linux下安装 Elasticsearch 7.x (手把手教学)

1.导入公共签名密钥:

rpm --import ./GPG-KEY-elasticsearch

or

apt-key add ./GPG-KEY-elasticsearch

如果出现报错,解决方案:

wget https://packages.elastic.co/GPG-KEY-elasticsearch --no-check-certificate

rpm --import GPG-KEY-elasticsearch

 

2.添加elasticsearch的yum repo文件

vim /etc/yum.repos.d/elasticsearch.repo
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://mirror.tuna.tsinghua.edu.cn/elasticstack/7.x/yum/
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

 

3.安装elasticsearch 

yum install -y elasticsearch

 

4.配置elasticsearch 

vim /etc/elasticsearch/elasticsearch.yml
# 17行,设置集群名称
cluster.name: my-cluster

# 23行,设置节点名称
node.name: es-node1

# 56行,允许外网访问
network.host: 0.0.0.0

# 74行,配置集群master节点
cluster.initial_master_nodes: ["es-node1"]

# elasticsearch默认是不支持跨域的,在末尾添加如下两行支持跨域
http.cors.enabled: true
http.cors.allow-origin: "*"

 

5.elasticsearch 默认需要4g的内存,这里可以在适当修改,-Xms4g, 数字即为所占用内存

  禁止 swap,一旦允许内存与磁盘的交换,会引起致命的性能问题。

可以通过在 elasticsearch.yml 中 bootstrap.memory_lock: true,以保持 JVM 锁定内存,保证 ES 的性能。

vim /etc/elasticsearch/jvm.options
-Xms512m
-Xmx512m

 

6.elasticsearch不可以在root用户下启动,所以需要切换用户

# 添加用户,我这里叫es
adduser es 
# 给用户设置密码
passwd 123456
# 切换到es用户下
su es

 

7.这时切换到es用户下,又会报各种权限不足,加上权限就OK了(root用户下执行)

#./elasticsearch-env:行88: /etc/sysconfig/elasticsearch: 权限不够
chown -R es /etc/sysconfig/elasticsearch

#bin/elasticsearch-env: 第 96 行:cd: /etc/elasticsearch: 权限不够
chown -R es /etc/elasticsearch

#Exception in thread "main" java.nio.file.AccessDeniedException: /var/lib/elasticsearch
#只要看到AccessDeniedException异常就给它权限
chown -R es /var/lib/elasticsearch

#Error opening log file '/var/log/elasticsearch/gc.log': Permission denied
#将整个elasticsearch目录权限给它
chown -R es /var/log/elasticsearch

#另外将安装路径的权限给它,这里目前还没报错,不过报错是迟早的事
chown -R es /usr/share/elasticsearch

 

8.启动es

cd /usr/share/elasticsearch/bin
./elasticsearch

或者
#启动
systemctl start elasticsearch
#停止
systemctl stop elasticsearch
#查看启动状态
systemctl status elasticsearch
#添加到开机自启动
systemctl enable elasticsearch

 

9.测试

浏览器打开:http://ip:9200

如果开启了防火墙,需要开启9200端口,页面信息显示如下则启动成功

{
  "name" : "es-node1",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "-IqD_alTS5SZ3xAtr2_qfQ",
  "version" : {
    "number" : "7.17.9",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "ef48222227ee6b9e70e502f0f0daa52435ee634d",
    "build_date" : "2023-01-31T05:34:43.305517834Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

 

10.修改es密码

10.1 需要在配置文件中开启x-pack验证, 修改config目录下面的elasticsearch.yml文件,在里面添加如下内容,并重启.
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true

 

10.2 执行设置用户名和密码的命令,这里需要为4个用户分别设置密码,elastic, kibana, logstash_system,beats_system

cd /usr/share/elasticsearch/bin
./elasticsearch-setup-passwords interactive

 

10.3设置密码

Initiating the setup of passwords for reserved users elastic,kibana,logstash_system,beats_system.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]: 
passwords must be at least [6] characters long
Try again.
Enter password for [elastic]: 
Reenter password for [elastic]: 
Passwords do not match.
Try again.
Enter password for [elastic]: 
Reenter password for [elastic]: 
Enter password for [kibana]: 
Reenter password for [kibana]: 
Enter password for [logstash_system]: 
Reenter password for [logstash_system]: 
Enter password for [beats_system]: 
Reenter password for [beats_system]: 
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [elastic]

  

10.4 修改密码

curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'

  

11.Elasticsearch 默认查询结果最多展示前 10000 条数据。

【方式一】(修改完配置文件,需要重启集群中的 ES 服务)

修改Elasticsearch 集群中的 配置文件 config/elasticsearch.yml

在配置文件最后增加一行,如下:

max_result_window: 200000000

 

【方式二】(推荐)

具体操作命令,如下(比如,设置可查询 200000000 条数据,其中 alarm 是index名称):

PUT alarm/_settings
{ 
  "max_result_window" : 200000000
} 
posted @ 2023-03-17 16:34  潘潘潘的博客  阅读(611)  评论(0编辑  收藏  举报