【碎碎念】CentOS 7.6 -- ES集群安装

makauir
156 阅读4分钟

image.png

前言

开启掘金成长之旅!这是我参与「掘金日新计划 · 12 月更文挑战」的第6天,点击查看活动详情

安装包下载

本次使用的

官网下载地址:链接

image.png

或者直接wget

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.4.2-linux-x86_64.tar.gz

本次部署的版本是ES 7.4.2 新版本的ES内置了java,因此无需在环境中安装java

解压缩ES

tar -zxvf elasticsearch-7.4.2-linux-x86_64.tar.gz

删除安装包

rm -rf elasticsearch-7.4.2-linux-x86_64.tar.gz

创建ES用户

  • 由于es不允许使用root账户启动,因此创建ES用户用于启动ES,创建命令如下:
useradd es
  • 为新创建的ES用户配置密码:
echo "123456" | passwd --stdin "es"

echo "D3LvC@F01xmR" | passwd --stdin "es"
  • 配置成功之后显示如下:
Changing password for user es.
passwd: all authentication tokens updated successfully.

修改ES配置文件

cd /root/elasticsearch-7.4.2/config

cp elasticsearch.yml elasticsearch.yml.bak

rm -r elasticsearch.yml

vi elasticsearch.yml

创建数据路径和log路径

mkdir /data/elasticsearch-7.4.2/data
mkdir /data/elasticsearch-7.4.2/logs

image.png

cluster-1

# 集群名称
cluster.name: cluster-elasticsearch
# 节点名称,每个节点的名称不能重复
node.name: es-01
# ip 地址,每个节点的地址不能重复
network.host: 172.28.160.81
# 是不是有资格主节点
node.master: true
node.data: true
path.data: /data/elasticsearch-7.4.2/data
path.logs: /data/elasticsearch-7.4.2/logs
http.port: 9200
# head 插件需要这打开这两个配置
http.cors.allow-origin: "*"
http.cors.enabled: true
http.max_content_length: 200mb
# 初始化一个新的集群时需要此配置来选举 master
cluster.initial_master_nodes: ["es-01"]
# 节点发现
discovery.seed_hosts: ["172.28.160.81:9300","172.28.160.82:9300","172.28.160.83:9300"]
gateway.recover_after_nodes: 2
network.tcp.keep_alive: true
network.tcp.no_delay: true
transport.tcp.compress: true
# 集群内同时启动的数据任务个数,默认是 2 个
cluster.routing.allocation.cluster_concurrent_rebalance: 16
# 添加或删除节点及负载均衡时并发恢复的线程个数,默认 4 个
cluster.routing.allocation.node_concurrent_recoveries: 16
# 初始化数据恢复时,并发恢复线程的个数,默认 4 个
cluster.routing.allocation.node_initial_primaries_recoveries: 16

# 配置认证
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true

cluster-2

# 集群名称
cluster.name: cluster-elasticsearch
# 节点名称,每个节点的名称不能重复
node.name: es-02
# ip 地址,每个节点的地址不能重复
network.host: 172.28.160.82
# 是不是有资格主节点
node.master: :
node.data: true
path.data: /data/elasticsearch-7.4.2/data
path.logs: /data/elasticsearch-7.4.2/logs
http.port: 9200
# head 插件需要这打开这两个配置
http.cors.allow-origin: "*"
http.cors.enabled: true
http.max_content_length: 200mb
# 初始化一个新的集群时需要此配置来选举 master
cluster.initial_master_nodes: ["es-01"]
# 节点发现
discovery.seed_hosts: ["172.28.160.81:9300","172.28.160.82:9300","172.28.160.83:9300"]
gateway.recover_after_nodes: 2
network.tcp.keep_alive: true
network.tcp.no_delay: true
transport.tcp.compress: true
# 集群内同时启动的数据任务个数,默认是 2 个
cluster.routing.allocation.cluster_concurrent_rebalance: 16
# 添加或删除节点及负载均衡时并发恢复的线程个数,默认 4 个
cluster.routing.allocation.node_concurrent_recoveries: 16
# 初始化数据恢复时,并发恢复线程的个数,默认 4 个
cluster.routing.allocation.node_initial_primaries_recoveries: 16

# 配置认证
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true

cluster-3

# 集群名称
cluster.name: cluster-elasticsearch
# 节点名称,每个节点的名称不能重复
node.name: es-03
# ip 地址,每个节点的地址不能重复
network.host: 172.28.160.83
# 是不是有资格主节点
node.master: true
node.data: true
path.data: /data/elasticsearch-7.4.2/data
path.logs: /data/elasticsearch-7.4.2/logs
http.port: 9200
# head 插件需要这打开这两个配置
http.cors.allow-origin: "*"
http.cors.enabled: true
http.max_content_length: 200mb
# 初始化一个新的集群时需要此配置来选举 master
cluster.initial_master_nodes: ["es-01"]
# 节点发现
discovery.seed_hosts: ["172.28.160.81:9300","172.28.160.82:9300","172.28.160.83:9300"]
gateway.recover_after_nodes: 2
network.tcp.keep_alive: true
network.tcp.no_delay: true
transport.tcp.compress: true
# 集群内同时启动的数据任务个数,默认是 2 个
cluster.routing.allocation.cluster_concurrent_rebalance: 16
# 添加或删除节点及负载均衡时并发恢复的线程个数,默认 4 个
cluster.routing.allocation.node_concurrent_recoveries: 16
# 初始化数据恢复时,并发恢复线程的个数,默认 4 个
cluster.routing.allocation.node_initial_primaries_recoveries: 16

# 配置认证
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true

配置密码

cd /root/elasticsearch-7.4.2/bin

./elasticsearch-setup-passwords interactive

BUG

ERROR: Elasticsearch keystore file is missing [/root/elasticsearch-7.4.2/config/elasticsearch.keystore]

解决

./elasticsearch-keystore create

关闭防火墙

systemctl stop firewalld

启动ES

./elasticsearch
  • 报错
could not find java in JAVA_HOME or bundled at /root/elasticsearch-7.4.2/jdk/bin/java

yum install -y java-11-openjdk.x86_64 
yum install -y java-11-openjdk-devel.x86_64 
yum install -y java-11-openjdk-headless.x86_64

编辑配置文件

vi /etc/profile

在文件末尾追加如下配置

export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-11.0.17.0.8-2.el7_9.x86_64
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar 
export PATH=$PATH:$JAVA_HOME/bin

刷新环境变量

source /etc/profile
  • 报错

Error: Could not find or load main class org.elasticsearch.tools.java_version_checker.JavaVersionChecker
  • 解决
将es目录移动到非root用户下

mv elasticsearch-7.4.2 /home/es
  • 报错
Exception in thread "main" java.nio.file.AccessDeniedException: /home/es/elasticsearch-7.4.2/config/jvm.options
  • 解决
sudo chown -R es:es /home/es/elasticsearch-7.4.2/
  • 报错
main ERROR Null object returned for RollingFile in Appenders.
  • 解决
需要修改config配置里的log4j2.properties 文件, 将 logger.deprecation.level = warn 改为 error
第95行
  • 报错菜单。。
(Permission denied) java.io.FileNotFoundException: /data/elasticsearch-7.4.2/logs/cluster-elasticsearch_index_indexing_slowlog.json (Permission denied)
  • 解决
sudo chown -R es:es /data/elasticsearch-7.4.2/data/
sudo chown -R es:es /data/elasticsearch-7.4.2/logs/
  • 报错
ERROR: [2] bootstrap checks failed
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
[2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
  • 解决
vim /etc/security/limits.conf

* soft nofile 65536  
* hard nofile 131072


vi /etc/sysctl.conf

vm.max_map_count=655360

# 系统生效

sysctl -p
  • 报错
Cause: Cluster state has not been recovered yet, cannot write to the [null] index
  • 解决
./elasticsearch-certutil cert

将生成的证书分发至节点,修改配置文件

xpack.security.transport.ssl.verification_mode: certificate 
xpack.security.transport.ssl.keystore.path: /home/es/elasticsearch-7.4.2/config/elastic-certificates.p12 
xpack.security.transport.ssl.truststore.path: /home/es/elasticsearch-7.4.2/config/elastic-certificates.p12
  • 报错
SSL resources should be placed in the [/home/es/elasticsearch-7.4.2/config] directory
  • 解决
xpack.security.transport.ssl.keystore.path: /home/es/elasticsearch-7.4.2/config/elastic-certificates.p12 
xpack.security.transport.ssl.truststore.path: /home/es/elasticsearch-7.4.2/config/elastic-certificates.p12
  • 报错
SSL resources should be placed in the [/home/es/elasticsearch-7.4.2/config] directory
  • 解决
chmod 777 elastic-certificates.p12
avatar
文章
阅读
粉丝