注意elasticsearch,kibana和ik的版本要保持一致,如ik和elasticsearch的版本不一致时安装运行后报错.
参考
安装docker
请参考安装docker
下载ik分词器插件
https://github.com/medcl/elasticsearch-analysis-ik/releases
下载后,创建目录,如D:\data\docker\elasticsearch\plugins,将下载的zip包解压到il目录下。目录结构如下
创建docker网络
docker network create es
docker network inspect es
拉取镜像
从弹性搜索 8.0 开始,默认情况下启用安全性。
docker search elasticsearch
官方版本查看 https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
docker pull docker.elastic.co/elasticsearch/elasticsearch:8.4.3
docker hub ElasticSearch版本查看 https://hub.docker.com/_/elasticsearch/tags
docker pull elasticsearch:8.4.3
系统配置
启动之前需要对系统进行一下配置,如果是linux
sudo sysctl -w -vm.max_map_count=262144
如果是window Docker Desktop,必须在 docker-desktop 容器中设置该设置:vm.max_map_count
wsl -d docker-desktop
sysctl -w vm.max_map_count=262144
运行容器
单节点
docker run --name elasticsearch --net es -p 9200:9200 -p 9300:9300 -d -e "discovery.type=single-node" -it elasticsearch:8.4.3
或者win
docker run --name elasticsearch2 --net es -p 9200:9200 -p 9300:9300 -d ^
-e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms1024m -Xmx1024m" ^
-it elasticsearch:8.4.3
docker cp elasticsearch2:/usr/share/elasticsearch/config/ D:/data/docker/elasticsearch/
docker cp elasticsearch2:/usr/share/elasticsearch/logs/ D:/data/docker/elasticsearch/
docker cp elasticsearch2:/usr/share/elasticsearch/plugins/ D:/data/docker/elasticsearch/
docker run --name elasticsearch --net es -p 9200:9200 -p 9300:9300 -d ^
-e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms1024m -Xmx1024m" ^
-v D:/data/docker/elasticsearch/config/:/usr/share/elasticsearch/config/ ^
-v D:/data/docker/elasticsearch/logs/:/usr/share/elasticsearch/logs/ ^
-v D:/data/docker/elasticsearch/plugins/:/usr/share/elasticsearch/plugins/ ^
-it elasticsearch:8.4.3
:::warning
-e ES_JAVA_OPTS=”-Xms1024m -Xmx1024m”
-v D:/data/docker/elasticsearch/logs:/usr/share/elasticsearch/logs
-v D:/data/docker/elasticsearch/plugins:/usr/share/elasticsearch/plugins
:::
在 Docker 中启动elasticsearch。为用户生成密码并输出到终端,以及用于注册 Kibana 的注册令牌。
可能需要在终端中向后滚动一点才能查看密码和注册令牌。但我电脑并没在看到
登录ES
启动成功后,访问https://127.0.0.1:9200/会出现如下界面:
重置密码
重置超级管理员elastic的密码
docker exec -it elasticsearch /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
F3SXEhBp3Jysfd9OyhJX
输入账号elastic及密码,登录成功后显示内容如下
{
"name" : "b8ee60d621fe",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "cdkdFnPES7-gOxhGkhsMVg",
"version" : {
"number" : "8.4.1",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "2bd229c8e56650b42e40992322a76e7914258f0c",
"build_date" : "2022-08-26T12:11:43.232597118Z",
"build_snapshot" : false,
"lucene_version" : "9.3.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
生成token
生成enrollment-token(目前只发现kibana登录需要使用)
docker exec -it elasticsearch /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana
eyJ2ZXIiOiI4LjQuMSIsImFkciI6WyIxNzIuMjQuMC4yOjkyMDAiXSwiZmdyIjoiMTQwYzM2NGQ0NzVmMjMyM2ZmMzBmZDkyOWQyNWMyMWJmNTU2NjE3MzU2YzU1ZjQ1ZjliOGU3ZDU0MGJiNjU1OSIsImtleSI6ImtUTWpuSU1CV1ZhNDdxeTlWT3diOnBONmdsZ0RJUjBTVzRSdlQ
0RXZqWGcifQ==
容器目录结构
目录 配置文件 描述
bin 脚本文件,包括启动 Elasticsearch、安装插件,运行统计数据等。
config elasticsearch.yml 集群配置文件
JDK Java 运行环境
data path.data 数据文件
lib Java 类库
logs path.logs 日志文件
modules 包含所有 ES 模块
plugins 包含所有已安装插件
重置密码
以下示例将用户的密码重置为自动生成的值,并在控制台中打印新密码:elastic
docker exec -it elasticsearch /usr/share/elasticsearch/bin/elasticsearch-reset-password -u kibana
Dp_qePbMEoE-PdW7yaUg
docker exec -it elasticsearch /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
docker exec -it elasticsearch /usr/share/elasticsearch/bin/elasticsearch-reset-password -u kibana_system
安全证书
将安全证书从 Docker 容器复制到本地计算机。http_ca.crt
F:\project\elasticsearch
docker cp elasticsearch:/usr/share/elasticsearch/config/certs/http_ca.crt .
从elasticsearch容器下载证书到本地后,手工导入证书.
修改配置文件
这时,需要修改es的配置文件。增加跨域及http的配置。可以直接进入容器修改,也可以copy出来修改在copy回去。由于进入容器还需要下载vim。我这边直接copy出来修改。
cd F:\project\elasticsearch
copy /usr/share/elasticsearch/config/elasticsearch.yml到本地F:/project/elasticsearch/elasticsearch.yml
docker cp elasticsearch:/usr/share/elasticsearch/config/elasticsearch.yml F:/project/elasticsearch/elasticsearch.yml
cluster.name: "docker-cluster"
network.host: 0.0.0.0
#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 03-10-2022 03:12:40
#
# --------------------------------------------------------------------------------
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
#----------------------- END SECURITY AUTO CONFIGURATION -------------------------
在restart: always新增行,添加如下配置
# =====添加如下配置=====
# 开启跨域
http.cors.enabled: true
# 所有人访问
http.cors.allow-origin: "*"
# ======================
# =====修改如下配置为false=====
xpack.security.http.ssl:
enabled: false
# ======================
cluster.name: "docker-cluster"
network.host: 0.0.0.0
#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 03-10-2022 03:12:40
#
# --------------------------------------------------------------------------------
# =====添加如下配置=====
# 开启跨域
http.cors.enabled: true
# 所有人访问
http.cors.allow-origin: "*"
# ======================
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
#----------------------- END SECURITY AUTO CONFIGURATION -------------------------
保存后copy回去
docker cp F:/project/elasticsearch/elasticsearch.yml elasticsearch:/usr/share/elasticsearch/config/elasticsearch.yml
docker restart elasticsearch
拉取kibana
kibana为elasticsearch的图形界面,或者选择ElasticSearch-Head也可以
版本查看 https://hub.docker.com/_/kibana
docker pull kibana:8.4.3
运行kibana
注意地址一定要改成自己的主机地址
docker run --name kibana --link=elasticsearch:elasticsearch --net es -p 5601:5601 -e "I18N_LOCALE=zh-CN" -d kibana:8.4.3
或者
docker run --name kibana --net es -p 5601:5601 ^
-e ELASTICSEARCH_HOSTS=http://elasticsearch:9200 ^
-e "I18N_LOCALE=zh-CN" -d kibana:8.4.3
:::warning
-e ELASTICSEARCH_HOSTS=http://elasticsearch:9200
-e “I18N_LOCALE=zh-CN”
:::
测试环境
kibana
http://192.168.3.40:5601/
输入之前生成的token,弹出
弹窗该窗口,kibana需要验证码。这个验证码在kibana容器控制台也可以看到:
手工输入控制台的602992,如果没有看到,
docker exec -it kibana /usr/share/kibana/bin/kibana-verification-code
或者按以下的方法重新生成验证码
docker exec -it kibana /bin/bash
cd /usr/share/kibana/bin
kibana-verification-code
es-client浏览器插件
安装插件
打开Microsoft Edge的扩展页面,搜索es-client
安装完成后,查看说明
:::warning
:::
打开插件
在浏览器打开插件,extension://aonamamifdfigcflbeokdndfappnmogo/es-client/index.html
配置地址
下载好之后打开插件页面,配置elasticsearch地址
地址为http://192.168.3.40:9200/
在浏览器里打开http://192.168.3.40:9200/,输入账号及密码,
elastic
F3SXEhBp3Jysfd9OyhJX
Elasticvue浏览器插件
安装后,打开extension://geifniocjfnfilcbeloeidajlfmhdlgo/index.html#/cluster/0/