简介:Elasticsearch是个开源分布式搜索引擎,它的特点有:分布式,零配置,自动发现,索引自动分片,索引副本机制,restful风格接口,多数据源,自动搜索负载等
#环境介绍
CentOS Linux release 7.2.1511 (Core) X64
elasticsearch-6.1.1
java version “1.8.0_112”
node1 172.16.1.6
node2 172.16.1.3
node3 172.16.1.14
#软件下载
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.1.1.tar.gz
#软件安装
tar -xf elasticsearch-6.1.1.tar.gz
#这是一个bin包,解压即可用,需要安装jdk8以上的版本,必须是oracle jdk 8以上的版本才行
#创建软连接
ln -s elasticsearch-6.1.1 elasticsearch ls elasticsearch bin config data lib LICENSE.txt logs modules NOTICE.txt plugins README.textile #目录介绍 bin #放的都是可执行文件,安装插件以及启动服务的二进制文件 config #放的是配置文件 data #默认存放数据的目录,可以通过配置文件修改 lib #存放lib包文件的地方 logs #默认存放日志的目录,可以通过配置文件修改 modules #存放modules文件的地方 plugins #插件存放目录
#安装x-pack插件
elasticsearch/bin/elasticsearch-plugin install x-pack
#破解x-pack
请参考:https://blog.espnlol.com/?p=192
#修改配置文件
#修改elastic的内存大小,最大建议设置不超过32G,java虚拟机决定的
vim /config/jvm.options # Xms represents the initial size of total heap space # Xmx represents the maximum size of total heap space -Xms6g -Xmx6g
#修改主配置文件,增加集群信息
vim config/elasticsearch.yml cluster.name: clustername node.master: true node.data: true node.name: "node1" network.host: 172.16.1.6 discovery.zen.ping.unicast.hosts: ["172.16.1.6:9300","172.16.1.3:9300","172.16.1.14:9300"] xpack.ssl.key: /data/elk/elasticsearch/config/x-pack/node.key xpack.ssl.certificate: /data/elk/elasticsearch/config/x-pack/node.crt xpack.ssl.certificate_authorities: [ "/data/elk/elasticsearch/config/x-pack/ca.crt" ] xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.enabled: true xpack.security.enabled: true
cluster.name: clustername #集群名称
node.master: true #是否可以成为master
node.data: true #是否可以成为datanode
node.name: “node1” #节点名称
network.host: 172.16.1.6 #服务器启用时使用当前ip
discovery.zen.ping.unicast.hosts: [“172.16.1.6:9300″,”172.16.1.3:9300″,”172.16.1.14:9300”] #单播配置下,节点向指定的主机发送单播请求
xpack.ssl.key: /data/elk/elasticsearch/config/x-pack/node.key #key证书
xpack.ssl.certificate: /data/elk/elasticsearch/config/x-pack/node.crt #crt证书
xpack.ssl.certificate_authorities: [ “/data/elk/elasticsearch/config/x-pack/ca.crt” ] #ca证书认证
xpack.security.transport.ssl.verification_mode: certificate #节点间认证类型
xpack.security.transport.ssl.enabled: true #开启节点间通信的x-packopenssl证书认证
xpack.security.enabled: true #开启x-pack安全认证
#通过x-pack自带的certgen生成证书
elasticsearch/bin/x-pack/certgen
This tool assists you in the generation of X.509 certificates and certificate
signing requests for use with SSL in the Elastic stack. Depending on the command
line option specified, you may be prompted for the following:
* The path to the output file
* The output file is a zip file containing the signed certificates and
private keys for each instance. If a Certificate Authority was generated,
the certificate and private key will also be included in the output file.
* Information about each instance
* An instance is any piece of the Elastic Stack that requires a SSL certificate.
Depending on your configuration, Elasticsearch, Logstash, Kibana, and Beats
may all require a certificate and private key.
* The minimum required value for each instance is a name. This can simply be the
hostname, which will be used as the Common Name of the certificate. A full
distinguished name may also be used.
* A filename value may be required for each instance. This is necessary when the
name would result in an invalid file or directory name. The name provided here
is used as the directory name (within the zip) and the prefix for the key and
certificate files. The filename is required if you are prompted and the name
is not displayed in the prompt.
* IP addresses and DNS names are optional. Multiple values can be specified as a
comma separated string. If no IP addresses or DNS names are provided, you may
disable hostname verification in your SSL configuration.
* Certificate Authority private key password
* The password may be left empty if desired.
Let's get started...
Please enter the desired output file [certificate-bundle.zip]: node
Enter instance name:node
Enter name for directories and files [node]:
Enter IP Addresses for instance (comma-separated if more than one) []:
Enter DNS names for instance (comma-separated if more than one) []:
Would you like to specify another instance? Press 'y' to continue entering instance information:
Certificates written to /data/elk/elasticsearch-6.1.1/certificate-bundle.zip
This file should be properly secured as it contains the private keys for all
instances and the certificate authority.
After unzipping the file, there will be a directory for each instance containing
the certificate and private key. Copy the certificate, key, and CA certificate
to the configuration directory of the Elastic product that they will be used for
and follow the SSL configuration instructions in the product guide.
For client applications, you may only need to copy the CA certificate and
configure the client to trust this certificate.
执行时会出现交互信息,只需要填写以下两项即可
Enter instance name: node #生成的实例名称
执行完毕会在当前目录生成一个certificate-bundle.zip,解压之后将对应的秘钥,按照配置文件的位置放好即可
#启动实例
elasticsearch/bin/elasticsearch -d
#更改x-pack的lincese,将我们改好的lincese载入elasticsearch
curl –XPUT –u elastic:password ‘http://$IP:9200/_xpack/license’ –H “Content-Type: application/json” –d @license.json
#查看修改是否成功
curl -XGET http://172.16.1.6:9200/_license -u elastic:password
{
“license” : {
“status” : “active”,
“uid” : “xxxxxxxx”,
“type” : “platinum”,
“issue_date” : “2017-12-29T00:00:00.000Z”,
“issue_date_in_millis” : 1514505600000,
“expiry_date” : “2099-12-30T16:00:00.000Z”,
“expiry_date_in_millis” : 4102329600000,
“max_nodes” : 999,
“issued_to” : “xxxxxxxxx”,
“issuer” : “Web Form”,
“start_date_in_millis” : 1514505600000
}
}
可以看到以上信息为白金版,过期时间为2099年12月30日,nodes最大可达999台,成功导入
#通过x-pack自带的工具setup-passwords ,设定相关初始密码,因为自动生成的密码够好够安全了,这里我选择使用自动生成
elasticsearch/bin/x-pack/setup-passwords auto
Changed password for user kibana
PASSWORD kibana = xxxxxxxxxxxxxxxx
Changed password for user logstash_system
PASSWORD logstash_system = xxxxxxxxxxxxxx
Changed password for user elastic
PASSWORD elastic = xxxxxxxxxxxxxxxx
这里生成的用户密码,就是ELK3贱客互相通信所使用的权限,要记好
#将整个elstic目录拷贝到另外两台设备上,node2,node3上,切记,要删除data下的所有东西
#修改主配置文件
vim config/elasticsearch.yml ...... node.name: "node2" network.host: 172.16.1.3 node.name: "node3" network.host: 172.16.1.14 ......
仅需要修改上述两项即可,不同的ip,对应不同的node
分别启动两台elasticsearch,集群到此搭建完毕,可以愉快的玩耍了