elasticsearch 环境及部署操作步骤

基础环境准备

环境信息：jdk  1.8.4  elasticsearch 版本 ：7.9.1  

部署主机：
110.250.98.39
110.250.98.40
110.250.98.41
110.250.98.42

端口：master节点端口  12480  传输端口 12580    、data节点端口  12490   传输端口 12590 

存储：数据存储路径：/data/data/es_data 、日志存储路径：/data/logs/es_logs

命名规则：node.name 命名规则  ，项目_节点分类（数据节点还是master节点）_ip标识_端口
如：运维日志分析数据节点  ：ops_data_node_39_12490
       运维日志分析master节点：ops_master_node_39_12480

初次建议规划好node.name命名规则（如果自己测试可以忽略）

路径规划：mkdir  -p /data/cluster/es_cluster

关键目录创建：

mastser创建
mkdir -p /data/data/es_data/ops_master_node_12480
mkdir -p  /data/logs/es_logs/ops_master_node_12480
data节点创建：
mkdir -p /data/data/es_data/ops_data_node_12490
mkdir -p /data/logs/es_logs/ops_data_node_12490

elasticsearch 安装

步骤1、下载elasticsearch  (具体下载地址忽略)

步骤2、生成密钥（自行测试可以忽略，生产使用建议添加）

进入eslasticsearch 解压目录 执行：bin/elasticsearch-certutil cert -out config/ops-certificates.p12 -pass "" 

说明：只需要在一台主机执行，其他主机copy即可。

步骤3、节点配置

master节点配置：
cluster.name: ops_cluster_01
node.name: ops_master_node_39_12480
node.master: true
node.data: false
node.ingest: false
path.data: /data/data/es_data/ops_master_node_12480
path.logs: /data/logs/es_logs/ops_master_node_12480
network.host: 110.250.98.39
http.port: 12480
transport.tcp.port: 12580
discovery.seed_hosts:
        - 110.250.98.39:12580
        - 110.250.98.40:12580
        - 110.250.98.41:12580
        - 110.250.98.42:12580
cluster.initial_master_nodes:
        - ops_master_node_39_12480

data节点配置：
cluster.name: ops_cluster_01
node.name: ops_data_node_39_12490
node.master: false
node.data: true
node.ingest: false
path.data: /data/data/es_data/ops_data_node_12490
path.logs: /data/logs/es_logs/ops_data_node_12490
network.host: 110.250.98.39
http.port: 12490
transport.tcp.port: 12590
discovery.seed_hosts:
        - 110.250.98.39:12580
        - 110.250.98.40:12580
        - 110.250.98.41:12580
        - 110.250.98.42:12580
cluster.initial_master_nodes:
        - ops_master_node_39_12480
jvm.options 修改（主要修改es内存使用等）：
-Xms32g
-Xmx32g

8-13:-XX:+UseConcMarkSweepGC
8-13:-XX:CMSInitiatingOccupancyFraction=75
8-13:-XX:+UseCMSInitiatingOccupancyOnly

14-:-XX:+UseG1GC
14-:-XX:G1ReservePercent=25
14-:-XX:InitiatingHeapOccupancyPercent=30

-Djava.io.tmpdir=${ES_TMPDIR}

-XX:+HeapDumpOnOutOfMemoryError
-XX:HeapDumpPath=data
-XX:ErrorFile=/data/logs/es_logs/ops_master_node_39_12480/hs_err_pid%p.log
8:-XX:+PrintGCDetails
8:-XX:+PrintGCDateStamps
8:-XX:+PrintTenuringDistribution
8:-XX:+PrintGCApplicationStoppedTime
8:-Xloggc:/data/logs/es_logs/ops_master_node_39_12480/gc.log
8:-XX:+UseGCLogFileRotation
8:-XX:NumberOfGCLogFiles=32
8:-XX:GCLogFileSize=64m
9-:-Xlog:gc*,gc+age=trace,safepoint:file=/data/logs/es_logs/ops_master_node_39_12480/gc.log:utctime,pid,tags:filecount=32,filesize=64m

修改配置elasticsearch.yml（尾部添加）【如果需要增加密码可以添加一下步骤】
master节点配置
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /data/cluster/es_cluster/ops_master_node_12480/config/ops-certificates.p12
xpack.security.transport.ssl.truststore.path: /data/cluster/es_cluster/ops_master_node_12480/config/ops-certificates.p12
data节点配置：
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /data/cluster/es_cluster/ops_data_node_12490/config/ops-certificates.p12
xpack.security.transport.ssl.truststore.path: /data/cluster/es_cluster/ops_data_node_12490/config/ops-certificates.p12 

步骤4、copy到其他集群主机

同步其他集群主机，需要修改的参数，进入elasticsearch的config 目录 修改elasticsearch.yml

master节点修改：node.name、network.host

data节点修改：node.name、network.host

步骤5、启动elasticsearch 

kill进程：ps -ef | grep elastic  | grep data  | grep -v grep |awk '{print $2}' | xargs kill

或ps -ef  | grep elastic 

说明：kill 主要是为已经尝试启动kill使用，标红颜色建议先执行 ps -ef  | grep elastic 

进入安装目录：

cd /data/cluster/es_cluster/ops_master_node_12480/bin

./elasticsearch -d
cd /data/cluster/es_cluster/ops_data_node_12490/bin
./elasticsearch -d

启动后进行日志查看是否正常启动集群是否正常，确认正常后可以进行密码设置

步骤6、密码设置

手动设置密码：bin/elasticsearch-setup-passwords interactive 

自动生成密码：bin/elasticsearch-setup-passwords auto

密码修改命令：

修改密码命令（未作验证）
curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:12480/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'

说明：

node.master: true  说明：是否是master节点有选举权
node.data: false   说明：是否是数据节点，无选举券
node.ingest: true  说明：是否允许客户端连接 

参考文档：

密码设置参考文档 ：
https://blog.csdn.net/b1303110335/article/details/108063349
https://www.cnblogs.com/snail90/p/11444393.html
https://blog.csdn.net/weixin_33815613/article/details/91427782

自定义角色 
https://blog.csdn.net/weixin_34198762/article/details/91639931

node设置参考
https://blog.csdn.net/kjh2007abc/article/details/85001348
kibana
https://blog.csdn.net/qq_41631365/article/details/109181240