elasticsearch集群搭建
环境
版本对应关系:地址
系统环境
| 软件 | 版本 |
|---|---|
| JDK | 8 |
| Ubuntu | 20 |
| ES | 7.12.0 |
ES节点环境
| 主机 | IP | 对外服务的http端口 (默认9200) | 节点间交互的tcp端口 (默认9300) |
|---|---|---|---|
| ES1 | 192.168.31.100 | 9202 | 9301 |
| ES2 | 192.168.31.101 | 9202 | 9302 |
| ES3 | 192.168.31.102 | 9202 | 9303 |
三台Linux服务器已经准备完毕
安装
下载
切换至home目录,执行下载安装包命令(all)
bash
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.12.0-linux-x86_64.tar.gz解压
bash
tar -zxvf elasticsearch-7.12.0-linux-x86_64.tar.gz重命名
bash
mv elasticsearch-7.12.0 es创建日志目录
bash
mkdir -p /home/es/logs用户组
创建新用户,不允许root用户操作
bash
useradd es设置密码
bash
passwd es分配用户和用户组
bash
chown -R es:es es/增加内存大小限制
文件末尾追加配置,然后刷新
bash
echo "vm.max_map_count=262144" >> /etc/sysctl.conf && sysctl -p末尾加上这段内容,es为新添加的用户组
bash
echo "es hard nofile 65536" >> /etc/security/limits.conf
echo "es soft nofile 65536" >> /etc/security/limits.confES配置
配置文件
bash
vi config/elasticsearch.ymles-1节点
yaml
#集群名称
cluster.name: openyuan-cluster-es
#节点名称
node.name: es-1
#数据存储路径
path.data: /home/es/data
#日志存储路径
path.logs: /home/es/logs
#绑定的ip地址(“0.0.0.0”说明都可以访问)
network.host: 192.168.31.100
#对外服务的http端口,默认9200
http.port: 9202
#节点间交互的tcp端口,默认是9300
transport.tcp.port: 9301
#节点列表
discovery.zen.ping.unicast.hosts: ["192.168.31.100:9301", "192.168.31.101:9302","192.168.31.102:9303"]
# 初始主节点列表,用于选举主节点
cluster.initial_master_nodes: ["es-1", "es-2", "es-3"]
#至少两个节点在线
discovery.zen.minimum_master_nodes: 2
# 候选主节点,是否可以推举为主节点
node.master: true
#接入es-head插件
http.cors.enabled: true
http.cors.allow-origin: "*"es-2节点
yaml
#集群名称
cluster.name: openyuan-cluster-es
#节点名称
node.name: es-2
#数据存储路径
path.data: /home/es/data
#日志存储路径
path.logs: /home/es/logs
#绑定的ip地址(“0.0.0.0”说明都可以访问)
network.host: 192.168.31.101
#对外服务的http端口,默认9200
http.port: 9202
#节点间交互的tcp端口,默认是9300
transport.tcp.port: 9302
#节点列表
discovery.zen.ping.unicast.hosts: ["192.168.31.100:9301", "192.168.31.101:9302","192.168.31.102:9303"]
# 初始主节点列表,用于选举主节点
cluster.initial_master_nodes: ["es-1", "es-2", "es-3"]
#至少两个节点在线
discovery.zen.minimum_master_nodes: 2
# 候选主节点,是否可以推举为主节点
node.master: true
#接入es-head插件
http.cors.enabled: true
http.cors.allow-origin: "*"es-3节点
yaml
#集群名称
cluster.name: openyuan-cluster-es
#节点名称
node.name: es-3
#数据存储路径
path.data: /home/es/data
#日志存储路径
path.logs: /home/es/logs
#绑定的ip地址(“0.0.0.0”说明都可以访问)
network.host: 192.168.31.102
#对外服务的http端口,默认9200
http.port: 9202
#节点间交互的tcp端口,默认是9300
transport.tcp.port: 9303
#节点列表
discovery.zen.ping.unicast.hosts: ["192.168.31.100:9301", "192.168.31.101:9302","192.168.31.102:9303"]
# 初始主节点列表,用于选举主节点
cluster.initial_master_nodes: ["es-1", "es-2", "es-3"]
#至少两个节点在线
discovery.zen.minimum_master_nodes: 2
# 候选主节点,是否可以推举为主节点
node.master: true
#接入es-head插件
http.cors.enabled: true
http.cors.allow-origin: "*"配置系统命令
通过systemctl操作ES的启动、停止、重启等,无需切换es用户
建立es服务文件
bash
vi /lib/systemd/system/es.serviceps:指定es用户(根据自己情况修改),配置启动命令(根据自己情况修改)
配置文件
shell
[Unit]
Description=elasticsearch
Documentation=https://www.elastic.co
After=network.target
[Service]
Type=simple
PrivateTmp=true
# 指定ES用户
User=es
Group=es
LimitNOFILE=100000
LimitNPROC=100000
Restart=yes
# 启动命令
ExecStart=/home/es/bin/elasticsearch
ExecRestart=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
[Install]
WantedBy=multi-user.target加载服务命令
重新加载systemctl服务,使其生效
shell
sudo systemctl daemon-reload测试服务命令
启动ES
shell
sudo systemctl start es结束ES
shell
sudo systemctl stop es或普通操作
yaml
ps aux | grep elasticsearch | grep -v grep | awk '{print $2}' | xargs kill查看ES状态
shell
sudo systemctl status es
ES命令
查看节点状况
以es-1为例
shell
curl http://192.168.31.100:9202
查看集群状况
- 表示为主节点
shell
curl http://192.168.31.100:9202/_cat/nodes?v
集群一键脚本
📢 注意:我这里以es-1作为主节点,在es-1生成秘钥拷贝至es-2和es-3,在es-1中执行一键脚本命令。 可自行配置
免密登录
清空ssh秘钥信息(全部节点)
shell
rm -r ~/.ssh生成秘钥(全部节点)
一路回车
shell
ssh-keygen -t rsa重命名 && 拷贝秘钥(es-1)
shell
mv /root/.ssh/id_rsa.pub /root/.ssh/id_rsa_es1.pub拷贝到es-2和es-3
shell
scp /root/.ssh/id_rsa_es1.pub root@192.168.31.101:/root/.ssh/
scp /root/.ssh/id_rsa_es1.pub root@192.168.31.102:/root/.ssh/写入秘钥(es-2和es-3)
shell
cat /root/.ssh/id_rsa_es1.pub >> /root/.ssh/authorized_keysssh免密成功
shell
ssh root@192.168.31.252配置shell脚本
一键启动脚本
shell
vi /home/es-start.shshell
#!/bin/bash
systemctl start es
echo "节点: 192.168.31.100 ==> 启动ES...[ done ]"
esServers='192.168.31.101 192.168.31.102'
# 启动所有的ES
for es in $esServers
do
ssh root@$es <<EOF
systemctl start es
EOF
echo "节点: $es ==> 启动ES...[ done ]"
sleep 1
done一键停止脚本
shell
vi /home/es-stop.shshell
#!/bin/bash
systemctl stop es
echo "节点: 192.168.31.100 ==> 停止ES...[ done ]"
esServers='192.168.31.101 192.168.31.102'
# 启动所有的ES
for es in $esServers
do
ssh root@$es <<EOF
systemctl stop es
EOF
echo "节点: $es ==> 停止ES...[ done ]"
sleep 1
done一键重启脚本
shell
vi /home/es-restart.shshell
#!/bin/bash
systemctl restart es
echo "节点: 192.168.31.100 ==> 重启ES...[ done ]"
esServers='192.168.31.101 192.168.31.102'
# 启动所有的ES
for es in $esServers
do
ssh root@$es <<EOF
systemctl restart es
EOF
echo "节点: $es ==> 重启ES...[ done ]"
sleep 1
done脚本权限授权
shell
chmod u+x /home/es-start.sh /home/es-stop.sh /home/es-restart.sh执行一键脚本
shell
sh /home/es-startup.shshell
sh /home/es-stop.shshell
sh /home/es-restart.sh
配置集群安全验证
修改ES配置
📢 注意:是每个节点都要
bash
vi config/elasticsearch.yml末尾加上这段配置
yaml
# 开启安全验证
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
# 证书认证
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12生成证书
📌 在es-1节点操作,这个没要求
输入完命令,直接回车就行,在config目录下就有一个新的 elastic-certificates.p12 文件 📢 注意:需要将证书拷贝到其他节点的es目录的config目录下
shell
/home/es/bin/elasticsearch-certutil \
cert -out \
/home/es/config/elastic-certificates.p12 -pass提示输入密码,直接回车即可
拷贝证书到其他节点
shell
scp /home/es/config/elastic-certificates.p12 root@192.168.31.101:/home/es/config/
scp /home/es/config/elastic-certificates.p12 root@192.168.31.102:/home/es/config/
证书授权(每个节点)
shell
chown -R es:es /home/es/config/elastic-certificates.p12 && \
chmod 644 /home/es/config/elastic-certificates.p12重启ES服务(每个节点)
配置了一键脚本的,可以直接一键stop然后一键start
shell
sudo systemctl restart es设置密码
📢 注意:这里是上面生成证书的那个节点,我这里是es-1
直接选择自动生成,输入y,记得自己保存好,一共七个用户
shell
# 手动设置密码
/home/es/bin/elasticsearch-setup-passwords interactive
# 自动设置密码
/home/es/bin/elasticsearch-setup-passwords auto
shell
Changed password for user apm_system
PASSWORD apm_system = VPnTuWixz5WQJo6zfhk7
Changed password for user kibana_system
PASSWORD kibana_system = jmgNNWkbG8mTo6hTNPCW
Changed password for user kibana
PASSWORD kibana = jmgNNWkbG8mTo6hTNPCW
Changed password for user logstash_system
PASSWORD logstash_system = rX9FTcgBAGB94pM0RWcJ
Changed password for user beats_system
PASSWORD beats_system = unQDJ4h4x4WwOl0Mta4X
Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = A0hgS6Xve1nCcGIolOlf
Changed password for user elastic
PASSWORD elastic = VbAiNAUopcBojx79yrQ7修改密码
shell
curl -H "Content-Type:application/json" -XPOST \
-u elastic 'http://127.0.0.1:9202/_xpack/security/user/elastic/_password' \
-d '{ "password" : "123456" }'验证
查看节点状态
shell
curl http://192.168.31.100:9202未授权401错误
shell
curl http://192.168.31.100:9202 -u elastic:VbAiNAUopcBojx79yrQ7
查看集群状态
shell
curl http://elastic:VbAiNAUopcBojx79yrQ7@192.168.31.100:9202/_cat/nodes?v
浏览器访问
其他说明
启动失败,无法再次启动
删除data数据目录和日志目录
yaml
rm -rf /home/es/data/* && rm -rf /home/es/logs/*IP或ES配置变更后,秘钥问题
重新生成一次密码即可,无需其他操作
shell
# 自动设置密码
/home/es/bin/elasticsearch-setup-passwords auto