linux下安装 Elasticsearch 7.x (手把手教学)
1.导入公共签名密钥:
rpm --import ./GPG-KEY-elasticsearch or apt-key add ./GPG-KEY-elasticsearch
如果出现报错,解决方案:
wget https://packages.elastic.co/GPG-KEY-elasticsearch --no-check-certificate
rpm --import GPG-KEY-elasticsearch
2.添加elasticsearch的yum repo文件
vim /etc/yum.repos.d/elasticsearch.repo
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://mirror.tuna.tsinghua.edu.cn/elasticstack/7.x/yum/
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
3.安装elasticsearch
yum install -y elasticsearch
4.配置elasticsearch
vim /etc/elasticsearch/elasticsearch.yml
# 17行,设置集群名称 cluster.name: my-cluster # 23行,设置节点名称 node.name: es-node1 # 56行,允许外网访问 network.host: 0.0.0.0 # 74行,配置集群master节点 cluster.initial_master_nodes: ["es-node1"]
# elasticsearch默认是不支持跨域的,在末尾添加如下两行支持跨域
http.cors.enabled: true
http.cors.allow-origin: "*"
5.elasticsearch 默认需要4g的内存,这里可以在适当修改,-Xms4g, 数字即为所占用内存
禁止 swap,一旦允许内存与磁盘的交换,会引起致命的性能问题。
可以通过在 elasticsearch.yml 中 bootstrap.memory_lock: true
,以保持 JVM 锁定内存,保证 ES 的性能。
vim /etc/elasticsearch/jvm.options
-Xms512m -Xmx512m
6.elasticsearch不可以在root用户下启动,所以需要切换用户
# 添加用户,我这里叫es adduser es # 给用户设置密码 passwd 123456 # 切换到es用户下 su es
7.这时切换到es用户下,又会报各种权限不足,加上权限就OK了(root用户下执行)
#./elasticsearch-env:行88: /etc/sysconfig/elasticsearch: 权限不够 chown -R es /etc/sysconfig/elasticsearch #bin/elasticsearch-env: 第 96 行:cd: /etc/elasticsearch: 权限不够 chown -R es /etc/elasticsearch #Exception in thread "main" java.nio.file.AccessDeniedException: /var/lib/elasticsearch #只要看到AccessDeniedException异常就给它权限 chown -R es /var/lib/elasticsearch #Error opening log file '/var/log/elasticsearch/gc.log': Permission denied #将整个elasticsearch目录权限给它 chown -R es /var/log/elasticsearch #另外将安装路径的权限给它,这里目前还没报错,不过报错是迟早的事 chown -R es /usr/share/elasticsearch
8.启动es
cd /usr/share/elasticsearch/bin ./elasticsearch
或者
#启动
systemctl start elasticsearch
#停止
systemctl stop elasticsearch
#查看启动状态
systemctl status elasticsearch
#添加到开机自启动
systemctl enable elasticsearch
9.测试
浏览器打开:http://ip:9200
如果开启了防火墙,需要开启9200端口,页面信息显示如下则启动成功
{ "name" : "es-node1", "cluster_name" : "elasticsearch", "cluster_uuid" : "-IqD_alTS5SZ3xAtr2_qfQ", "version" : { "number" : "7.17.9", "build_flavor" : "default", "build_type" : "rpm", "build_hash" : "ef48222227ee6b9e70e502f0f0daa52435ee634d", "build_date" : "2023-01-31T05:34:43.305517834Z", "build_snapshot" : false, "lucene_version" : "8.11.1", "minimum_wire_compatibility_version" : "6.8.0", "minimum_index_compatibility_version" : "6.0.0-beta1" }, "tagline" : "You Know, for Search" }
10.修改es密码
10.1 需要在配置文件中开启x-pack验证, 修改config目录下面的elasticsearch.yml文件,在里面添加如下内容,并重启.xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true
10.2 执行设置用户名和密码的命令,这里需要为4个用户分别设置密码,elastic, kibana, logstash_system,beats_system
cd /usr/share/elasticsearch/bin ./elasticsearch-setup-passwords interactive
10.3设置密码
Initiating the setup of passwords for reserved users elastic,kibana,logstash_system,beats_system. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: passwords must be at least [6] characters long Try again. Enter password for [elastic]: Reenter password for [elastic]: Passwords do not match. Try again. Enter password for [elastic]: Reenter password for [elastic]: Enter password for [kibana]: Reenter password for [kibana]: Enter password for [logstash_system]: Reenter password for [logstash_system]: Enter password for [beats_system]: Reenter password for [beats_system]: Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [elastic]
10.4 修改密码
curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'
11.Elasticsearch 默认查询结果最多展示前 10000 条数据。
【方式一】(修改完配置文件,需要重启集群中的 ES 服务)
修改Elasticsearch 集群中的 配置文件 config/elasticsearch.yml
在配置文件最后增加一行,如下:
max_result_window: 200000000
【方式二】(推荐)
具体操作命令,如下(比如,设置可查询 200000000 条数据,其中 alarm 是index名称):
PUT alarm/_settings { "max_result_window" : 200000000 }