Elastic

安装

下载

https://www.elastic.co/cn/downloads/elasticsearch

解压

tar -zxvf elasticsearch-7.x.tar.gz
mv elasticsearch-7.x.tar.gz elastic

创建es用户

# 创建用户组
groupadd es
# 创建es用户
useradd es -g es
# 设置密码
passwd es
# 修改elasicsearch目录的拥有者
chown -R es elasticsearch-7.x

修改Linux系统的限制配置

# 新增如下内容在/etc/security/limits.conf 文件中
es soft nofile 65536
es hard nofile 65536
es soft nproc 4096
es hard nproc 4096

修改系统控制权限

# 新增如下内容在/etc/sysctl.conf文件中
vm.max_map_count=262144
# 让系统控制权限配置生效
sysctl -p

配置jvm参数

# 调整xms xmx 根据情况调整、这两个值默认要调整为一样的
-Xms2g
-Xmx2g

配置elasticsearch

# 集群名称
cluster.name: es-cluster
# 节点名称
node.name: node-1
# 允许访问的网络IP地址，0.0.0.0 就是允许所有
network.host: 0.0.0.0
# 设置服务启动的端口号
http.port: 9200
# 指定主机
discovery.seed_hosts: ["192.168.1.1"]
# 集群初始化时启动的节点，如果有多个节点就填写多个，不同节点之间用逗号隔开
cluster.initial_master_nodes: ["node-1"]

配置

elastic辅助配置

http.cors.enabled:  true
http.cors.allow-origin:  "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Type,Content-Length
xpack.security.enabled: true
# cluster.max_shards_per_node: 900000

单节点配置

discovery.type: single-node

集群配置

xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-7.x/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-7.x/config/certs/elastic-certificates.p12

生成证书

bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass

创建密码

# 自定义密码
./bin/elasticsearch-setup-passwords interactive
# kibana配置开启、设置密码
elasticsearch.username: "kibana_system"
elasticsearch.password: "pass"

启动elasticsearch

nohup ./elasticsearch-7.x/bin/elasticsearch &

A&Q

elasticsearch_deprecation.log (Permission denied)

chmod -Rf 775 /home/elasticsearch-7.x

header连接

http://headerIp:9100/?auth_user=elastic&auth_password=pass