笨笨天地https://www.elastic.co/cn/downloads/
准备三台ES服务器:
192.168.140.197
192.168.140.198
192.168.140.1991、系统设置
Elasticsearch不能在 root 用户下启动,我们需要在三台机器上分别创建一个普通用户:
# 创建elk用户
useradd elk
# 设置用户密码
passwd elk
# 切换到elk用户
su elk分别在三台机器上的 /data/ 目录下创建elasticsearch文件夹,然后在elasticsearch文件夹下分别创建data、logs文件夹:
cd /data
mkdir elasticsearch
cd elasticsearch
if在生产环境下我们要把Elasticsearch生成的索引文件数据存放到自定义的目录下
data:存储Elasticsearch索引文件数据
logs:存储日志文件
2、配置Elasticsearch
我们只需要简单的配置一下Elasticsearch就可以使用了
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.12.0-linux-x86_64.tar.gz
tar -zxvf elasticsearch-7.12.0-linux-x86_64.tar.gz -C /usr/local
ln -sf /usr/local/elasticsearch-7.12.0 /usr/local/elasticsearch修改配置:
vim /usr/local/elasticsearch/config/elasticsearch.yml修改结果如下:
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: vodjk
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /data/elasticsearch/data
#
# Path to log files:
#
path.logs: /data/elasticsearch/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
#
network.host: 192.168.140.197
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["es-1", "es-2", "es-3"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
action.destructive_requires_name: true
这里注意在/etc/hosts里解析es-1、es-2、es-3
主要修改如下几处配置:
- cluster.name:集群的名称,集群中所有节点的
cluster.name的值必须要相同。 - node.name:集群中每个Elasticsearch的节点名称,不可以重复。
- path.data:设置存放Elasticsearch索引文件数据的路径。
- path.logs:设置存放日志文件的路径。
- network.host:Elasticsearch绑定的IP,外界可以通过这个IP访问到当前Elasticsearch节点,一般配配置当前系统的IP,或者
0.0.0.0(任何地址都能访问到)。 - http.port:当前启动Elasticsearch的端口号,一般默认
9200即可,当然你也可以修改 - discovery.seed_hosts:配置所有Elasticsearch节点绑定的IP地址。
- cluster.initial_master_nodes:配置那些节点可以有资格被选为主节点。
- xpack.monitoring.collection.enabled:收集监控数据默认为false不收集监控数据。
我们已经配置好一台Elasticsearch节点了接下来我们只需要把这台配置好的Elasticsearch复制到另外两台机器中在做一些简单的修改就就可以了。
主要修改:
node.name: node-2
network.host: 192.168.140.1983、启动Elasticsearch
从命令行运行Elasticsearch
Elasticsearch可以从命令行启动,如下所示:
./bin/elasticsearch作为后台启动
要将Elasticsearch作为后台程序运行,请在命令中指定-d,然后使用-p将进程ID记录在文件中:
./bin/elasticsearch -d -p pidPS:常见错误
1、设置虚拟内存
ERROR: [1] bootstrap checks failed
[1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]将虚拟内存设置大一些,否则在启动elasticsearch时会出错导致启动失败:
输入 vi /etc/sysctl.conf 命令在 sysctl.conf 中配置如下内容:
vm.max_map_count=655360
sysctl -p2、设置最大文件描述符
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at
least [65536]错误说明:elasticsearch过程的最大文件描述符 [4096] 太低,增加到
最少 [65536]
输入 vi /etc/security/limits.conf 命令在 limits.conf 中配置如下内容:
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 40963、设置最大线程数
[2]: max number of threads [1024] for user [elsearch] is too low, increase to at least[4096]错误说明:线程[1024]用户[elsearch]的最大数量太低,增加至少[4096]
输入 vi /etc/security/limits.d/20-nproc.conf 命令在 20-nproc.conf 中配置如下内容:
* soft nproc 40964、SecComp
[3]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk错误说明:系统调用过滤器安装失败;检查日志和修复配置或禁用系统调用过滤器需要您自担风险
这是在因为 Centos7 不支持 SecComp ,而ES5.2.0之后默认 bootstrap.system_call_filter 为true进行检测,所以导致检测失败,失败后直接导致ES不能启动。
输入 vim config/elasticsearch.yml 命令,在 elasticsearch.yml 中配置如下内容:
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
# 设置为false不进行检测
bootstrap.system_call_filter: false
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#检查集群
面我们已经搭建好了三个节点的集群,并且已经启动了。
接下来我们来检查一下集群是否已经形成,给三台服务器中的任意一台发送http请求:
http://192.168.140.197:9200/_cat/health?v应该会反馈如下内容:
cluster:显示的是当前集群的名称
status:显示的是 green 表示当前集群是健康的状态
node.total:显示 3 表示当前集群有三个节点
最后我们的Elasticsearch集群已经搭建好了,本教程主要参考Elastic官方文档和https://segmentfault.com/a/1190000021589726。
