操作

  • 下载安装包,解压
    tar -xzf elasticsearch-8.12.2-linux-x86_64.tar.gz
    cd elasticsearch-8.12.2/
  • 新建用户:ES为了安全考虑,不允许在root用户下启动ES程序,因此需要新建一个名为elastic的用户(可以起别的名字)

    groupadd elastic
    useradd -g elastic elastic
    # 密码设置为elastic
    passwd elastic

    -为新用户赋予文件夹权限

    chown -R elastic:elastic elasticsearch-8.12.2
    chmod -R 777 elasticsearch-8.12.2

    -新用户添加至 sudoerslist,也可以不添加

    sudo cd elasticsearch-8.12.2
    visudo
    添加 elastic ALL=(ALL) ALL

    -配置JVM内存大小

    进入config/jvm.options.d 目录,新建 jvm.options 文件, 添加以下内容

    -Xms1g
    -Xmx1g
  • 安装IK分词器(如果有中文搜索分词需求)
    上传ik压缩包到 elasticsearch 目录,解压到 /plugins/ik 文件夹中

    cd /elasticsearch-8.12.2/plugins/
    mkdir ik
    cd ik
    cp /tmp/elasticsearch-analysis-ik-8.12.2.zip .
    unzip elasticsearch-analysis-ik-8.12.2.zip
  • 更改优化服务器配置
    修改 /etc/security/limits.conf 配置文件,添加以下内容并保存。

    *       soft    nofile  65536
    *       hard    nofile  131072
    *       soft    nproc   2048
    *       hard    nproc   4096

    修改 /etc/sysctl.conf 配置文件,添加以下内容并保存,

    vm.max_map_count=655360

    用 sysctl -p命令使修改生效。

    sysctl -p

    调整文件打开数限制

    ulimit -HSn 65535

    -配置安全证书
    执行以下命令(提示输入文件名时回车跳过,会使用默认文件名,提示输入密码时输入elastic或者其他字符串作为密码)

    # 签发ca证书
    cd /elasticsearch-8.12.2/bin
    ./elasticsearch-certutil ca
    
    # 用ca证书签发节点证书
    cd /elasticsearch-8.12.2/bin
    ./elasticsearch-certutil cert --ca elastic-stack-ca.p12  
    
    # 证书默认在elasticsearch-8.12.2目录生成,将证书放到certs目录(config目录下手动创建certs目录)
    cd /elasticsearch-8.12.2
    mv elastic-certificates.p12  elastic-stack-ca.p12 config/certs 
  • 修改配置文件
    进入config 目录,编辑 elasticsearch.yml 文件, 修改或添加以下内容

    # ---------------------------------- Cluster -----------------------------------
    #
    # Use a descriptive name for your cluster:
    # 集群名称
    cluster.name: ES
    #
    # ------------------------------------ Node ------------------------------------
    #
    # Use a descriptive name for the node:
    #
    # 具体节点的名称
    node.name: node1
    #
    # Add custom attributes to the node:
    #
    #node.attr.rack: r1
    #
    # ---------------------------------- Network -----------------------------------
    #
    # By default Elasticsearch is only accessible on localhost. Set a different
    # address here to expose this node on the network:
    #
    # 节点IP地址(主机的IP地址)
    network.host: 0.0.0.0
    #
    # By default Elasticsearch listens for HTTP traffic on the first free port it
    # finds starting at 9200. Set a specific HTTP port here:
    #
    http.port: 9200
    #
    # 配置跨域
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
    # For more information, consult the network module documentation.
    #
    # --------------------------------- Discovery ----------------------------------
    #
    # Pass an initial list of hosts to perform discovery when this node is started:
    # The default list of hosts is ["127.0.0.1", "[::1]"]
    #
    #
    # Bootstrap the cluster using an initial set of master-eligible nodes:
    #
    #
    # For more information, consult the discovery and cluster formation module documentation.
    #
    #----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
    #
    # The following settings, TLS certificates, and keys have been automatically      
    # generated to configure Elasticsearch security features on 12-12-2023 00:39:26
    #
    # --------------------------------------------------------------------------------
    
    # Enable security features
    xpack.security.enabled: true
    
    xpack.security.enrollment.enabled: true
    
    # Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
    # 初始化密码之前需要设置为false,不然会报证书错误
    xpack.security.http.ssl:
    enabled: true
    keystore.path: certs/elastic-stack-ca.p12
    
    # Enable encryption and mutual authentication between cluster nodes
    xpack.security.transport.ssl:
    enabled: true
    verification_mode: certificate
    keystore.path: certs/elastic-certificates.p12
    truststore.path: certs/elastic-certificates.p12
    # Create a new cluster with the current node only
    # Additional nodes can still join the cluster later
    # 启动的时候使用一个master节点
    cluster.initial_master_nodes: ["node1"]
    
    #----------------------- END SECURITY AUTO CONFIGURATION -------------------------
    
    # Allow other nodes to join the cluster from anywhere
    # Connections are encrypted and mutually authenticated
    transport.host: 0.0.0.0
    
    ingest.geoip.downloader.enabled: false 

    -再次分配文件夹权限(保证新用户权限覆盖文件夹中所有新生成的文件)

    chown -R elastic:elastic elasticsearch-8.12.2
    chmod -R 777 elasticsearch-8.12.2

    (2) 新用户下进行

    执行以下命令,提示输入密码时输入elastic,即生成安全证书时设置的密码

    ./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
    ./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
    ./bin/elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password
    ./bin/elasticsearch-keystore add xpack.security.http.ssl.truststore.secure_password

    -启动节点

    # 切换新用户
    su elastic
    cd elasticsearch-8.12.2/bin
    ./elasticsearch

    -启动成功后,节点启动页面会打印如下信息,分别是系统为 elastic 用户生成的密码,CA证书指纹,用于连接 kibana 的 token , 用于给集群添加新节点的 token。建议保存下来,两个 token 有 30min 有效时间,可以不保存,需要时再用下面的命令重新生成

    ✅ Elasticsearch security features have been automatically configured!
    ✅ Authentication is enabled and cluster connections are encrypted.
    
    ℹ️  Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
    *_LNlFhqK5ULjbCyEYee
    
    ℹ️  HTTP CA certificate SHA-256 fingerprint:
    6aea402bdf44d4f64d77b9c01ac87904264c07943a4087af0492e84247f9ab86
    
    ℹ️  Configure Kibana to use this cluster:
    • Run Kibana and click the configuration link in the terminal when Kibana starts.
    • Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
    eyJ2ZXIiOiI4LjUuMCIsImFkciI6WyIxMC40MC4wLjA6OTIwMCJdLCJmZ3IiOiI2YWVhNDAyYmRmNDRkNGY2NGQ3N2I5YzAxYWM4NzkwNDI2NGMwNzk0M2E0MDg3YWYwNDkyZTg0MjQ3ZjlhYjg2Iiwia2V5IjoiOE5RU1hJd0JkcGJWLTFXV3ZKdVY6VkRPYTJIOWdTNjIxdGVWbkFjTFRDQSJ9
    
    ℹ️ Configure other nodes to join this cluster:
    • Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):
    eyJ2ZXIiOiI4LjUuMCIsImFkciI6WyIxMC40MC4wLjA6OTIwMCJdLCJmZ3IiOiI2YWVhNDAyYmRmNDRkNGY2NGQ3N2I5YzAxYWM4NzkwNDI2NGMwNzk0M2E0MDg3YWYwNDkyZTg0MjQ3ZjlhYjg2Iiwia2V5IjoiOHRRU1hJd0JkcGJWLTFXV3ZKdXU6SXJObjMtVUxSanlSek4wdzRPOGtoUSJ9

    生成kibana连接token的命令

    ./bin/elasticsearch-create-enrollment-token -f --scope kibana -E xpack.security.http.ssl.verification_mode=certificate

    生成用于添加新节点的token的命令

    ./bin/elasticsearch-create-enrollment-token -f --scope node -E xpack.security.http.ssl.verification_mode=certificate

    -关闭节点

    # 如果没有以守护进程的方式启动,直接ctrl+c就可以关闭程序
    # 如果以守护进程的方式启动则需要查询进程PID再杀死进程关闭程序
    ps -ef | grep elasticsearch
    kill -9 <进程PID>

    -配置服务

    su root 
    cd /etc/init.d      ###配置服务脚本的目录
    vim elastic     ###写入如下内容
    #!/bin/bash
    ES_HOME=/usr/local/elasticsearch-8.12.2
    EXEC=${ES_HOME}/bin/elasticsearch
    PIDFILE=${ES_HOME}/elastic.pid
    LOG_DIR=${ES_HOME}/logs
    LOG_FILE=${LOG_DIR}/elastic.log
    
    # 创建日志目录
    mkdir -p $LOG_DIR
    
    start_elastic() {
        if [ -f $PIDFILE ]; then
            echo "Elasticsearch is already running with PID $(cat $PIDFILE)."
        else
            echo "Starting Elasticsearch..."
            su - elastic -c "nohup $EXEC >> $LOG_FILE 2>&1 & echo \$! > $PIDFILE"
            echo "Elasticsearch started with PID $(cat $PIDFILE)."
        fi
    }
    
    stop_elastic() {
        if [ -f $PIDFILE ]; then
            PID=$(cat $PIDFILE)
            echo "Stopping Elasticsearch with PID $PID..."
            kill $PID
    
            # 等待Elasticsearch进程结束
            sleep 10
    
            # 检查进程是否仍在运行
            if pgrep -F $PIDFILE > /dev/null; then
                echo "Elasticsearch could not be stopped gracefully, killing forcefully..."
                pkill -F $PIDFILE
            fi
    
            # 删除PID文件
            rm $PIDFILE
            echo "Elasticsearch stopped."
        else
            echo "Elasticsearch is not running."
        fi
    }
    
    case "$1" in
        start)
            start_elastic
            ;;
        stop)
            stop_elastic
            ;;
        restart|force-reload)
            stop_elastic
            sleep 3
            start_elastic
            ;;
        *)
            echo "Usage: $0 {start|stop|restart|force-reload}" >&2
            exit 1
            ;;
    esac
    exit 0

    -启动

     # 启动服务
     service elastic start
     # 停止服务
     service elastic stop
     # 重启服务 
     service elastic restart

进入 https://xxx.xx.xx.xxx:9200/ 查看节点是否启动成功

1. 本站所有资源来源于用户上传和网络,如有侵权请及时联系删除,本站不承担任何法律责任!
2. 分享目的仅供大家学习和研究,您必须在下载后24小时内删除!
3. 不得使用于非法商业用途,不得违反国家法律。否则后果自负!
4. 本站提供的教程、源码等等其他资源,都不包含技术服务请大家谅解!
5. 如有链接无法下载、失效或广告,请联系管理员处理!
6. 本站资源售价只是赞助,收取费用仅维持本站的日常运营所需!
7. 如遇到加密压缩包,默认解压密码为"www.94zyw.com",如遇到无法解压的请联系管理员!
94资源网 » Linux 安装部署 Elasticsearch 8.12.2