es 集群部署

部署步骤

7.17.11-1

  • 列出版本
yum list elasticsearch --showduplicates
  • 安装
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
vim /etc/yum.repos.d/elasticsearch.repo

[elasticsearch]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=0
autorefresh=1
type=rpm-md

sudo yum install --enablerepo=elasticsearch elasticsearch
  • 证书

ca只需要生成一次,服务器p12证书用同一个ca签发3个

生成ca,默认在/usr/share/elasticsearch目录下
./elasticsearch-certutil ca --days 36500
可以直接读取查看
openssl pkcs12 -info -in elastic-stack-ca.p12 -nodes
转换PEM格式
openssl pkcs12 -in elastic-stack-ca.p12 -out elastic-stack-ca.pem -nodes
查看到期时间
openssl x509 -in elastic-stack-ca.pem -noout -dates
----------------------
根据ca生成证书
./elasticsearch-certutil cert --ca elastic-stack-ca.p12 --days 36000
转换PEM格式
openssl pkcs12 -in elastic-certificates.p12 -out elastic-certificates.pem -nodes
查看到期时间
openssl x509 -in elastic-certificates.pem -noout -dates
-----------
mkdir -p /etc/elasticsearch/certs
mv /usr/share/elasticsearch/elastic-certificates.p12  /etc/elasticsearch/certs/es-0x.p12
chown -R elasticsearch:elasticsearch /etc/elasticsearch
  • 配置

/etc/elasticsearch/elasticsearch.yml

node.name: node-01
path.data: /data/elasticsearch
path.logs: /data/logs/elasticsearch
network.host: 0.0.0.0
discovery.seed_hosts: ["192.168.2.132", "192.168.2.133", "192.168.2.134"]
cluster.initial_master_nodes: ["node-01", "node-02", "node-03"]
xpack.security.enabled: true
###开启传输证书认证
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/es-0x.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/es-0x.p12
  • 启动
mkdir -p /data/logs/elasticsearch
chown -R elasticsearch. /data/logs/elasticsearch

mkdir -p /data/elasticsearch
chown -R elasticsearch. /data/elasticsearch

systemctl enable elasticsearch
systemctl start elasticsearch
  • 配置密码
cd /usr/share/elasticsearch/
./bin/elasticsearch-setup-passwords interactive

常用命令

curl localhost:9200/_cluster/health?pretty
curl 'localhost:9200/_cat/indices?v'
curl -XGET localhost:9200/_cat/shards?h=index,shard,prirep,state,unassigned.reason

Elasticsearch 是一个基于 Lucene 的开源搜索服务器。它提供了一个分布式全文搜索引擎,基于 RESTful web 接口。Elasticsearch 是开发可扩展的高可用性搜索引擎的一个很好的选择。以下是一些常用的 Elasticsearch 运维命令,这些命令使用了 curl,一个命令行工具,用于从或向服务器获取或发送数据,使用 URL 语法:

  1. 检查 Elasticsearch 集群的健康状况
curl -X GET "localhost:9200/_cluster/health?pretty"
  1. 获取节点信息
curl -X GET "localhost:9200/_nodes?pretty"
  1. 获取集群的统计信息
curl -X GET "localhost:9200/_cluster/stats?human&pretty"
  1. 列出所有的索引
curl 'localhost:9200/_cat/indices?v'
  1. 查看索引的详细信息
curl -X GET "localhost:9200/[index-name]?pretty"
  1. 创建索引
curl -X PUT "localhost:9200/[index-name]?pretty"
  1. 删除索引
curl -X DELETE "localhost:9200/[index-name]?pretty"
  1. 索引一份文档
curl -X POST "localhost:9200/[index-name]/_doc?pretty" -H 'Content-Type: application/json' -d'
{
  "field1": "value1",
  ...
}'
  1. 检索文档
curl -X GET "localhost:9200/[index-name]/_doc/[doc-id]?pretty"
  1. 搜索
curl -X GET "localhost:9200/[index-name]/_search?q=[field]:[value]&pretty"

以上命令中的 “[index-name]"、"[doc-id]"、"[field]” 和 “[value]” 是占位符,你需要替换为实际的索引名、文档ID、字段名和值。这些命令假设 Elasticsearch 运行在 localhost 的 9200 端口上,你可以根据实际情况调整。