准备工作
基础优化[部署好的es无需操作,新server操作]
setenforce 0
getenforce
sed -i 's#^SELINUX=.*$#SELINUX=disabled#g' /etc/selinux/config
systemctl stop NetworkManager.service
systemctl disable NetworkManager.service
systemctl stop firewalld
systemctl disable firewalld
安装时间同步[全部执行]:
yum install -y ntp
systemctl start ntpd
systemctl enable ntpd
timedatectl set-timezone Asia/Shanghai #时区设置为上海
# 时间服务器配置[ 为了方便全部使用阿里云时间服务器 每台都配置,如果内网就做内网时间授权]:
sed -i "s/^server 0.*/server ntp1.aliyun.com/g" /etc/ntp.conf
sed -i "s/^server 1/#&/g" /etc/ntp.conf
sed -i "s/^server 2/#&/g" /etc/ntp.conf
sed -i "s/^server 3/#&/g" /etc/ntp.conf
#重启ntp:
systemctl restart ntpd
ntpq -pn
#添加到计划任务
sudo echo '*/5 * * * * /usr/sbin/ntpd -pn' >>/var/spool/cron/root
sudo systemctl restart crond.service
crontab -l
优化线程数和性能[每个节点都要配置]:
sudo su - root
cat >/etc/security/limits.conf <<'EOF'
styd soft nofile 655350
styd hard nofile 655350
styd soft nproc 40960
styd hard nproc 40960
* soft nofile 655360
* hard nofile 655360
EOF
sudo echo 'vm.max_map_count = 262144' >>/etc/sysctl.conf
echo 'vm.swappiness = 1' >>/etc/sysctl.conf
sysctl -p
#主机名规划:
192.168.10.31 node01 es-node01
192.168.10.32 node02 es-node02
192.168.10.33 node03 es-node03
192.168.10.34 node04 es-node04
hostnamectl set-hostname es-node0x
创建elastic用户与授权目录并授权
# 2.1 创建elastic用户 [styd] 与授权目录并授权[所有机器]:
groupadd -r -g 1001 develop && \
useradd -r -m -s /bin/bash -u 1001 -g develop styd && \
echo '123456'|passwd --stdin styd
# 2.2 sudo配置[所有机器]:
echo 'styd ALL=(root) NOPASSWD:ALL' |sudo tee /etc/sudoers.d/styd
chown -R styd.develop /opt
su - styd
#2.3 创建es部署目录
mkdir -p /opt
cd /root [上传部署包到这里]
#有包的服务器操作:
scp -r elasticsearch-6.7.1.tar.gz jdk-8u111-linux-x64.rpm kibana-6.7.1-linux-x86_64.tar.gz styd@192.168.10.33:/home/styd
#回到新机器继续操作
[styd@localhost ~]$ ll
total 489280
-rw-r--r-- 1 styd develop 148542786 Mar 24 22:48 elasticsearch-6.7.1.tar.gz
-rw-r--r-- 1 styd develop 166040563 Mar 24 22:48 jdk-8u111-linux-x64.rpm
-rw-r--r-- 1 styd develop 186430753 Mar 24 22:48 kibana-6.7.1-linux-x86_64.tar.gz
#修改hosts:
[root@node04 ~]# cat /etc/hosts
192.168.10.31 node01 es-m
192.168.10.32 node02 es-s1
192.168.10.33 node03 es-s2
192.168.10.34 node04 es-s3 #新机器
#修改主机名
[root@node04 ~]# hostnamectl set-hostname node04
部署es6.7.1
官方地址: https://www.elastic.co/guide/en/elastic-stack/7.15/installing-elastic-stack.html
修改配置文件 elasticsearch.yml :
注意参数: discovery.seed_hosts: ["host1", "host2"] #主机之间有逗号和空格
#一定要注意: 这个配置文件在修改的时候需要保证空格正确,一旦错误,这个文件只能删除不能改回
#修改时务必备份一次,以免改错无法恢复
cp /opt/elasticsearch-6.7.1/config/elasticsearch.yml{,.bak}
vim /opt/elasticsearch-6.7.1/config/elasticsearch.yml
默认配置都被注释了,直接文件末尾添加配置如下:
下列根据生产环境配置 名称有所不同
node04[es-s3]:
这里 discovery.zen.minimum_master_nodes:2
这里需要改为偶数,防止脑裂
并且node.master: false 需要改为 true 允许参与竞选master
~/.bashrc 文件添加环境变量[每个节点都要配置]:
#vim ~/.bashrc : 尾部添加以下配置:
export ES_HOME=/opt/elasticsearch-6.7.1
export PATH=$ES_HOME/bin:$PATH
#添加软连接
ln -s /opt/elasticsearch-6.7.1 /opt/elasticsearch
#修改完毕后:
source ~/.bashrc
安装java
sudo rpm -ivh jdk-8u111-linux-x64.rpm
配置主机解析
[每台都加]
[node01@node01 elasticsearch-6.7.1]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.31 node01 es-m
192.168.10.32 node02 es-s1
192.168.10.33 node03 es-s2
192.168.10.34 node04 es-s3 #新机器
扩容前各个节点状况检查
node01:
node02:
node03:
检查各个节点:
status: red 表示集群有问题,status: green 表示集群正常
索引curl 命令
创建明明全部小写,不能使用 _ 开头
创建index
curl -XPUT http://192.168.10.31:9200/xxx?pretty
获取索引
curl -XGET http://192.168.10.31:9200/xxx?pretty
如:
[styd@node01 ~]$ curl -XGET http://192.168.10.31:9200/_cat/nodes
192.168.10.31 24 35 3 0.11 0.12 0.07 mi * es-m
192.168.10.33 24 35 3 0.14 0.08 0.07 di - es-s2
192.168.10.32 25 35 2 0.17 0.12 0.08 di - es-s1
删除索引:
curl -XDELETE http://192.168.10.31:9200/xxx?pretty
es扩容与回退
0. 创建相关es用户
1. 拷贝原部署包到本机
2. 部署java环境添加环境变量
3. 解压并修改配置
4. 部署es组件
5. 检查数据是否正常
6. 失败回退操作
1. 扩容时会在集群配置文件中添加该主机的主机名与IP
2. 扩容失败时还原原配置文件
3. 启动集群 检查原集群数据
扩容节点:
#准备新的服务器环境 es-03
#修改所有host文件添加新集群
192.168.10.31 node01 es-m
192.168.10.32 node02 es-s1
192.168.10.33 node03 es-s2
192.168.10.34 node04 es-s3 #新增服务器,将配置文件同步到集群相关服务器
#准备相关用户:
groupadd -r -g 1001 develop && \
useradd -r -m -s /bin/bash -u 1001 -g develop styd && \
echo '123456'|passwd --stdin styd
#拷贝相关包到该服务器
elasticsearch-6.7.1.tar.gz
jdk-8u111-linux-x64.rpm
kibana-6.7.1-linux-x86_64.tar.gz
scp -r elasticsearch-6.7.1.tar.gz jdk-8u111-linux-x64.rpm kibana-6.7.1-linux-x86_64.tar.gz styd@192.168.10.34:/home/styd/
#切换用户运行
su - styd
#部署java环境
[styd@node04 ~]$ ll
total 489280
-rw-r--r-- 1 styd develop 148542786 Mar 24 22:48 elasticsearch-6.7.1.tar.gz
-rw-r--r-- 1 styd develop 166040563 Mar 24 22:48 jdk-8u111-linux-x64.rpm
-rw-r--r-- 1 styd develop 186430753 Mar 24 22:48 kibana-6.7.1-linux-x86_64.tar.gz
[styd@node04 ~]$ sudo rpm -ivh jdk-8u111-linux-x64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:jdk1.8.0_111-2000:1.8.0_111-fcs ################################# [100%]
Unpacking JAR files...
tools.jar...
plugin.jar...
javaws.jar...
deploy.jar...
rt.jar...
jsse.jar...
charsets.jar...
localedata.jar...
[styd@node04 ~]$ java -version
java version "1.8.0_111"
Java(TM) SE Runtime Environment (build 1.8.0_111-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.111-b14, mixed mode)
#部署es
[styd@node04 ~]$ ll
total 489280
-rw-r--r-- 1 styd develop 148542786 Mar 24 22:48 elasticsearch-6.7.1.tar.gz
-rw-r--r-- 1 styd develop 166040563 Mar 24 22:48 jdk-8u111-linux-x64.rpm
-rw-r--r-- 1 styd develop 186430753 Mar 24 22:48 kibana-6.7.1-linux-x86_64.tar.gz
#目录授权
~]$ sudo mkdir /application
~]$ sudo chown -R styd.develop /application
~]$ tar xf elasticsearch-6.7.1.tar.gz -C /application
~]$ ln -s /application/elasticsearch-6.7.1 /application/elasticsearch
~]$ sudo chown -R styd.develop /application/elasticsearch-6.7.1
~]$ cp /opt/elasticsearch-6.7.1/config/elasticsearch.yml{,.bak}
#配置文件修改为如下:
cat config/elasticsearch.yml: [每台机器配置文件都需要添加这个hosts主机名]
cluster.name: ES
node.name: es-s3
path.data: /application/elasticsearch/data
path.logs: /application/elasticsearch/logs
network.host: 192.168.10.34
http.port: 9200
node.master: true
node.data: true
discovery.zen.ping.unicast.hosts: ["es-m","es-s1","es-s2","es-s3"] #新节点信息
discovery.zen.minimum_master_nodes: 1
indices.query.bool.max_clause_count: 3072
http.cors.enabled: true
http.cors.allow-origin: "*"
启动相关节点:
#检查目前节点情况:
[styd@node01 ~]$ curl -XGET http://127.0.0.1:9200/_cat/nodes
192.168.10.31 34 40 0 0.00 0.01 0.05 mi * es-m
192.168.10.33 24 35 0 0.00 0.01 0.05 di - es-s2
192.168.10.32 39 35 0 0.00 0.01 0.05 di - es-s1
#检查每台hosts配置保持一致
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.31 node01 es-m
192.168.10.32 node02 es-s1
192.168.10.33 node03 es-s2
192.168.10.34 node04 es-s3 #新节点
#修改配置文件完成后重启节点:
node01
/application/elasticsearch/bin/elasticsearch -d
node02
/application/elasticsearch/bin/elasticsearch -d
node03
/application/elasticsearch/bin/elasticsearch -d
node04
/application/elasticsearch/bin/elasticsearch -d
#检查节点信息:
[styd@node01 ~]$ curl -XGET http://127.0.0.1:9200/_cat/nodes
192.168.10.31 28 40 0 0.05 0.03 0.05 mi * es-m
192.168.10.32 29 35 0 0.28 0.10 0.07 di - es-s1
192.168.10.33 30 35 1 0.00 0.01 0.05 di - es-s2
192.168.10.34 29 38 0 0.35 0.11 0.08 di - es-s3 #新节点启动完成
检查节点信息:
回滚节点
回退节点只需要修改配置文件剔除 es-s3 节点信息即可:
1. 修改集群中每个hosts
[styd@node01 ~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.31 node01 es-m
192.168.10.32 node02 es-s1
192.168.10.33 node03 es-s2
#192.168.10.34 node04 es-s3 #删除该行
2. 修改集群每个节点的discovery.zen.ping.unicast.hosts信息:
cluster.name: ES
node.name: es-m
path.data: /application/elasticsearch/data
path.logs: /application/elasticsearch/logs
network.host: 0.0.0.0
http.port: 9200
node.master: true
node.data: false
discovery.zen.ping.unicast.hosts: ["es-m","es-s1","es-s2","es-s3"]
discovery.zen.minimum_master_nodes: 1
indices.query.bool.max_clause_count: 3072
http.cors.enabled: true
http.cors.allow-origin: "*"
#去除 ,"es-s3" 节点
discovery.zen.ping.unicast.hosts: ["es-m","es-s1","es-s2","es-s3"]
改为:
discovery.zen.ping.unicast.hosts: ["es-m","es-s1","es-s2"]
修改完成后保存配置文件,注意每个节点都需要剔除 es-s3 节点
完成后重启3个节点,启动后显示如下:
检查节点信息:
curl -s 'http://localhost:9200/_cat/nodes?v&h=name,ip,jdk,cpu,disk*,heap*,ram*,load_*&s=name'
配置开机启动
配置开机自启
cat /etc/init.d/elasticsearch
#!/bin/bash
#chkconfig: 345 63 37
#description: elasticsearch
#processname: elasticsearch-6.7.1
export ES_HOME=/application/elasticsearch-6.7.1
case $1 in
start)
su esuser<<!
cd $ES_HOME
./bin/elasticsearch -d -p pid
exit
!
echo "elasticsearch is started"
;;
stop)
pid=`cat $ES_HOME/pid`
kill -9 $pid
echo "elasticsearch is stopped"
;;
restart)
pid=`cat $ES_HOME/pid`
kill -9 $pid
echo "elasticsearch is stopped"
sleep 1
su esuser<<!
cd $ES_HOME
./bin/elasticsearch -d -p pid
exit
!
echo "elasticsearch is started"
;;
*)
echo "start|stop|restart"
;;
esac
exit 0
安装head插件[可选]
官方地址:
https://github.com/mobz/elasticsearch-head
https://github.com/mobz/elasticsearch-head/releases
sz[或浏览器输入]: https://codeload.github.com/mobz/elasticsearch-head/zip/refs/heads/master
上传到 /application/elasticsearch-head
或者:
git clone git://github.com/mobz/elasticsearch-head.git
cd /application/elasticsearch
bin/plugin -install mobz/elasticsearch-head
#配置跨域
vim config/elasticsearch.yml
添加如下参数:
http.cors.enabled: true
http.cors.allow-origin: "*"
安装node [可选]
#官方文档:
https://github.com/mobz/elasticsearch-head
#添加参数:
vim /etc/profile
export PATH=/usr/local/node/bin:$PATH
git clone git://github.com/mobz/elasticsearch-head.git
cd elasticsearch-head
npm install
npm run start
[styd@node01 ~]$ curl -XGET http://192.168.10.31:9200/_cat/nodes
192.168.10.31 23 40 0 0.00 0.01 0.05 mi * es-m
192.168.10.33 33 35 0 0.00 0.01 0.05 di - es-s2
192.168.10.32 31 35 0 0.00 0.01 0.05 di - es-s1
部署kibana
tar xf kibana-6.7.1-linux-x86_64.tar.gz -C /opt/
ln -s /opt/kibana-6.7.1-linux-x86_64 /opt/kibana
[styd@node01 kibana]$ vim config/kibana.yml
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://192.168.10.11:9200"]
elasticsearch.username: "kibana"
elasticsearch.password: "123456"
i18n.locale: "zh-CN"
#启动kibana
[styd@node01 kibana]$ ./bin/kibana &
#停止kibana
[styd@node01 kibana]$ ps -ef | grep node
styd 69857 68707 5 23:04 pts/2 00:00:11 ./bin/../node/bin/node --no-warnings --max-http-header-size=65536 ./bin/../src/cli
styd 70094 68707 0 23:07 pts/2 00:00:00 grep --color=auto node
[styd@node01 kibana]$ kill -9 69857
配置密码访问:
在6.7版本中内置的账号密码访问功能X-PACK 需要付费使用
可以选择apache-tools提供的访问功能
#部署httpd-tools工具
su - styd
yum install httpd-tools
htpasswd -c /opt/kibana/admin/.htpasswd admin
[root@node01 nginx]# htpasswd -c /opt/kibana/admin/.htpasswd admin
New password: admin
Re-type new password: admin
cat /etc/nginx/conf.d/kibana.conf
server {
listen 80;
server_name 192.168.10.11;
location / {
auth_basic "Authorized users only";
auth_basic_user_file /opt/kibana/admin/.htpasswd; # 密码文件
proxy_pass http://127.0.0.1:5601/;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_connect_timeout 3;
proxy_read_timeout 3;
proxy_send_timeout 3;
access_log off;
break;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
微信赞赏 
支付宝赞赏 