1. # 系统参数修改
    2. echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
    3. echo 'vm.swappiness=1' >> /etc/sysctl.conf
    4. sysctl -p
    5. # 创建临时目录,下载es,解压到安装目录
    6. mkdir -p ~/mdtemp/
    7. cd ~/mdtemp/
    8. wget http://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-7.10.2.tar.gz
    9. tar xf elasticsearch-7.10.2-linux-x86_64.tar.gz -C /usr/local
    10. mv /usr/local/elasticsearch-7.10.2 /usr/local/elasticsearch
    12. # 修改配置文件
    13. cat > /usr/local/elasticsearch/config/elasticsearch.yml <<EOF
    14. node.name: elasticsearch-1 #节点标识,唯一,其他节点需要修改
    15. node.roles:
    16.   - master
    17.   - data
    18. network.host: 0.0.0.0
    19. network.publish_host: 188.102.17.245 # 本机IP
    20. http.port: 9200
    21. transport.port: 9300
    22. path.data:
    23.   - /data/elasticsearch/data
    24. cluster.initial_master_nodes:
    25.   - elasticsearch-1
    26. http.cors.enabled: true
    27. http.cors.allow-origin: "*"
    28. xpack.security.enabled: true
    29. xpack.license.self_generated.type: basic
    30. xpack.security.transport.ssl.enabled: true
    31. xpack.security.transport.ssl.verification_mode: certificate
    32. xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 # 证书的相对路径,也可修改为绝对路径
    33. xpack.security.transport.ssl.truststore.path: elastic-certificates.p12 # 证书的相对路径,也可修改为绝对路径
    34. EOF
    36. #生成证书
    37. /usr/local/elasticsearch/bin/elasticsearch-certutil cert -out /usr/local/elasticsearch/config/elastic-certificates.p12 -pass ""
    39. #创建es用户、数据存储目录
    40. useradd -M -s /sbin/nologin elasticsearch
    41. mkdir -p /data/elasticsearch/data/
    43. #安装插件
    44. su elasticsearch -s /bin/bash -c '/usr/local/elasticsearch/bin/elasticsearch-plugin install http://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-7.10.2.zip'
    46. #授权
    47. chown -R elasticsearch.elasticsearch /usr/local/elasticsearch /data/elasticsearch/
    49. #配置systemd管理
    50. cat > /etc/systemd/system/elasticsearch.service <<EOF
    51. [Unit]
    52. Description=Elasticsearch
    53. [Service]
    54. User=elasticsearch
    55. Group=elasticsearch
    56. LimitNOFILE=65536
    57. LimitNPROC=65536
    58. ExecStart=/usr/local/elasticsearch/bin/elasticsearch
    59. ExecStop=/usr/bin/kill  \$MAINPID
    60. Restart=on-failure
    61. [Install]
    62. WantedBy=multi-user.target
    63. EOF
    65. #启动es
    66. systemctl start elasticsearch
    67. systemctl enable elasticsearch
    69. #设置密码,交互式设置,密码在终端不可见,每个用户的密码都要二次输入确认,elastic用户为es的管理用户。
    70. /usr/local/elasticsearch/in/elasticsearch-setup-passwords interactive