ICode9
精准搜索请尝试: 精确搜索
首页
编程语言>
数据库
系统相关
互联网
其他分享
Python
Java
JavaScript
android
PHP
首页 > 系统相关> 文章详细

centos7.7环境安装elasticsearch7.5.1集群

2020-01-20 19:00:37  阅读:341  来源: 互联网

标签:elasticsearch7.5 elasticsearch 10.10 集群 security password data es centos7.7


centos7.6系统的elasticsearch7.5.1集群部署


整体策略:
将集群配置好,并且通过命令 curl 10.10.17.19:9200/_cluster/health?pretty 检查状态为green
然后再次修改配置文件启用xpack认证,并拷贝认证文件到各节点,重启集群的节点


1.配置新版本的elasticsearch使用自带的openjdk13
# vim bin/profile

export JAVA_HOME=/usr/local/elk/elasticsearch-7.5.1/jdk
export PATH=$JAVA_HOME/bin:$PATH

# 创建相关的日志和数据目录
mkdir -p /data/es/data
mkdir -p /data/es/logs
mkdir -p /data/esback

groupadd -g 1500 elasticsearch
useradd -u 1500 -g elasticsearch elasticsearch

swapoff -a

echo "fs.file-max = 1000000" >> /etc/sysctl.conf
echo "vm.max_map_count=262144" >> /etc/sysctl.conf
echo "vm.swappiness = 1" >> /etc/sysctl.conf

sysctl -p
sed -i 's/* soft nofile 65535/* soft nofile 655350/g' /etc/security/limits.conf
sed -i 's/* hard nofile 65535/* hard nofile 655350/g' /etc/security/limits.conf
sed -i 's#*          soft    nproc     4096##' /etc/security/limits.d/20-nproc.conf


chown -R elasticsearch.elasticsearch /data/es
chown -R elasticsearch.elasticsearch /data/esback
chown -R elasticsearch.elasticsearch /usr/local/elk/elasticsearch-7.5.1

# 主节点配置
[root@sz_ms_influenex_es_dev01_17_19 elasticsearch-7.5.1]# cat config/elasticsearch.yml
cluster.name: influenex_elk_uat
node.name: influenex_elk01
path.data: /data/es/data
path.logs: /data/es/logs
path.repo: ["/data/esback"]
bootstrap.memory_lock: true
network.host: 10.10.17.19
http.port: 9200
transport.tcp.port: 9300
node.master: true
node.data: true
discovery.seed_hosts: ["10.10.17.19:9300", "10.10.17.20:9300", "10.10.17.21:9300"]
cluster.initial_master_nodes: ["10.10.17.19"]
gateway.recover_after_nodes: 2
transport.tcp.compress: true

# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 300s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 180s

# 密码部分的配置最好等集群配置没有问题后再进行
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12



influenex_elk02

# 第二个节点配置

[elasticsearch@sz_ms_influenex_es_dev02_17_20 elasticsearch-7.5.1]$ cat config/elasticsearch.yml
cluster.name: influenex_elk_uat
node.name: influenex_elk02
path.data: /data/es/data
path.logs: /data/es/logs
path.repo: ["/data/esback"]
bootstrap.memory_lock: true
network.host: 10.10.17.20
http.port: 9200
transport.tcp.port: 9300
node.master: false
node.data: true
discovery.seed_hosts: ["10.10.17.19:9300", "10.10.17.20:9300", "10.10.17.21:9300"]
cluster.initial_master_nodes: ["10.10.17.19"]
gateway.recover_after_nodes: 2
transport.tcp.compress: true

# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 300s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 180s

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12


influenex_elk03 配置

[elasticsearch@sz_ms_influenex_es_dev03_17_21 elasticsearch-7.5.1]$ cat config/elasticsearch.yml
cluster.name: influenex_elk_uat
node.name: influenex_elk03
path.data: /data/es/data
path.logs: /data/es/logs
path.repo: ["/data/esback"]
bootstrap.memory_lock: true
network.host: 10.10.17.21
http.port: 9200
transport.tcp.port: 9300
node.master: false
node.data: true
discovery.seed_hosts: ["10.10.17.19:9300", "10.10.17.20:9300", "10.10.17.21:9300"]
cluster.initial_master_nodes: ["10.10.17.19"]
gateway.recover_after_nodes: 2
transport.tcp.compress: true

# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 300s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 180s

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elk/elasticsearch-7.5.1/config/elastic-certificates.p12



[elasticsearch@sz_ms_influenex_es_dev01_17_19 elasticsearch-7.5.1]$ bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]


# 检查集群的配置
[elasticsearch@sz_ms_influenex_es_dev01_17_19 elasticsearch-7.5.1]$ curl -u elastic:pass10.10.17.19:9200/_cluster/health?pretty
{
  "cluster_name" : "influenex_elk_uat",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 1,
  "active_shards" : 2,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

标签:elasticsearch7.5,elasticsearch,10.10,集群,security,password,data,es,centos7.7
来源: https://www.cnblogs.com/reblue520/p/12219116.html

本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享;
2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关;
3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关;
4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除;
5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。

关于我们 | 联系我们 | 留言反馈

专注分享技术,共同学习,共同进步。侵权联系[81616952@qq.com]

Copyright (C)ICode9.com, All Rights Reserved.

ICode9版权所有