基于centos7的elasticsearch7 + kibana + xpack集群搭建

和我一起的9分钟 2019-07-03

852

Elasticsearch 是一个开源的分布式 RESTful 搜索和分析引擎，能够解决越来越多不同的应用场景。

操作系统	主机IP	功能
centos 7	10.211.55.8	es node1
centos 7	10.211.55.9	es node2
centos 7	10.211.55.10	es node3
centos 7	10.211.55.8	kibana

1. java安装

Elasticsearch 是基于 Lucene 的，而 Lucene 又是基于 Java 的。所以第一步我们就需要在每台主机上安装 Java . 注意一定要每台主机都要安装

yum -y update
yum install java-1.8.0-openjdk
java -version
--------------------------------------------------------------
#验证下java的版本
[root@centos-7-node2 testMinio2.txt]# java -version
openjdk version "1.8.0_212"
OpenJDK Runtime Environment (build 1.8.0_212-b04)
OpenJDK 64-Bit Server VM (build 25.212-b04, mixed mode)

2. elasticsearch安装

#每台主机都要安装
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
vim etc/yum.repos.d/elasticsearch.repo
--------------------------------------------------------------
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
--------------------------------------------------------------
sudo yum install elasticsearch

# Elasticsearch is not started automatically after installation.
#
# Elasticsearch can be started and stopped as follows
sudo systemctl start elasticsearch.service
sudo systemctl stop elasticsearch.service
#log files located in var/log/elasticsearch/
#参考官网安装：https://www.elastic.co/guide/en/elasticsearch/reference/7.2/rpm.html#rpm-repo

每个node结点启es服务之后可查看下启动是否成功

2.1 每个结点的elasticsearch.yml配置

grep -Ev "^#|^$" etc/elasticsearch/elasticsearch.yml
--------------------------------------------------------------
##10.211.55.8 etc/elasticsearch/elasticsearch.yml
cluster.name: dev-es
node.name: node-2
path.data: var/lib/elasticsearch
path.logs: var/log/elasticsearch
network.host: 10.211.55.8
http.port: 9200
discovery.seed_hosts: ["10.211.55.8", "10.211.55.9", "10.211.55.10"]
cluster.initial_master_nodes: ["node-2", "node-3","node-4"]
gateway.recover_after_nodes: 1
http.cors.enabled: true
http.cors.allow-origin: "*"

##10.211.55.9 etc/elasticsearch/elasticsearch.yml
cluster.name: dev-es
node.name: node-3
path.data: var/lib/elasticsearch
path.logs: var/log/elasticsearch
network.host: 10.211.55.9
http.port: 9200
discovery.seed_hosts: ["10.211.55.8", "10.211.55.9", "10.211.55.10"]
cluster.initial_master_nodes: ["node-2", "node-3","node-4"]
gateway.recover_after_nodes: 1
http.cors.enabled: true
http.cors.allow-origin: "*"

##10.211.55.10 etc/elasticsearch/elasticsearch.yml
cluster.name: dev-es
node.name: node-4
path.data: var/lib/elasticsearch
path.logs: var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["10.211.55.8", "10.211.55.9", "10.211.55.10"]
cluster.initial_master_nodes: ["node-2", "node-3","node-4"]
gateway.recover_after_nodes: 1
http.cors.enabled: true
http.cors.allow-origin: "*"

2.2 查看下elasticsearch单个结点是否正常

[root@centos-7-node2 nodes]# curl -XGET "http://10.211.55.8:9200/"
{
  "name" : "node-2",
  "cluster_name" : "dev-es",
  "cluster_uuid" : "yN93XZZzSjyvPFLqV7YBLQ",
  "version" : {
    "number" : "7.2.0",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "508c38a",
    "build_date" : "2019-06-20T15:54:18.811730Z",
    "build_snapshot" : false,
    "lucene_version" : "8.0.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

[root@centos-7-node3 nodes]# curl -XGET "http://10.211.55.9:9200/"
{
  "name" : "node-3",
  "cluster_name" : "dev-es",
  "cluster_uuid" : "yN93XZZzSjyvPFLqV7YBLQ",
  "version" : {
    "number" : "7.2.0",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "508c38a",
    "build_date" : "2019-06-20T15:54:18.811730Z",
    "build_snapshot" : false,
    "lucene_version" : "8.0.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

[root@centos-7-node4 nodes]# curl -XGET "http://10.211.55.10:9200/"
{
  "name" : "node-4",
  "cluster_name" : "dev-es",
  "cluster_uuid" : "yN93XZZzSjyvPFLqV7YBLQ",
  "version" : {
    "number" : "7.2.0",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "508c38a",
    "build_date" : "2019-06-20T15:54:18.811730Z",
    "build_snapshot" : false,
    "lucene_version" : "8.0.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

查看下三结点是否正常启动

2.3 查看下集群结点是否正常

[root@centos-7-node4 nodes]# curl -XGET "http://10.211.55.8:9200/_cat/nodes?v"
ip           heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
10.211.55.10            7          94   0    0.00    0.01     0.05 mdi       *      node-4
10.211.55.8            17          93   0    0.08    0.03     0.05 mdi       -      node-2
10.211.55.9            10          93   0    0.00    0.01     0.05 mdi       -      node-3

[root@centos-7-node4 nodes]# curl -XGET "http://10.211.55.8:9200/_cluster/health?pretty"
{
  "cluster_name" : "dev-es",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 0,
  "active_shards" : 0,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

说明：es集群中还有一些参数需要调整，请自行官网上找下配置，不赘述

3. kibana安装

# kibana也有多种安装方式，我采用rpm包安装方式
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
vim etc/yum.repos.d/kibana.repo
--------------------------------------------------------------
[kibana-7.x]
name=Kibana repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
--------------------------------------------------------------
sudo yum install kibana

3.1 配置文件修改

#安装之后修改 etc/kibana/kibana.yml，设置公开访问和绑定的端口
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://10.211.55.10:9200"]
kibana.index: ".newkibana"

3.2 启动服务

sudo systemctl daemon-reload
sudo systemctl enable kibana
sudo systemctl start kibana

去页面的stack monitoring去启动一下，才能监测到es集群信息

4. xpack

By default, when you install Elasticsearch, X-Pack is installed. If you want to try all of the X-Pack features, you can start a 30-day trial. 你也可以去找一些文章看下怎么破解，当然不建议你在生产环境这么做，可能会有安全隐患。

4.1 通过账号密码登陆kibana

kibana安装好之后是不需要用户名密码登陆使用的，本文实验怎么增加安全校验，必须使用用户名密码登陆。

1. 开启30天的适用
kibana-->discovery-->elasticsearch-->license_management-->start trial
开启之后如上图

2.
vim etc/elasticsearch/elasticsearch.yml
#es的每个集群结点，添加一行
xpack.security.enabled: true

3. 修改kibana.yml参数
[root@centos-7-node2 nodes]# grep -Ev "^#|^$" etc/kibana/kibana.yml
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://10.211.55.10:9200"]
kibana.index: ".newkibana"
elasticsearch.username: "elastic"
elasticsearch.password: "elastic123"
xpack.security.enabled: true
xpack.security.encryptionKey: "4297f44b13955235245b2497399d7a93"

4. 找到安装目录
Installed using package manager - sudo yum install elasticsearch
path: usr/share/elasticsearch/bin/x-pack
--------------------------------------------------------------
[root@centos-7-node2 elasticsearch]# pwd
/usr/share/elasticsearch
[root@centos-7-node2 elasticsearch]# ./bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
--------------------------------------------------------------
# 我设置的账号为elastic 密码：elastic123

5. systemctl restart kibana
systemctl restart elasticsearch #每个结点
访问：http://10.211.55.8:5601
此时弹出的界面如下图，需账号密码登陆
搞定啦！！

那些年我们一起踩过的坑

1. CentOS7 yum提示:another app is currently holding the yum lock;
waiting for it to exit
解决：
可以通过强制关掉yum进程：
rm -f /var/run/yum.pid

2. 集群搭建最棘手的就是集群结点各自为政，每个结点都是master，根本没有
加入到一个我们定义好的cluster中去，问题在哪里呢？
解答：
因为初始状态的时候我们启动es服务，很容易会默认启动一个集群，这个
集群中只有一个当前结点作为master，会生成一个cluster_uuid，这个参数不
会因为cluster_name的变化而变更。为了让结点能加入到集群中去，我们需要
删除掉之前的node信息，重新让node加入到集群中去。
对于每个结点做以下操作：
systemctl stop elasticsearch
cd /var/lib/elasticsearch/nodes
rm -fr 0
systemctl start elasticsearch
问题就能解决

参考网址：https://www.elastic.co/guide/en/elasticsearch/reference/current/install-elasticsearch.html https://github.com/elastic/elasticsearch

不对之处可拍，欢迎交流

本文为原创，转载请注明出处！

数据库 elasticsearch

文章转载自和我一起的9分钟，如果涉嫌侵权，请发送邮件至：contact@modb.pro进行举报，并提供相关证据，一经查实，墨天轮将立刻删除相关内容。