Elasticsearch安装

警告
本文最后更新于 2022-07-01,文中内容可能已过时。

摘要

1
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.1-linux-x86_64.tar.gz
1
2
tar zxf elasticsearch-7.5.1-linux-x86_64.tar.gz
mv elasticsearch-7.5.1 /usr/local/elastic
1
vi config/elasticsearch.yml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
cluster.name: myes # 集群名称
node.name: node-1 # 设置node名称
path.data: /data/elasticsearch/data # 数据目录位置
path.logs: /data/elasticsearch/logs # 日志目录位置
network.host: 0.0.0.0 # 设置访问地址
http.port: 9200 # 设置访问端口
cluster.initial_master_nodes: ["node-1"]
http.cors.allow-origin: "*" # 跨域问题
http.cors.enabled: true
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
1
2
3
vi /etc/sysctl.conf
vm.max_map_count=262144
sysctl -p
1
2
mkdir -p /data/elasticsearch/{data,logs}
chown -R elastic.elastic /data/elasticsearch
1
2
groupadd elastic
useradd -g elastic -s /sbin/nologin -c "Elastic Server" elastic
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
cat > /usr/lib/systemd/system/elastic.service <<EOF
[Unit]
Description=elasticsearch server
[Service]
Type=simple
User=elastic
Group=elastic
LimitNOFILE=100000
LimitNPROC=100000
ExecStart=/usr/local/elastic/bin/elasticsearch
[Install]
WantedBy=multi-user.target
EOF
1
2
systemctl enable elastic.service
systemctl start elastic.service
1
curl 'http://localhost:9200/?pretty'

出现如下结果表示启动成功

https://img.bwcxtech.com/img/20200928154355.png

1
2
./bin/elasticsearch-certutil ca
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

添加刚才输入的密码到elasticsearch.keystore,会在config文件夹下生成elasticseaerch.keystore文件

1
2
3
4
5
6
./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

mkdir config/certs
mv elastic-stack-ca.p12 config/certs
mv elastic-certificates.p12 config/certs
1
./bin/elasticsearch-setup-passwords interactive

https://img.bwcxtech.com/img/20200928154400.png

1
2
3
4
5
6
7
8
docker run -d \
-p 9200:9200 \
-p 9300:9300 \
-e discovery.type=single-node \
-e bootstrap.memory_lock=true \
-e ES_JAVA_OPTS=-Xms512m -Xmx512m \
-v data01:/usr/share/elasticsearch/data \
elasticsearch:7.2.0

启用安全

1
2
3
4
5
6
7
8
9
docker run -d \
-p 9200:9200 \
-p 9300:9300 \
-e discovery.type=single-node \
-e bootstrap.memory_lock=true \
-e ES_JAVA_OPTS=-Xms512m -Xmx512m \
-e xpack.security.enabled=true \ #开启xpack安全
-v data01:/usr/share/elasticsearch/data \
elasticsearch:7.2.0

启用安全需要设置密码

修改密码

1
./bin/elasticsearch-setup-passwords interactive

elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user 等密码一起修改的

1
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.5.1-linux-x86_64.tar.gz
1
2
tar zxf kibana-7.5.1-linux-x86_64.tar.gz
mv kibana-7.5.1-linux-x86_64 /usr/local/kibana

修改配置

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
## 监听端口,可以不修改
server.port: 5601
## 修改绑定ip,使外部可以通过http访问
server.host: "0.0.0.0"
logging.dest: "/usr/local/kibana/kibana.log"
## 修改elasticsearch服务的地址
elasticsearch.hosts: ["http://localhost:9200"]
## 修改es账号密码
elasticsearch.username: "elastic"
elasticsearch.password: "elastic"
## 修改页面语言为中文
i18n.locale: "zh-CN"
1
2
3
groupadd kibana
useradd -g kibana -s /sbin/nologin -c "Kibana Server" kibana
chown -R kibana.kibana kibana
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
cat > /usr/lib/systemd/system/kibana.service <<EOF
[Unit]
Description=kibana server
[Service]
Type=simple
User=kibana
Group=kibana
ExecStart=/usr/local/kibana/bin/kibana
[Install]
WantedBy=multi-user.target
EOF
1
2
systemctl enable kibana.service
systemctl start kibana.service

配置nginx代理

1
vi nginx.conf
1
2
3
4
5
6
7
8
9
location /kibana/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_pass  https://localhost:5601/;
    rewrite ^/kibana/(.*)$ /$1 break;
}
1
vi kibana.yml
1
2
server:
  basePath: "/kibana"
1
2
3
4
5
6
7
docker run -d \
-p 5601:5601 \
-e ELASTICSEARCH_HOSTS=http://elastic:9200 \
-e ELASTICSEARCH_USERNAME=elastic \
-e ELASTICSEARCH_PASSWORD=elastic \
-e I18N_LOCALE=zh-CN \
kibana:7.2.0