Debian部署集群Elasticsearch7.17+Kibana
1、安装依赖
安装 Java 开发工具包
apt install openjdk-17-jdk -y
2、配置系统参数
编辑 /etc/security/limits.conf 文件,添加以下内容:
* soft nofile 65536
* hard nofile 65536
* soft nproc 102400
* hard nproc 409600
* hard memlock unlimited
* soft memlock unlimited
增加虚拟内存限制
编辑 /etc/sysctl.conf 文件,添加或修改以下内容:
vm.max_map_count = 262144
或者
echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
更改应用
sysctl -p
3、安装 Elasticsearch集群
手动下载安装Elasticsearch 7.17
#下载安装包
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.27-amd64.deb
#安装
dpkg -i elasticsearch-7.17.27-amd64.deb
修改配置文件/etc/elasticsearch/elasticsearch.yml
cluster.name: EsProduce
node.name: EsProduce-01
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 10.101.250.150
http.port: 9200
discovery.seed_hosts: ["10.11.250.50","10.11.250.51","10.11.250.52","10.11.250.53"]
cluster.initial_master_nodes: ["10.11.250.50","10.11.250.51","10.11.250.52","10.11.250.53"]
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "X-Requested-With, Content-Type, Content-Length, X-User, Authorization"
ingest.geoip.downloader.enabled: false
#先配置集群成功后再配置以下证书开启账号密码,然后重启服务
#------------------
#开启用户名密码
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
#节点证书配置
#xpack.security.transport.ssl.keystore.secure_password: "xxx"
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/elastic-certificates.p12
#xpack.security.transport.ssl.truststore.secure_password: "xxx"
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/elastic-certificates.p12
xpack.security.transport.ssl.verification_mode: certificate
生成CA和节点证书
/usr/share/elasticsearch/bin/elasticsearch-certutil ca -out /etc/elasticsearch/certs/elastic-stack-ca.p12 -pass ""
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca /etc/elasticsearch/certs/elastic-stack-ca.p12 -out /etc/elasticsearch/certs/elastic-certificates.p12 -pass ""
或
/usr/share/elasticsearch/bin/elasticsearch-certutil ca
#输入
/etc/elasticsearch/certs/elastic-stack-ca.p12
#继续
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca /etc/elasticsearch/certs/elastic-stack-ca.p12
#输入
/etc/elasticsearch/certs/elastic-certificates.p12
设置权限
chmod 644 /etc/elasticsearch/certs/elastic-certificates.p12
设置用户名和密码
/usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
密码涉及账号,都输入一样密码
elastic
apm_system
kibana_system
logstash_system
beats_system
remote_monitoring_user
自启动
systemctl daemon-reload
systemctl enable elasticsearch.service
#启动
systemctl start elasticsearch.service
4、分词器
ik下载地址:
https://release.infinilabs.com/analysis-ik/stable/
下载对应版本的
新建ik目录,解压下来上传上去
#目录绝对地址
/usr/share/elasticsearch/plugins/ik/
配置config
#创建自定义分词文件
cd /usr/share/elasticsearch/plugins/ik/config
#创建文件,注意(修改为可读写权限)
touch ext_mydict.dic
touch ext_mystopwords.dic
chmod 666 ext_mydict.dic
chmod 666 ext_mystopwords.dic
#修改分词器的配置
vim IKAnalyzer.cfg.xml
#修改成下面配置
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
<comment>IK Analyzer 扩展配置</comment>
<!--用户可以在这里配置自己的扩展字典 -->
<entry key="ext_dict">ext_mydict.dic</entry>
<!--用户可以在这里配置自己的扩展停止词字典-->
<entry key="ext_stopwords">ext_mystopwords.dic</entry>
<!--用户可以在这里配置远程扩展字典 -->
<!-- <entry key="remote_ext_dict">words_location</entry> -->
<!--用户可以在这里配置远程扩展停止词字典-->
<!-- <entry key="remote_ext_stopwords">words_location</entry> -->
</properties>
#退出
:q
#添加特殊分词
vim ext_mydict.dic
输入:印刷不良
#保存退出
:wq
#重启es
systemctl restart elasticsearch
5、安装Kibana
Kibana 的 Debian 软件包 v7.17.27
#下载安装包
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.17.27-amd64.deb
#安装
dpkg -i kibana-7.17.27-amd64.deb
配置Kibana
vim /etc/kibana/kibana.yml
#配置如下
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://10.11.250.50:9200"]
kibana.index: ".kibana" #可开启,此项不开启也可以
i18n.local: "zh-CN" #此项去除注释并改为zh-CN
elasticsearch.username: "elastic"
elasticsearch.password: "之前设置的密码"
自启动
systemctl daemon-reload
systemctl enable kibana.service
#启动
systemctl start kibana.service