es8.8 集群安装笔记

这篇具有很好参考价值的文章主要介绍了es8.8 集群安装笔记。希望对大家有所帮助。如果存在错误或未考虑完全的地方,请大家不吝赐教,您也可以点击"举报违法"按钮提交疑问。


本次安装使用centos8
3节点安装:
192.168.182.142
192.168.182.143
192.168.182.144

官网 可以查看详细的安装,安装步骤比较简单
https://www.elastic.co/guide/en/elasticsearch/reference/8.8/rpm.html#rpm-repo

直接安装,需要配置仓库
 cd  /etc/yum.repos.d/
 vielasticsearch.repo

[elasticsearch]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=0
autorefresh=1
type=rpm-md

sudo yum install --enablerepo=elasticsearch elasticsearch  -y

开机启动
sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable elasticsearch.service
启动/停止
sudo systemctl start elasticsearch.service
sudo systemctl stop elasticsearch.service
查看状态
sudo systemctl status elasticsearch.service

journalctl --unit elasticsearch

修改系统最大文件句柄数(修改后需要重启系统才能生效)
# vi /etc/security/limits.conf
*       soft    nproc   65535
*       hard    nproc   65535
*       soft    nofile  65535
*       hard    nofile  65535

reboot

修改最大虚拟内存
 vi /etc/sysctl.conf
vm.max_map_count=655360

访问需要用https https://127.0.0.1:9200/
默认用户 elastic
密码就是安装的时候打印到屏幕上的密码

配置集群

8.8 使用 创建token 这一招,没有奏效,于是乎在官网各种爬。

第一步 修改配置文件

node1

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: es
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 192.168.182.143
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["192.168.182.142", "192.168.182.143","192.168.182.144"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["node1", "node2", "node3"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false

#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically      
# generated to configure Elasticsearch security features on 01-07-2023 14:38:29
#
# --------------------------------------------------------------------------------

# Enable security features
xpack.security.autoconfiguration.enabled : true
xpack.security.enabled: true


xpack.security.enrollment.enabled: true
xpack.security.transport.ssl.verification_mode: none

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/elastic-certificates.p12
  truststore.path: certs/elastic-certificates.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
#cluster.initial_master_nodes: ["localhost.localdomain"]

# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0

# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
transport.host: 0.0.0.0
transport.port: 9300

#----------------------- END SECURITY AUTO CONFIGURATION -------------------------
node.roles: [master,data]

主要修改点:
····
cluster.name: es
node.name: node1
network.host: 192.168.182.143
添加如下两个节点启动之后不会自动创建集群
discovery.seed_hosts: [“192.168.182.142”, “192.168.182.143”,“192.168.182.144”]
cluster.initial_master_nodes: [“node1”, “node2”, “node3”]
transport.host: 0.0.0.0
transport.port: 9300
node.roles: [master,data]

····

配置文件修改完成之后,启动节点。报错如下:

[2023-07-08T00:24:27,553][WARN ][o.e.x.c.s.t.n.SecurityNetty4Transport] [node2] client did not trust this server's certificate, closing connection Netty4TcpChannel{localAddress=/192.168.182.143:9300, remoteAddress=/192.168.182.144:36500, profile=default}
[2023-07-08T00:24:28,420][WARN ][o.e.d.PeerFinder         ] [node2] address [192.168.182.142:9300], node [null], requesting [false] discovery result: [][192.168.182.142:9300] connect_exception: Failed execution: 

原因是因为没有配置通信证书。

找到一篇安全配置的文章
es安全配置

生成证书:
生成集群节点证书:

生成ca证书
./bin/elasticsearch-certutil ca
使用ca证书生成集群通信证书
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

把证书复制到其他节点/etc/elasticsearch/certs 目录中

把证书密钥添加至本地密钥库

./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password


./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

节点更新完成之后重启各个节点,查看节点状态,集群创建成功。
es8.8 集群安装笔记,运维
状态查询
curl -XGET"http://localhost:9200/_cluster/health?pretty=true"
查询Elasticsearch运行状态
curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
查询集群节点信息
curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200/_cluster/health?pretty=true

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200/_cat/nodes

142 qvKpUo1_T1yqgkpn_KMk

生成token
/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node

/usr/share/elasticsearch/bin/elasticsearch-certutil cert

/usr/share/elasticsearch/bin/elasticsearch --enrollment-token eyJ2ZXIiOiI4LjguMiIsImFkciI6WyIxOTIuMTY4LjE4Mi4xNDI6OTIwMCJdLCJmZ3IiOiIxNDdjOWE5NGMwZDUwNTk2NWMwYWE0MmEyNDg3YzVkMjUyMWYzNjc5Y2QxZmMxOTBmYTg5ZDUxOTJlOTM1NjE4Iiwia2V5IjoibTkzMUZJa0JtRy1SVjJfNjZfYzk6M0hZN0Mxam5Uak9LWEVJQTJpN3BjUSJ9

常见问题汇总:

1.ERROR: Skipping security auto configuration because it appears that the node is not starting up for the first time. The node might already be part of a cluster and this auto setup utility is designed to configure Security for new clusters only

这个是因为安装好之后启动过一次,之后注册节点没成功。

2.Skipping security auto configuration because this node is configured to bootstrap or to join a multi-node cluster, which is not supported

不能删除安全项配置,

xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
  1. ERROR: Skipping security auto configuration because it appears that security is already configured

    安装好之后配置了集群但是注册失败,具体原因还得继续排除

  2. java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors

    这种问题是开启了安全模式,各个节点没有配置证书的原因导致文章来源地址https://www.toymoban.com/news/detail-542816.html

到了这里,关于es8.8 集群安装笔记的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处: 如若内容造成侵权/违法违规/事实不符,请点击违法举报进行投诉反馈,一经查实,立即删除!

领支付宝红包 赞助服务器费用

相关文章

  • 最新安装es8.12.2、es-ik分词器、kibana-8.12.2

    目录 下载官网安装包 百度网盘 提取码:koko Elasticsearch官网 es-ik分词器下载地址 kibana下载地址 es安装部署 上传安装包 解压 添加用户组添加用户 更改目录 Owner 更换es用户 修改 config 包下配置文件 elasticsearch.yml 如下: 修改启动内存大小 启动es 测试验证 本地访问不了原因: 1、

    2024年03月18日
    浏览(53)
  • docker安装es8.x及elasticSearch8部分api使用

    docker中安装es8 1、es8的tar下载地址: tar包下载地址) 2、docker load -i es-name 3、docker run -d --name elasticsearch-8.6.2 -e ES_JAVA_OPTS=“-Xms256m -Xmx256m” -p 9200:9200 -p 9300:9300 -e “discovery.type=single-node” elasticsearch:8.6.2 4、8开始以后不支持直接使用http方式访问es: 4.1、cd /usr/share/elasticsearch/config 4

    2024年02月12日
    浏览(49)
  • 【运维知识大神篇】超详细的ELFK日志分析教程4(ES读写文档原理+集群角色+master节点与数据节点分离+Logstash安装部署+Logstash采集本地文件+采集Nginx日志)

    本篇文章继续给大家介绍ELFK日志分析的有关内容,我们的ES和Kibana都介绍的差不多了,所以本篇文章重点介绍Logstash的有关内容,介绍完毕后,我们的ELFK架构将初步形成,此外还有ES读写文档的原理,了解原理,更深层次的理解,使用ES,集群角色和master节点与数据节点分离,

    2024年02月02日
    浏览(58)
  • java与es8实战之四:SpringBoot应用中操作es8(无安全检查)

    这里分类和汇总了欣宸的全部原创(含配套源码):https://github.com/zq2599/blog_demos 本篇是《java与es8实战》系列的第四篇,系列文章写到现在,连个HelloWorld都没运行起来,实在说不过去了... 因此,本篇总体目标明确:实战在SpringBoot应用中操作elasticsearch8 为了降低难度,本篇部署的

    2024年02月11日
    浏览(40)
  • Java与es8实战之二:Springboot集成es8的Java Client

    配置springboot的application.yml 配置es的自签证书 执行如下命令将es容器中的crt文件复制到本地 docker cp 容器名称:/usr/share/elasticsearch/config/certs/http_ca.crt . 将crt文件放至springboot项目的resource路径下

    2024年02月12日
    浏览(42)
  • ES8生产实践——pod日志采集(Fluentd方案)

    Fluentd是一个是一个开源的日志收集和传输工具,旨在解决日志数据的收集、传输和处理问题,它可以收集来自于各种系统或应用的日志,转化为用户指定的格式后,转发到用户所指定的日志存储系统之中。 用图来说明问题的话,在没有使用之前Fluentd,日志采集过滤存储流程

    2024年02月09日
    浏览(42)
  • ElasticSearch第二章(ES8.X的使用)

    目录 1:ES的使用(DSL创建索引库-相当于表) 1.1:什么是索引库 1.2:索引库的增删改查使用 2:ES的使用(DSL操作文档-相当于数据) 2.1:什么是文档 2.2:文档的增删改查 3:java代码开发 3.1:准备工作 3.2:代码操作索引(也就是表的增删改查) 3.3:代码操作文档(也就是数

    2024年03月23日
    浏览(47)
  • es8 text类型使用term精确查询失效

    问题: 在使用term精确查询text 类型时,比如phone 手机号数值时可以查询到,使用nickname 这种text 查询不到。 我的mapping 是这样的     解决: 1. 通过es提供的测试分词的接口,我们可以测试各字段的分词情况 分别分词为’北‘,京,大,学,并没有我想要的整体的一块的分词

    2023年04月11日
    浏览(42)
  • 【好书推荐】JavaScript Es8 函数式编程实践入门

    Anto Aravinth从事软件行业已经6年多了。他开发了许多用新技术编写的系统。Anto了解JavaScript的基础知识及其工作方式,并培训了许多人。Anto在业余时间也做OSS,他喜欢打乒乓球。 Srikanth Machiraju作为开发人员、架构师、技术培训师和社区发言人,拥有超过10年的工作经验。他目

    2024年02月08日
    浏览(40)
  • java与es8实战之一:以builder pattern开篇

    这里分类和汇总了欣宸的全部原创(含配套源码):https://github.com/zq2599/blog_demos 《java与es8实战》系列是欣宸与2022年夏季推出的原创系列,如标题所述,该系列从一个java程序员视角去学习和实践elasticsearch的8.2版本,目标是与大家一起掌握与elasticsearch开发相关的技能,以应对实

    2024年02月11日
    浏览(38)

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

博客赞助

微信扫一扫打赏

请作者喝杯咖啡吧~博客赞助

支付宝扫一扫领取红包,优惠每天领

二维码1

领取红包

二维码2

领红包