00000198
此处都选择部署8.19.7版本
阿里云镜像地址:https://mirrors.aliyun.com/elasticstack/8.x/
[root@elk-91 ~]# wget https://mirrors.aliyun.com/elasticstack/8.x/yum/8.19.7/elasticsearch-8.19.7-x86_64.rpm [root@elk-91 ~]# rpm -ivh elasticsearch-8.19.7-x86_64.rpm # 安装路径说明: 配置目录:/etc/elasticsearch/ 数据目录:/var/lib/elasticsearch/ 日志目录:/var/log/elasticsearch/ 二进制:/usr/share/elasticsearch/
# 创建数据目录 # 配置系统限制 [root@elk-91 ~]# tee /etc/security/limits.conf <<EOF # Elasticsearch 系统限制配置 * soft nofile 65536 * hard nofile 65536 * soft nproc 4096 * hard nproc 4096 EOF # 配置虚拟内存 [root@elk-91 ~]# vim /etc/sysctl.conf ... # Elasticsearch 内核参数 vm.max_map_count=262144 net.core.somaxconn=2048 vm.swappiness=1 ... # 应用配置 [root@elk-91 ~]# sysctl -p
主要配置文件:/etc/elasticsearch/elasticsearch.yml
[root@elk-91 ~]# vim /etc/elasticsearch/elasticsearch.yml [root@elk-91 ~]# cat /etc/elasticsearch/elasticsearch.yml # ======================== 数据路径配置 ======================== path.data: /var/lib/elasticsearch path.logs: /var/log/elasticsearch # ======================== 安全功能配置 ======================== # 启用安全模块(认证+授权) xpack.security.enabled: true # 启用自动安全注册(8.x新特性) xpack.security.enrollment.enabled: true # ======================== HTTPS配置 ======================== # REST API加密配置 xpack.security.http.ssl: enabled: true # 启用HTTPS keystore.path: certs/http.p12 # HTTPS证书路径 # ======================== 传输层安全 ======================== # 节点间通信加密 xpack.security.transport.ssl: enabled: true # 启用传输加密 verification_mode: certificate # 证书验证模式 keystore.path: certs/transport.p12 # 节点身份证书 truststore.path: certs/transport.p12 # 信任证书库 # ======================== 集群配置 ======================== # 指定集群名称 cluster.name: es-wyasw # 部署集群为单点类型 discovery.type: "single-node" # 初始主节点列表(集群引导)设置集群的时候需要,单节点不需要配置 # cluster.initial_master_nodes: ["elk-91"] # ======================== 网络配置 ======================== # 绑定到所有网络接口 http.host: 0.0.0.0
# 配置服务开机自启 [root@elk-91 ~]# systemctl daemon-reload [root@elk-91 ~]# systemctl enable elasticsearch # 启动服务 [root@elk-91 ~]# systemctl start elasticsearch # 检查服务状态 [root@elk-91 ~]# systemctl status elasticsearch # 查看启动日志 [root@elk-91 ~]# journalctl -u elasticsearch -f # 或者直接查看日志文件 [root@elk-91 ~]# tail -f /var/log/elasticsearch/wyasw.log
##这种方式也可以用来重置用户密码 # 交互式生成用户密码,用其中一个即可 [root@elk-91 ~]# cd /usr/share/elasticsearch [root@elk-91 elasticsearch]# ./bin/elasticsearch-reset-password -i -u elastic This tool will reset the password of the [elastic] user. You will be prompted to enter the password. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: ##输入密码 Re-enter password for [elastic]: ##再次输入密码 Password for the [elastic] user successfully reset. # 自动生成用户密码 [root@elk-91 ~]# cd /usr/share/elasticsearch [root@elk-91 elasticsearch]# ./bin/elasticsearch-reset-password -u elastic --auto This tool will reset the password of the [elastic] user to an autogenerated value. The password will be printed in the console. Please confirm that you would like to continue [y/N]y Password for the [elastic] user successfully reset. New value: zWBqQcCbfgX2yrlA_xNe
注意使用https:
输入用户名:elastic 密码:123456 #密码是交互式设置的
PNG