Ubuntu安装Elasticsearch

1、安装

方式一:

#导入密钥
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg

#将存储库定义保存到 /etc/apt/sources.list.d/elastic-7.x.list:
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list

#安装
sudo apt-get update && sudo apt-get install elasticsearch

方式二:

#手动下载安装
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.1-amd64.deb
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.1-amd64.deb.sha512
shasum -a 512 -c elasticsearch-7.17.1-amd64.deb.sha512 
sudo dpkg -i elasticsearch-7.17.1-amd64.deb

#删除下载文件
sudo rm -r elasticsearch-7.17.1-amd64.deb && sudo rm -r elasticsearch-7.17.1-amd64.deb.sha512

#运行 Elasticsearch systemd
sudo /bin/systemctl daemon-reload

2、启动Elasticsearch

sudo systemctl enable elasticsearch.service && sudo systemctl start elasticsearch.service

3、验证Elasticsearch是否正常

curl -X GET "localhost:9200/"

也可查看官方安装文档:https://www.elastic.co/guide/en/elasticsearch/reference/7.17/deb.html

4、安装ik和pinyin分词插件

查看es安装的版本,然后找到对应ik分词版本,要对应哟,将下载的ik包解压到es对应的目录下,然后重新启动es即可;

ik安装:
ik下载地址:https://github.com/medcl/elasticsearch-analysis-ik/releases

ubuntu@VM-0-3-ubuntu:~$ cd /usr/share/elasticsearch/plugins && sudo mkdir ik
ubuntu@VM-0-3-ubuntu:/usr/share/elasticsearch/plugins$ cd ik
ubuntu@VM-0-3-ubuntu:/usr/share/elasticsearch/plugins/ik$ sudo wget https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.17.1/elasticsearch-analysis-ik-7.17.1.zip
ubuntu@VM-0-3-ubuntu:/usr/share/elasticsearch/plugins/ik$ sudo unzip elasticsearch-analysis-ik-7.17.1.zip
ubuntu@VM-0-3-ubuntu:/usr/share/elasticsearch/plugins/ik$ sudo rm -r elasticsearch-analysis-ik-7.17.1.zip
ubuntu@VM-0-3-ubuntu:/usr/share/elasticsearch/plugins/ik$ ls
commons-codec-1.9.jar    config                                httpclient-4.5.2.jar  plugin-descriptor.properties
commons-logging-1.2.jar  elasticsearch-analysis-ik-7.17.1.jar  httpcore-4.4.4.jar    plugin-security.policy

pinyin安装:
pinyin下载地址:https://github.com/medcl/elasticsearch-analysis-pinyin/releases

ubuntu@VM-16-8-ubuntu:/usr/share/elasticsearch/plugins$ sudo mkdir pinyin
ubuntu@VM-16-8-ubuntu:/usr/share/elasticsearch/plugins$ cd pinyin
ubuntu@VM-16-8-ubuntu:/usr/share/elasticsearch/plugins/pinyin$ sudo wget https://github.com/medcl/elasticsearch-analysis-pinyin/releases/download/v7.17.1/elasticsearch-analysis-pinyin-7.17.1.zip
ubuntu@VM-16-8-ubuntu:/usr/share/elasticsearch/plugins/pinyin$ sudo unzip elasticsearch-analysis-pinyin-7.17.1.zip
ubuntu@VM-16-8-ubuntu:/usr/share/elasticsearch/plugins/pinyin$ sudo rm -r elasticsearch-analysis-pinyin-7.17.1.zip
ubuntu@VM-16-8-ubuntu:/usr/share/elasticsearch/plugins/pinyin$ ls
elasticsearch-analysis-pinyin-7.17.1.jar  nlp-lang-1.7.jar  plugin-descriptor.properties

STConvert安装:
STConvert下载地址:https://github.com/medcl/elasticsearch-analysis-stconvert/releases

#重启后插件生效
sudo systemctl restart elasticsearch
#查看已安装的插件
sudo /usr/share/elasticsearch/bin/elasticsearch-plugin list

5、其它

Elasticsearch 有三个配置文件:

elasticsearch.yml用于配置 Elasticsearch
jvm.options用于配置 Elasticsearch JVM 设置
log4j2.properties用于配置 Elasticsearch 日志记录

这些文件位于 config 目录中

Elasticsearch数据和日志目录

数据目录位于
/var/lib/elasticsearch

日志目录位于
/var/log/elasticsearch

配置文件目录位于
/etc/elasticsearch

打开配置文件
sudo vim /etc/elasticsearch/elasticsearch.yml

修改配置

更改数据和日志目录
1、先停止实例
sudo kill -9458 pid

2、创建目录
sudo mkdir -p /home/d/elasticsearch/data
sudo mkdir -p /home/d/elasticsearch/log

3、授权为es用户
sudo chown -R elasticsearch:elasticsearch /home/d/elasticsearch/data
sudo chown -R elasticsearch:elasticsearch /home/d/elasticsearch/log

4、修改es配置文件
path.data: /home/d/elasticsearch/data
path.logs: /home/d/elasticsearch/log

5、重启es
sudo systemctl restart elasticsearch

 开启远程访问

打开es配置文件
sudo vim /etc/elasticsearch/elasticsearch.yml

修改以下节点
network.host: 0.0.0.0
discovery.seed_hosts: ["172.17.0.3"]

重启生效
sudo systemctl restart elasticsearch

访问测试
 curl -X GET "172.17.0.3:9200/"

 network.host:https://www.elastic.co/guide/en/elasticsearch/reference/7.17/important-settings.html#network.host

 开启安全验证

开启最低安全验证
打开es配置文件
sudo vim /etc/elasticsearch/elasticsearch.yml
添加以下设置
xpack.security.enabled: true
如果是单节点,添加以下设置可确保您的节点不会无意中连接到可能在您的网络上运行的其他集群
discovery.type: single-node

重启es
sudo systemctl restart elasticsearch

随机生成密码
sudo /usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto

使用自己的密码 
sudo /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive

重启es
sudo systemctl restart elasticsearch

例如:
ubuntu@VM-0-3-ubuntu:/$ sudo /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
passwords must be at least [6] characters long
Try again.
Enter password for [apm_system]:
Reenter password for [apm_system]:
Passwords do not match.
Try again.
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

 

#测试验证
curl -X GET "172.17.0.3:9200/" -u username:password

 
#修改密码
curl -XPOST -u elastic "172.17.0.3:9200/_security/user/账号/_password" -H 'Content-Type: application/json' -d'{"password" : "旧密码"}' 
#回车后输入新密码,返回{}表示设置成功

安全相关说明:https://www.elastic.co/guide/en/elasticsearch/reference/7.17/setup-xpack.html

生产优化

1、更改资源限制

通过编辑文件为特定用户设置持久限制。将elasticsearch用户的最大打开文件数设置为65,535:

sudo vim /etc/security/limits.conf

在打开的文件中加入
elasticsearch  -  nofile  65535

2、禁用所有交换文件编辑

通常 Elasticsearch 是在一个盒子上运行的唯一服务,它的内存使用由 JVM 选项控制。应该不需要启用交换。
在 Linux 系统上,您可以通过运行以下命令临时禁用交换:

sudo swapoff -a

配置swappiness
Linux 系统上可用的另一个选项是确保将 sysctl 值 vm.swappiness设置为1. 这减少了内核交换的倾向,并且在正常情况下不应该导致

临时调整,会在机器重启后恢复原先设置的值
sysctl vm.swappiness=1

永久调整
sudo vim /etc/sysctl.conf

在打开的文件中加入
vm.swappiness =1

生效激活
sudo sysctl -p

3、虚拟内存编辑

Elasticsearchmmapfs默认使用一个目录来存储它的索引。默认操作系统对 mmap 计数的限制可能太低,这可能会导致内存不足异常。

临时设置
sysctl -w vm.max_map_count=262144

永久设置
sudo vim /etc/sysctl.conf

在打开的文件中加入
vm.max_map_count=262144

生效激活
sudo sysctl -p

 4、TCP重传超时编辑

每对 Elasticsearch 节点通过多个 TCP 连接进行通信,这些连接 保持打开状态,直到其中一个节点关闭或节点之间的通信因底层基础设施故障而中断。大多数 Linux 发行版默认重新传输任何丢失的数据包 15 次。重传呈指数级下降,因此这 15 次重传需要 900 多秒才能完成。这意味着使用这种方法检测网络分区或故障节点需要很多分钟。Windows 默认只重传 5 次,对应的超时时间约为 6 秒,默认设置过多,甚至对大多数 Elasticsearch 安装使用的高质量网络有害,可以将TCP重新传输的最大次数减少到5次,五次重传对应的超时时间约为6秒。

临时设置
sysctl -w net.ipv4.tcp_retries2=5

永久设置
sudo vim /etc/sysctl.conf

在打开的文件中加入
net.ipv4.tcp_retries2 = 5

生效激活
sudo sysctl -p


ubuntu@VM-0-3-ubuntu:~$ sudo vim /etc/sysctl.conf
ubuntu@VM-0-3-ubuntu:~$ sudo sysctl -p
kernel.sysrq = 1
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0
kernel.printk = 5
vm.swappiness = 1
vm.max_map_count = 262144
net.ipv4.tcp_retries2 = 5

 

#查看索引设置
#查看所有
curl -X GET "172.17.0.3:9200/_all/_settings" -u username:password
#查看单个
curl -X GET "172.17.0.3:9200/my-index/_settings" -u username:password

 

 

参考文献:https://www.elastic.co/guide/en/elasticsearch/reference/7.17/important-settings.html

                  https://www.elastic.co/guide/en/elasticsearch/reference/7.17/system-config.html

posted @ 2022-03-02 23:53  anech  阅读(2510)  评论(0编辑  收藏  举报