Centos7搭建部署Elasticsearch7.10.2集群（rpm安装）

Centos7搭建部署Elasticsearch7.10.2集群（rpm安装）

一、环境描述
①、系统：CentOS Linux release 7.8.2003 (Core)
②、Elasticsearch版本：Elasticsearch7.10.2
③、下载地址：https://artifacts.elastic.co/downloads/
注：本次安装采用rpm安装方式，省略配置JDK环境、创建账号、脚本启动服务等。

二、集群规划及环境部署

①、设置系统环境（三台服务器均需要操作，这里以sjyt-node-1为例）
设置主机名，并添加本地解析

[root@sjyt-node-1 src]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.20.11.40  sjyt-node-1
10.20.11.41  sjyt-node-2
10.20.11.42  sjyt-node-3

②、修改服务器文件描述符
[root@sjyt-node-1 src]#vim /etc/security/limits.conf
底部添加如下两项

* soft nofile 65535
* hard nofile 65535

③、修改max_map_count值

sysctl -w vm.max_map_count=655360
echo 'vm.max_map_count=655360' >> /etc/sysctl.conf 
sysctl -p

三、部署Elasticsearch7.10.2集群
①、安装es

[root@sjyt-node-1 src]# rpm -ivh elasticsearch-7.10.2-x86_64.rpm

②、修改es配置文件

[root@sjyt-node-1 src]# cat /etc/elasticsearch/elasticsearch.yml |grep -v '#'|grep -v '^$'
cluster.name: jsyt  #集群名称
node.name: sjyt-node-1  #节点服务器名
path.data: /var/lib/elasticsearch  #数据存放目录
path.logs: /var/log/elasticsearch  #日志存放目录
network.host: 0.0.0.0  #服务绑定IP
http.port: 9200    #服务端口
discovery.seed_hosts: ["10.20.11.40", "10.20.11.41","10.20.11.42"]  #集群主机
cluster.initial_master_nodes: ["sjyt-node-1", "sjyt-node-2","sjyt-node-3"] 
http.cors.enabled: true
http.cors.allow-origin: "*"

③、启动Elasticsearch

#设置开机启动
[root@sjyt-node-1 ~]# systemctl enable elasticsearch.service 
#启动es服务
[root@sjyt-node-1 ~]# systemctl start elasticsearch.service

[root@sjyt-node-1 src]# systemctl status elasticsearch.service
● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2021-01-29 16:01:09 CST; 1h 10min ago
     Docs: https://www.elastic.co
 Main PID: 11097 (java)
   CGroup: /system.slice/elasticsearch.service
           ├─11097 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.enc...
           └─11285 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Jan 29 16:00:29 sjyt-node-1 systemd[1]: Starting Elasticsearch...
Jan 29 16:01:09 sjyt-node-1 systemd[1]: Started Elasticsearch.

④、防火墙放行elasticsearch端口

[root@sjyt-node-1 src]# firewall-cmd --permanent --add-port=9200/tcp #es服务端口
[root@sjyt-node-1 src]# firewall-cmd --permanent --add-port=9300/tcp #集群通信端口
[root@sjyt-node-1 src]# firewall-cmd --reload

⑤、查看集群状态
浏览器访问：http://10.20.11.40:9200/_cluster/state

四、配置ES集群间 TLS 和 身份验证

①、生产证书文件（仅集群中一台服务器生产即可，然后copy到另外两台服务器）

[root@sjyt-node-1 src]# mkdir /etc/elasticsearch/cert.d 
#创建存放证书的目录
[root@sjyt-node-1 src]# chown -Rf elasticsearch:elasticsearch /etc/elasticsearch/cert.d/
#授权elasticsearch 用户可以访问该目录
[root@sjyt-node-1 src]# /usr/share/elasticsearch/bin/elasticsearch-certutil cert -out /etc/elasticsearch/cert.d/elastic-certificates.p12 -pass ""
#生成配置文件
[root@sjyt-node-1 src]#  scp -P 51022 /etc/elasticsearch/cert.d/elastic-certificates.p12 root@sjyt-node-2:/etc/elasticsearch/cert.d/
[root@sjyt-node-1 src]#  scp -P 51022 /etc/elasticsearch/cert.d/elastic-certificates.p12 root@sjyt-node-3:/etc/elasticsearch/cert.d/

②、修改配置文件

[root@sjyt-node-1 src]# cat /etc/elasticsearch/elasticsearch.yml |grep -v '#'|grep -v '^$'
cluster.name: jsyt
node.name: sjyt-node-1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["10.20.11.40", "10.20.11.41","10.20.11.42"]
cluster.initial_master_nodes: ["sjyt-node-1", "sjyt-node-2","sjyt-node-3"]
http.cors.enabled: true
http.cors.allow-origin: "*"   #以下为启用安全通信
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/cert.d/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/cert.d/elastic-certificates.p12

③、在集群中的任何一个节点上生成密码都可以，一个节点生成后会同步至集群
以下是集群生成的用户

[root@sjyt-node-1 ~]# /usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y


Changed password for user apm_system
PASSWORD apm_system = asdfwe1dwersg

Changed password for user kibana_system
PASSWORD kibana_system = 3NrpXg0iSasdfTBQd1r4A486

Changed password for user kibana
PASSWORD kibana = 3NrpXg0sdfasdfiSTBQd1r4A486

Changed password for user logstash_system
PASSWORD logstash_system = tQK1ZiQsdf121vvDIcFjy4UoI3

Changed password for user beats_system
PASSWORD beats_system = UbRXm4NGRrNe13sdahgK5reT2

Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = xRBVMrdwwTsF7SVTwerxiQbfdk

Changed password for user elastic
PASSWORD elastic = NX4qLwer6QidJqwerNJftVyx2mz

④、浏览器访问验证

[root@sjyt-node-1 src]# curl -u elastic:NX4qL6QidJNJftVyx2mz -XGET 'http://10.20.11.40:9200/_cat/nodes?v'
ip          heap.percent ram.percent cpu load_1m load_5m load_15m node.role  master name
10.20.11.41           43          35   0    0.00    0.01     0.05 cdhilmrstw -      sjyt-node-2
10.20.11.40           58          24   1    0.01    0.03     0.05 cdhilmrstw *      sjyt-node-1
10.20.11.42           17          95   0    0.00    0.01     0.05 cdhilmrstw -      sjyt-node-3

参考：https://abcops.cn/1192.html