1、安装JDK

Elasticsearch官方文档中所说,不需要在运行Elasticsearch的机器上安装 JVM,因为它已经在Elasticsearch的jdk目录中放入了JAVA,只需要做相应软连接即可。
参考:https://www.elastic.co/guide/en/elasticsearch/reference/current/setup.html
因为7.10.2版本自带的JDK是15版本,因此,这里选择安装长期支持版:

  1. yum install java-11-openjdk-devel -y

2、配置系统相关参数

  1. vim /etc/security/limits.conf
  2. * soft nproc 65535
  3. * hard nproc 65535
  4. * soft nofile 65535
  5. * hard nofile 65535
  6. * soft stack 65535
  7. * hard stack 65535
  9. vim /etc/sysctl.conf
  10. vm.max_map_count=2655350
  11. vm.swappiness=1

3、解压到安装目录

  1. tar xf elasticsearch-7.10.2-linux-x86_64.tar.gz -C /data/

4、创建用户

  1. groupadd elasticsearch
  2. useradd elasticsearch -g elasticsearch
  4. chown -R elasticsearch:elasticsearch /data/elasticsearch-7.10.2

5、创建配置文件

vim /data/elasticsearch-7.10.2/config/elasticsearch.yml

  1. cluster.name: test-es-cluster
  2. node.name: es-node01
  3. node.roles:
  4.   - master
  5.   - data
  6. network.host: 0.0.0.0
  7. network.publish_host: 192.168.0.71
  8. http.port: 9200
  9. transport.port: 9300
  10. path.data:
  11.   - /data/elasticsearch-7.10.2/data
  12. discovery.seed_hosts:
  13.   - 192.168.0.72:9300
  14.   - 192.168.0.73:9300
  15. cluster.initial_master_nodes:
  16.   - es-node01
  17.   - es-node02
  18.   - es-node03
  19. http.cors.enabled: true
  20. http.cors.allow-origin: "*"

其他实例的配置文件修改host相关信息即可

6、测试启动

  1. su -l elasticsearch -c "/data/elasticsearch-7.10.2/bin/elasticsearch"

7、配置密码

各实例的elasticserarch.yml文件中增加:

  1. xpack.security.enabled: true
  2. xpack.license.self_generated.type: basic
  3. xpack.security.transport.ssl.enabled: true
  4. xpack.security.transport.ssl.verification_mode: certificate
  5. xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
  6. xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

生成证书:

  1. bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""
  3. #生成的证书需要改文件属主属组
  4. chown -R elasticsearch:elasticsearch /data/elasticsearch-7.10.2

随后将证书拷贝到其他节点的config目录下
重启集群
设置密码:

  1. # bin/elasticsearch-setup-passwords interactive
  3. Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
  4. You will be prompted to enter passwords as the process progresses.
  5. Please confirm that you would like to continue [y/N]y
  8. Enter password for [elastic]: 
  9. Reenter password for [elastic]: 
  10. Enter password for [apm_system]: 
  11. Reenter password for [apm_system]: 
  12. Enter password for [kibana_system]: 
  13. Reenter password for [kibana_system]: 
  14. Enter password for [logstash_system]: 
  15. Reenter password for [logstash_system]: 
  16. Enter password for [beats_system]: 
  17. Reenter password for [beats_system]: 
  18. Enter password for [remote_monitoring_user]: 
  19. Reenter password for [remote_monitoring_user]: 
  20. Changed password for user [apm_system]
  21. Changed password for user [kibana_system]
  22. Changed password for user [kibana]
  23. Changed password for user [logstash_system]
  24. Changed password for user [beats_system]
  25. Changed password for user [remote_monitoring_user]
  26. Changed password for user [elastic]

8、配置systemd管理

vim /usr/lib/systemd/system/elasticsearch.service

  1. [Unit]
  2. Description=Elasticsearch
  3. Documentation=https://www.elastic.co
  4. Wants=network-online.target
  5. After=network-online.target
  7. [Service]
  8. ExecStart=/data/elasticsearch-7.10.2/bin/elasticsearch
  9. User=elasticsearch
  10. Group=elasticsearch
  11. StandardOutput=journal
  12. StandardError=inherit
  13. LimitNOFILE=65535
  14. LimitNPROC=65535
  15. LimitAS=infinity
  16. LimitFSIZE=infinity
  17. LimitMEMLOCK=infinity
  18. TimeoutStopSec=0
  19. KillSignal=SIGTERM
  20. KillMode=process
  21. SendSIGKILL=no
  22. SuccessExitStatus=143
  23. timeout
  24. TimeoutStartSec=75
  26. [Install]
  27. WantedBy=multi-user.target