Elasticsearch安装
目录
1 安装Elasticsearch
1.1 下载
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.1-linux-x86_64.tar.gz
1.2 解压
tar zxf elasticsearch-7.5.1-linux-x86_64.tar.gz
mv elasticsearch-7.5.1 /usr/local/elastic
1.3 修改配置文件
vi config/elasticsearch.yml
cluster.name: myes # 集群名称
node.name: node-1 # 设置node名称
path.data: /data/elasticsearch/data # 数据目录位置
path.logs: /data/elasticsearch/logs # 日志目录位置
network.host: 0.0.0.0 # 设置访问地址
http.port: 9200 # 设置访问端口
cluster.initial_master_nodes: ["node-1"]
http.cors.allow-origin: "*" # 跨域问题
http.cors.enabled: true
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
vi /etc/sysctl.conf
vm.max_map_count=262144
sysctl -p
1.4 创建数据目录
mkdir -p /data/elasticsearch/{data,logs}
chown -R elastic.elastic /data/elasticsearch
1.5 创建用户
groupadd elastic
useradd -g elastic -s /sbin/nologin -c "Elastic Server" elastic
1.6 创建elastic服务
cat > /usr/lib/systemd/system/elastic.service <<EOF
[Unit]
Description=elasticsearch server
[Service]
Type=simple
User=elastic
Group=elastic
LimitNOFILE=100000
LimitNPROC=100000
ExecStart=/usr/local/elastic/bin/elasticsearch
[Install]
WantedBy=multi-user.target
EOF
1.7 启动
systemctl enable elastic.service
systemctl start elastic.service
1.8 测试
curl 'http://localhost:9200/?pretty'
出现如下结果表示启动成功
1.9 开启xpack
1.9.1 生成证书
./bin/elasticsearch-certutil ca
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
添加刚才输入的密码到elasticsearch.keystore
,会在config
文件夹下生成elasticseaerch.keystore
文件
./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
mkdir config/certs
mv elastic-stack-ca.p12 config/certs
mv elastic-certificates.p12 config/certs
1.9.2 设置用户密码
./bin/elasticsearch-setup-passwords interactive
1.10 容器启动
docker run -d \
-p 9200:9200 \
-p 9300:9300 \
-e discovery.type=single-node \
-e bootstrap.memory_lock=true \
-e ES_JAVA_OPTS=-Xms512m -Xmx512m \
-v data01:/usr/share/elasticsearch/data \
elasticsearch:7.2.0
启用安全
docker run -d \
-p 9200:9200 \
-p 9300:9300 \
-e discovery.type=single-node \
-e bootstrap.memory_lock=true \
-e ES_JAVA_OPTS=-Xms512m -Xmx512m \
-e xpack.security.enabled=true \ #开启xpack安全
-v data01:/usr/share/elasticsearch/data \
elasticsearch:7.2.0
启用安全需要设置密码
修改密码
./bin/elasticsearch-setup-passwords interactive
elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user 等密码一起修改的
2 安装kibana
2.1 下载
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.5.1-linux-x86_64.tar.gz
2.2 解压
tar zxf kibana-7.5.1-linux-x86_64.tar.gz
mv kibana-7.5.1-linux-x86_64 /usr/local/kibana
修改配置
## 监听端口,可以不修改
server.port: 5601
## 修改绑定ip,使外部可以通过http访问
server.host: "0.0.0.0"
logging.dest: "/usr/local/kibana/kibana.log"
## 修改elasticsearch服务的地址
elasticsearch.hosts: ["http://localhost:9200"]
## 修改es账号密码
elasticsearch.username: "elastic"
elasticsearch.password: "elastic"
## 修改页面语言为中文
i18n.locale: "zh-CN"
2.3 创建用户
groupadd kibana
useradd -g kibana -s /sbin/nologin -c "Kibana Server" kibana
chown -R kibana.kibana kibana
2.4 创建kibana服务
cat > /usr/lib/systemd/system/kibana.service <<EOF
[Unit]
Description=kibana server
[Service]
Type=simple
User=kibana
Group=kibana
ExecStart=/usr/local/kibana/bin/kibana
[Install]
WantedBy=multi-user.target
EOF
2.5 启动
systemctl enable kibana.service
systemctl start kibana.service
配置nginx代理
vi nginx.conf
location /kibana/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_pass https://localhost:5601/;
rewrite ^/kibana/(.*)$ /$1 break;
}
vi kibana.yml
server:
basePath: "/kibana"
2.6 容器启动
docker run -d \
-p 5601:5601 \
-e ELASTICSEARCH_HOSTS=http://elastic:9200 \
-e ELASTICSEARCH_USERNAME=elastic \
-e ELASTICSEARCH_PASSWORD=elastic \
-e I18N_LOCALE=zh-CN \
kibana:7.2.0