# 下载
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.17.4-linux-aarch64.tar.gz
# 解压
tar -zxvf elasticsearch-8.17.4-linux-x86_64.tar.gz
mv elasticsearch-8.17.4 elasticsearch
1.1.2、修改配置文件
进入elasticsearch目录下的 elasticsearch.yml修改如下属性:
cluster.name:集群名称,根据自己业务启个合适的名字
node.name:给节点起个名字,一般使用node-1 、node-2 、…
path.data:数据存放的位置,比如:/data/elasticsearch/data
path.logs:日志存放的位置,比如:/data/elasticsearch/logs
network.host:配置成本机 IP 地址,用于集群机器之间相互通信。
http.port:ES 服务访问的端口号,比如:9200
discovery.type: single-node # 单节点模式
discovery.seed_hosts:配置为 master 候选者节点。如果要与其他节点组成集群,这里必须配置。比如:["10.20.1.29", "10.20.0.91", "10.20.0.93"]
cluster.initial_master_nodes:首次启动集群时,配置主节点的候选节点,该配置里的节点都是候选节点。比如:["node-1", "node-2", "node-3"]
首次启动后不要修改 cluster.initial_master_nodes,否则会导致集群无法启动
xpack.security.http.ssl.enabled: false #https 禁用
# 支持跨域请求
http.cors.enabled: true
http.cors.allow-origin: "*"
#安全
xpack.security.enabled: true
xpack.security.enrollment.enabled: true #kibana
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate # full
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
进入到elasticsearch目录下执行如下命令启动 ES
./bin/elasticsearch -d
创建专用用户运行 Elasticsearch
# 创建 elasticsearch 用户组和用户
sudo groupadd elasticsearch
sudo useradd -g elasticsearch -d /opt/elasticsearch -s /bin/bash elasticsearch
su elasticsearch
# 将 Elasticsearch 目录权限赋给新用户
sudo chown -R elasticsearch:elasticsearch /opt/elasticsearch
# 切换到 elasticsearch 用户并启动
sudo -u elasticsearch /opt/elasticsearch/bin/elasticsearch
# 查看当前目录权限
ls -ld /opt/data/es
# 授予elasticsearch用户权限(假设运行用户是elasticsearch)
sudo chown -R elasticsearch:elasticsearch /opt/data/es
sudo chmod -R 750 /opt/data/es
虚拟内存不够
# 编辑 sysctl 配置文件
echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
# 应用修改
sudo sysctl -p
可操作性的文件句柄数不够
vim /etc/security/limits.conf
*** hard nofile 65536
*** soft nofile 65536
ps aux | grep elasticsearch
生成证书
# 生成新的CA证书
./bin/elasticsearch-certutil ca --pass "" --out config/certs/elastic-stack-ca.p12
# 使用CA签发节点证书
./bin/elasticsearch-certutil cert --ca config/certs/elastic-stack-ca.p12 --pass "" --out config/certs/elastic-certificates.p12
# 为每个节点生成包含相同CA的证书
./bin/elasticsearch-certutil cert \
--ca config/certs/elastic-stack-ca.p12 \
--name "node-1" \
--dns "node1.cluster.local" \
--ip "192.168.1.1" \
--out config/certs/node-1.p12
测试
curl -k -u elastic:your_password https://localhost:9200
生成 kibana2 用户密码 和角色
curl -u elastic:d5BoYedyAm5CLoC5w5WZ -X POST "http://localhost:9200/_security/user/kibana2" -H "Content-Type: application/json" -d '{
"password": "SuperSecure123!",
"roles": ["kibana_admin"],
"full_name": "Kibana Secondary User",
"email": "kibana2@example.com"
}'
修改 角色
curl -u elastic:d5BoYedyAm5CLoC5w5WZ -X PUT "https://localhost:9200/_security/user/kibana2" -H "Content-Type: application/json" -d '
{
"roles": ["superuser"]
}'
查看所有用户
http://orasing.arick.top:7802/_security/user
重置密码
./bin/elasticsearch-reset-password -u elastic
生成token
./bin/elasticsearch-service-tokens create elastic/kibana kibana
./bin/elasticsearch-create-enrollment-token -s kibana
warning: ignoring JAVA_HOME=/usr/java/jdk-17; using bundled JDK
eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTAuMC4wLjExOjc4MDIiXSwiZmdyIjoiOGJlYmQ3ZDgzMjIxYTBhM2Y2NGQwODMzMDAwYTgzNDM5ZDFiZDBlZDAyMjFkOGM3ODFiZDQxMmU4M2Q0MjlkNiIsImtleSI6IncwY1ZGSllCNkV5bklxVDhtUFhMOkc2M24zV1NnU04tdzZtRmxERUZuR0EifQ==
生成 api-key
curl -k -u elastic:xxxx -X POST "https://localhost:9200/_security/api_key" -H "Content-Type: application/json" -d '{
"name": "my-api-key",
"expiration": "1d"
}'
https://github.com/infinilabs/analysis-pinyin
https://github.com/infinilabs/analysis-ik/