ELK日志分析系统之elasticsearch7.x最新版安装与配置

1、Elasticsearch

1.1、elasticsearch的简介

ElasticSearch是一个基于Lucene的搜索服务器。它提供了一个分布式多用户能力的全文搜索引擎,基于RESTful web接口。Elasticsearch是用Java开发的,并作为Apache许可条款下的开放源码发布,是第二流行的企业搜索引擎。设计用于云计算中,能够达到实时搜索,稳定,可靠,快速,安装使用方便。

1.2、下载地址:https://www.elastic.co/cn/downloads/elasticsearch,到此网页上下开elasticsearch安装包。

1.3、将下载的.tar包解压到目录/application下。创建软链接es文件。详情如下图所示:

 

 1.4、关于JDK,此安装包里包含有JDK,不用再系统上重新安装其他的版本的JDK。

 

 1.5、将此JDK放到系统变量文件/etc/profile中,在文件最后插入如下配置,详情如下:

#set java environment

export JAVA_HOME=/application/es/jdk

export JRE_HOME=${JAVA_HOME}/jre

export CLASSPATH=.:${JAVA_HOME}/lib/dt.JAVA_HOME/lib/tools.jar:${JRE_HOME}/lib

export PATH=${JAVA_HOME}/bin:${PATH}

1.6、使用source命令,使配置生效

source /etc/profile

1.7、配置elasticsearch的配置文件

[root@harlan_ansible ~]# vim /application/es/config/elasticsearch.yml 
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-harlan   #配置集群的名称
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: harlan_ansible     #本节点的名称,此主机的名称
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /application/es/to/data      #日志存放地址
#
# Path to log files:
#
path.logs: /application/es/to/logs      #elasticsearch的本地日志
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0               #任意IP都可以访问elasticsearch
#
# Set a custom port for HTTP:
#
http.port: 9200                  #elasticsearch的访问端口
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["harlan_ansible"]      #开启集群的节点
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
http.cors.enabled: true                  #下面这两个,是为了通过外网的浏览器访问
http.cors.allow-origin: "*"

1.8、通过上述配置后,还需要配置启动elasticsearch服务的用户和权限。因为elasticsearch的服务不能使用root用户进行启动。所以需要创建es帐号,并且更改/application/es的所属用户和组。

1.8.1 创建用户es

useradd es

1.8.2 更改/application/es的所属用户和组

chown -R es.es /application/es
chown -R es.es /application/elasticsearch-7.3.2

1.9、切换到es帐户,启动elasticsearch服务

[es@harlan_ansible]$ su es
[es@harlan_ansible root]$ /application/es/bin/elasticsearch -d

1.10、查看服务是否已启动

 

 1.11、由上图可知,elasticsearch服务已经启动。

测试:通过浏览器进行访问

 

 1.12、由图可知,elasticsearch已经安装成功。

posted @ 2019-09-29 10:12  启云  阅读(2498)  评论(3编辑  收藏  举报