elasticsearch7.16.2集群部署
准备工作
3台虚拟机,内存2g+,硬盘20g
ip | 节点 | 角色 | 系统 |
---|---|---|---|
192.168.94.145 | node0 | master1 | centos7 |
192.168.94.147 | node1 | slave1 | centos7 |
192.168.94.148 | node2 | slave2 | centos7 |
-
关闭防火墙selinux
systemctl stop firewalld && systemctl disable firewalld setenforce 0
-
设置内核参数
[esuser@node0 elasticsearch-7.16.2]$ vim /etc/sysctl.conf vm.max_map_count=262144 [esuser@node0 elasticsearch-7.16.2]$ vim /etc/security/limits.conf * soft nofile 65536 * hard nofile 65536 sysctl -p
-
部署java环境
yum -y install java #若是二进制安装则需要配置环境变量指定$JAVA_HOME
-
安装常用命令(如果有就不用)
yum -y install vim wget
安装
部署
#下载二进制包
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.16.2-linux-x86_64.tar.gz
#解压到指定目录
tar -xf elasticsearch-7.16.2-linux-x86_64.tar.gz -C /opt/
#创建es用户
groupadd esuser
useradd -g esuser esuser
#创建数据存放目录
mkdir /opt/esdata
#更改属主组为esuser
chown -R esuser:esuser /opt/e.*
#填写本地配置(三台都要)
vim config/elasticsearch.yml
cluster.name: estest
node.name: esnode1#(是哪个节点就改成对应节点名字,不能重复)
node.master: true
node.data: true
path.data: /opt/esdata
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
network.host: 0.0.0.0
http.port: 9200#绑定网页访问端口
http.cors.enabled: true
http.cors.allow-origin: "*"
cluster.initial_master_nodes: ["192.168.94.145","192.168.94.146","192.168.94.147"]#定义集群初始主节点
discovery.seed_hosts: ["192.168.94.145","192.168.94.146","192.168.94.147"]#定义集群所有节点
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
配置密码
#生成证书(在当前目录生成)
[esuser@node0 elasticsearch-7.16.2]$ ./bin/elasticsearch-certutil ca
...
Please enter the desired output file [elastic-stack-ca.p12]:#按回车
Enter password for elastic-stack-ca.p12 :#按回车
#颁发证书(在当前目录生成)
[esuser@node0 elasticsearch-7.16.2]$ ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 #直接按回车,不输入密码
#分发证书到对应节点
chmod 777 elastic-certificates.p12
mv elastic-certificates.p12 config/
[root@node0 elasticsearch-7.16.2]# scp elastic-stack-ca.p12 192.168.94.146:/opt/elasticsearch-7.16.2/config
[root@node0 elasticsearch-7.16.2]# scp elastic-stack-ca.p12 192.168.94.147:/opt/elasticsearch-7.16.2/config
#启动服务(各节点都要)
[root@node0 elasticsearch-7.16.2]# su esuser
[root@node0 elasticsearch-7.16.2]# ./opt/elasticsearch-7.16.2/bin/elasticsearch -d &
#修改密码(主节点)
[root@node0 elasticsearch-7.16.2]# ./bin/elasticsearch-setup-passwords interactive
#每个用户会让你输入2遍密码
访问验证
#访问验证
[esuser@node0 bin]$ curl -u elastic:123456 http://192.168.94.145:9200/_cat/nodes?v
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
192.168.94.147 28 94 0 0.00 0.01 0.05 cdfhilrstw - esnode3
192.168.94.146 11 96 0 0.00 0.01 0.05 cdfhilmrstw - esnode2
192.168.94.145 61 70 0 0.00 0.01 0.05 cdfhilmrstw * esnode1