系统相关
首页 > 系统相关> > centos7.7环境安装elasticsearch7.5.1集群

centos7.7环境安装elasticsearch7.5.1集群

作者:互联网

centos7.6系统的elasticsearch7.5.1集群部署


整体策略:
将集群配置好,并且通过命令 curl 10.10.17.19:9200/_cluster/health?pretty 检查状态为green
然后再次修改配置文件启用xpack认证,并拷贝认证文件到各节点,重启集群的节点


1.配置新版本的elasticsearch使用自带的openjdk13
# vim bin/profile

export JAVA_HOME=/usr/local/elk/elasticsearch-7.5.1/jdk
export PATH=$JAVA_HOME/bin:$PATH

# 创建相关的日志和数据目录
mkdir -p /data/es/data
mkdir -p /data/es/logs
mkdir -p /data/esback

groupadd -g 1500 elasticsearch
useradd -u 1500 -g elasticsearch elasticsearch

swapoff -a

echo "fs.file-max = 1000000" >> /etc/sysctl.conf
echo "vm.max_map_count=262144" >> /etc/sysctl.conf
echo "vm.swappiness = 1" >> /etc/sysctl.conf

sysctl -p
sed -i 's/* soft nofile 65535/* soft nofile 655350/g' /etc/security/limits.conf
sed -i 's/* hard nofile 65535/* hard nofile 655350/g' /etc/security/limits.conf
sed -i 's#*          soft    nproc     4096##' /etc/security/limits.d/20-nproc.conf


chown -R elasticsearch.elasticsearch /data/es
chown -R elasticsearch.elasticsearch /data/esback
chown -R elasticsearch.elasticsearch /usr/local/elk/elasticsearch-7.5.1

# 主节点配置
[root@sz_ms_influenex_es_dev01_17_19 elasticsearch-7.5.1]# cat config/elasticsearch.yml
cluster.name: influenex_elk_uat
node.name: influenex_elk01
path.data: /data/es/data
path.logs: /data/es/logs
path.repo: ["/data/esback"]
bootstrap.memory_lock: true
network.host: 10.10.17.19
http.port: 9200
transport.tcp.port: 9300
node.master: true
node.data: true
discovery.seed_hosts: ["10.10.17.19:9300", "10.10.17.20:9300", "10.10.17.21:9300"]
cluster.initial_master_nodes: ["10.10.17.19"]
gateway.recover_after_nodes: 2
transport.tcp.compress: true

# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 300s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 180s

# 密码部分的配置最好等集群配置没有问题后再进行
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12



influenex_elk02

# 第二个节点配置

[elasticsearch@sz_ms_influenex_es_dev02_17_20 elasticsearch-7.5.1]$ cat config/elasticsearch.yml
cluster.name: influenex_elk_uat
node.name: influenex_elk02
path.data: /data/es/data
path.logs: /data/es/logs
path.repo: ["/data/esback"]
bootstrap.memory_lock: true
network.host: 10.10.17.20
http.port: 9200
transport.tcp.port: 9300
node.master: false
node.data: true
discovery.seed_hosts: ["10.10.17.19:9300", "10.10.17.20:9300", "10.10.17.21:9300"]
cluster.initial_master_nodes: ["10.10.17.19"]
gateway.recover_after_nodes: 2
transport.tcp.compress: true

# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 300s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 180s

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12


influenex_elk03 配置

[elasticsearch@sz_ms_influenex_es_dev03_17_21 elasticsearch-7.5.1]$ cat config/elasticsearch.yml
cluster.name: influenex_elk_uat
node.name: influenex_elk03
path.data: /data/es/data
path.logs: /data/es/logs
path.repo: ["/data/esback"]
bootstrap.memory_lock: true
network.host: 10.10.17.21
http.port: 9200
transport.tcp.port: 9300
node.master: false
node.data: true
discovery.seed_hosts: ["10.10.17.19:9300", "10.10.17.20:9300", "10.10.17.21:9300"]
cluster.initial_master_nodes: ["10.10.17.19"]
gateway.recover_after_nodes: 2
transport.tcp.compress: true

# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 300s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 180s

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12



[elasticsearch@sz_ms_influenex_es_dev01_17_19 elasticsearch-7.5.1]$ bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]


# 检查集群的配置
[elasticsearch@sz_ms_influenex_es_dev01_17_19 elasticsearch-7.5.1]$ curl -u elastic:pass10.10.17.19:9200/_cluster/health?pretty
{
  "cluster_name" : "influenex_elk_uat",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 1,
  "active_shards" : 2,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

标签:elasticsearch7.5,elasticsearch,10.10,集群,security,password,data,es,centos7.7
来源: https://www.cnblogs.com/reblue520/p/12219116.html