这里es使用的是7.10.2版本的es,物料包下载地址如下
#注意安装的插件需和es版本保持一致
#es
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.10.2-linux-x86_64.tar.gz
#kibana
https://artifacts.elastic.co/downloads/kibana/kibana-7.10.2-linux-x86_64.tar.gz
#ik插件
https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.10.2/elasticsearch-analysis-ik-7.10.2.zip
1:es不能在root用户下启动,必须创建新的用户,用来启动e
useradd es -s /bin/bash
2:进入 /home/es 目录下,上传下载好的安装包,解压
cd /home/es
#传包不方便的话直接wget下载以下安装包即可
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.10.2-linux-x86_64.tar.gz
#顺便下载下kibana安装包
https://artifacts.elastic.co/downloads/kibana/kibana-7.10.2-linux-x86_64.tar.gz
tar xzf elasticsearch-7.10.2-linux-x86_64.tar.gz
tar xzf kibana-7.10.2-linux-x86_64.tar.gz
3:对es、kibana目录授权
chown -R es:es elasticsearch-7.10.2
chown -R es:es kibana-7.10.2-linux-x86_64
4:创建数据、日志目录
mkdir -p /data/logs/es
mkdir -p /data/es/{data,work,plugins,scripts}
5:修改es、kibana配置文件
#es配置文件
vim /home/es/elasticsearch-7.10.2/config/elasticsearch.yml
node.name: node-1
network.host: 0.0.0.0
cluster.initial_master_nodes: ["node-1"]
#kibana配置文件
vim /home/es/kibana-7.10.2-linux-x86_64/config/kibana.yml
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://localhost:9200"]
kibana.index: ".kibana"
elasticsearch.username: "elastic"
elasticsearch.password: "123456"
6:启动es、kibana
#切换用户es
su es
#启动es(-d : 后台运行,不加则为运行并输入日志)
/home/es/elasticsearch-7.10.2/bin/elasticsearch -d
启动kibana
nohup /home/es/kibana-7.10.2-linux-x86_64/bin/kibana &
7:设置用户名密码
#配置文件添加下面内容,重启es
vim /home/es/elasticsearch-7.10.2/config/elasticsearch.yml
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
#执行设置用户名和密码的命令,这里需要为4个用户分别设置密码,elastic, kibana, logstash_system,beats_system
/home/es/elasticsearch-7.10.2/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
8:常见问题
8.1:max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
#通过命令查看
ulimit -Hn
ulimit -Sn
vim /etc/security/limits.conf
#添加以下配置信息
* soft nofile 65536
* hard nofile 65536
8.2:启动后报错:max number of threads [3818] for user [es] is too low, increase to at least [4096]
vim /etc/security/limits.conf
#添加以下配置信息
* soft nproc 4096
* hard nproc 4096
8.3:启动后报错:max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
#修改/etc/sysctl.conf文件
vim /etc/sysctl.conf
#增加配置
vm.max_map_count=262144
#执行命令sysctl -p生效
sysctl -p
安装ik插件
#进入es-plugins
cd /home/es/elasticsearch-7.10.2/plugins
#创建名为ik的文件夹
mkdir ik
#进入ik
cd ik/
#文件传入该目录下,并解压
unzip elasticsearch-analysis-ik-7.10.2.zip
重启es后验证插件是否安装成功
/home/es/elasticsearch-7.10.2/bin/elasticsearch-plugin list