Elasticsearch is a highly extensible open source full-text search and analysis engine. It allows you to store, search, and analyze large amounts of data quickly and in real time. It is often used as the underlying engine technology provided by applications with complex search functions and requirements.
Elasticsearch is installed like Tomcat, out of the box, without installing complex dependency packages.
precondition:
Elasticsearch requires at least Java 8 version. The following is the installation document, so we will not repeat it here.
《 Linux JAVA JDK JRE environment variable installation and configuration 》
Cluster deployment environment and equipment configuration:
/Set/16G/8 core/500G 10.28.204.62 10.28.204.63 10.28.204.64 10.28.204.65 Elasticsearch 5.6.3 CentOS Linux release 7.4.1708 (Core) Kernel: Linux 3.10.0-693.2.2.el7.x86_64
explain : For the following installation steps, I operate on the 10.28.204.65 server. Other machines are the same. I will mark the key parts of the cluster.
1. Create users and groups and set passwords
$ groupadd es $ useradd -g es es $ passwd es
2. Install Elasticsearch
Download address://www.elastic. co/downloads/elastic search # ga release
Unzip:
$ cd /tmp $ tar zxvf elasticsearch-5.6.3.tar.gz
Move directory and create soft connection:
$ mv elasticsearch-5.6.3 /usr/local $ cd /usr/local $ ln -s elasticsearch-5.6.3 elasticsearch
Set directory user permissions:
$ chown -R es.es elasticsearch*
3. Configure jvm.options
The default heap memory of Elasticsearch is 2 GB, which cannot meet the requirements. You need to change the two Xms and Xmx in the following files to 8G, and other defaults.
$ vim /usr/local/elasticsearch/config/jvm.options ... -Xms8g -Xmx8g ...
Note: It is recommended to allocate half of the physical memory of the machine, and the maximum size should not exceed 32GB.
4. Configure elasticsearch.yml
The configured contents are as follows:
$ egrep -v "(^#|^$)" /usr/local/elasticsearch/config/elasticsearch.yml
cluster.name: my-apprenwole #Cluster name, any. After ES is started, nodes with the same cluster name will be placed under one cluster. node.name: renwolenode-1 #Any unique value of the node name. bootstrap.memory_lock: false #Close locked memory. network.host: 10.28.204.65 #The local IP address must be modified for each node. http.port: 9200 #The http access port is recommended to be modified for security. discovery.zen.ping.unicast.hosts: ["10.28.204.62","10.28.204.63", "10.28.204.64","10.28.204.65"] #When a new node starts, the initial list of hosts is passed to perform discovery. If the port is not the default, add the port. discovery.zen.minimum_master_nodes: 3 #Specify how many master qualified nodes exist in the cluster node. More than three clusters can be written. client.transport.ping_timeout: 120s #Time to wait for ping response from node. The default is 60s. discovery.zen.ping_timeout: 120s #It is allowed to adjust the election time when the processing speed is slow or the network is congested (a higher value guarantees less failures). http.cors.enabled: true #Enable or disable cross original resource sharing, that is; Whether the browser on another source can execute the request against Elasticsearch. http.cors.allow-origin: "*" #Source is not allowed by default. If you add and attach/add to this value in advance, it will be regarded as a regular expression, allowing you to support HTTP and HTTP. For example, use/https?:\/\/ localhost(:[0-9]+)?/ The request header will be returned appropriately in both cases* Is a valid value, but is considered a security risk because your elastic search instance can cross initiate requests from anywhere.
Note: The Elasticsearch default value configuration has good settings and requires few configurations. By default, it can be used for production after a few configurations.
For more configuration information, see Elasticsearch modules
Note: The other three machines are the same except for the following parameters:
node.name network.host
5. Memlock Settings
Add the following to the file:
$ vim /etc/security/limits.conf es soft memlock unlimited es hard memlock unlimited es - nofile 65536
If it is not added, a warning message will be reported during startup:
Unable to lock JVM Memory: error=12, reason=Cannot allocate memory This can result in part of the JVM being swapped out. Increase RLIMIT_MEMLOCK, soft limit: 65536, hard limit: 65536 These can be adjusted by modifying /etc/security/limits.conf, for example: # allow user 'es' mlockall es soft memlock unlimited es hard memlock unlimited
The above error messages also provide solutions.
6. Server Memory Settings
$ vim /etc/sysctl.conf vm.max_map_count=262144 $ sysctl -p
7. Start Elasticsearch
Because ES does not allow root to start directly by default, for security reasons, switch to the es account to start:
[ root@102820465 ~]# su es [ es@102820465 ~]$ cd /usr/local/elasticsearch/bin [ es@102820465 bin]$ ./ elasticsearch
[INFO ][o.e.n.Node ] [renwolenode-1] initializing ... [INFO ][o.e.e.NodeEnvironment ] [renwolenode-1] using [1] data paths, mounts [[/ (rootfs)]], net usable_space [4021.3mb], net total_space [15.9gb], spins? [unknown], types [rootfs] [INFO ][o.e.e.NodeEnvironment ] [renwolenode-1] heap size [7.9gb], compressed ordinary object pointers [true] [INFO ][o.e.n.Node ] [renwolenode-1] node name [renwolenode-1], node ID [vkixu3LZTPq82SAWWXyNcg] [INFO ][o.e.n.Node ] [renwolenode-1] version[5.6.3], pid[21425], build[667b497/2017-10-18T19:22:05.189Z], OS[Linux/3.10.0-514.el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_144/25.144-b01] [INFO ][o.e.n.Node ] [renwolenode-1] JVM arguments [-Xms8g, -Xmx8g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapaci tyPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/local/elasticsearch] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [aggs-matrix-stats] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [ingest-common] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [lang-expression] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [lang-groovy] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [lang-mustache] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [lang-painless] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [parent-join] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [percolator] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [reindex] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [transport-netty3] [INFO ][o.e.p.PluginsService ] [renwolenode-1] loaded module [transport-netty4] [INFO ][o.e.p.PluginsService ] [renwolenode-1] no plugins loaded [INFO ][o.e.d.DiscoveryModule ] [renwolenode-1] using discovery type [zen] [INFO ][o.e.n.Node ] [renwolenode-1] initialized [INFO ][o.e.n.Node ] [renwolenode-1] starting ... [INFO ][o.e.t.TransportService ] [renwolenode-1] publish_address {10.28.204.65:9300}, bound_addresses {10.28.204.65:9300} [INFO ][o.e.b.BootstrapChecks ] [renwolenode-1] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks [WARN ][o.e.n.Node ] [renwolenode-1] timed out while waiting for initial discovery state - timeout: 30s [INFO ][o.e.h.n.Netty4HttpServerTransport] [renwolenode-1] publish_address {10.28.204.65:9200}, bound_addresses {10.28.204.65:9200} [INFO ][o.e.n.Node ] [renwolenode-1] started
Node started successfully, status: started After startup, the current terminal will always display the ElasticSearch status information.
If the startup fails, a detailed error description will be displayed, which can be solved according to the error report.
If you exit, press Ctrl + c Meanwhile, ElasticSearch will stop.
8. Re open a terminal to access ES
$ curl //10.28.204.65:9200/ { "name" : "renwolenode-1", "cluster_name" : "my-apprenwole", "cluster_uuid" : "Xf_ZdW0XQum4rycQA40PfQ", "version" : { "number" : "5.6.3", "build_hash" : "667b497", "build_date" : "2017-10-18T19:22:05.189Z", "build_snapshot" : false, "lucene_version" : "6.6.1" }, "tagline" : "You Know, for Search" }
Some information of ES is returned, indicating that ES can be used normally.
9. Create systemd unit service file
In fact, when managing ES in the production environment, it is impossible to switch accounts back and forth/ The elasticsearch mode is started. If the Elastic search server cannot be started randomly when it is down for recovery, it will bring unnecessary trouble to the operation and maintenance personnel.
Therefore, create a bootstrap file:
$ vim /usr/lib/systemd/system/elasticsearch.service
Add the following:
[Service] Environment=ES_HOME=/usr/local/elasticsearch Environment=CONF_DIR=/usr/local/elasticsearch/config Environment=DATA_DIR=/usr/local/elasticsearch/data Environment=LOG_DIR=/usr/local/elasticsearch/logs Environment=PID_DIR=/usr/local/elasticsearch EnvironmentFile=-/usr/local/elasticsearch/config WorkingDirectory=/usr/local/elasticsearch User=es Group=es ExecStartPre=/usr/local/elasticsearch/bin/elasticsearch-systemd-pre-exec ExecStart=/usr/local/elasticsearch/bin/elasticsearch \ -p ${PID_DIR}/elasticsearch.pid \ --quiet \ -Edefault.path.logs=${LOG_DIR} \ -Edefault.path.data=${DATA_DIR} \ -Edefault.path.conf=${CONF_DIR} # StandardOutput is configured to redirect to journalctl since # some error messages may be logged in standard output before # elasticsearch logging system is initialized. Elasticsearch # stores its logs in /var/log/elasticsearch and does not use # journalctl by default. If you also want to enable journalctl # logging, you can simply remove the "quiet" option from ExecStart. StandardOutput=journal StandardError=inherit # Specifies the maximum file descriptor number that can be opened by this process LimitNOFILE=65536 # Specifies the maximum number of processes LimitNPROC=2048 # Specifies the maximum size of virtual memory LimitAS=infinity # Specifies the maximum file size LimitFSIZE=infinity # Disable timeout logic and wait until process is stopped TimeoutStopSec=0 # SIGTERM signal is used to stop the Java process KillSignal=SIGTERM # Send the signal only to the JVM rather than its control group KillMode=process # Java process is never killed SendSIGKILL=no # When a JVM receives a SIGTERM signal it exits with code 143 SuccessExitStatus=143 [Install] WantedBy=multi-user.target # Built for distribution-5.6.3 (distribution)
10. Restart elasticsearch
$ systemctl restart elasticsearch
Note: After restarting the ES, it will not run immediately. It has a startup process, which takes about 1 minute. You can check whether the 9200 and 9300 are running through ss ntlp. After running, you can check the cluster status.
11. Set Firewalld firewall
$ firewall-cmd --permanent --add-port={9200/tcp,9300/tcp} $ firewall-cmd --reload $ firewall-cmd --list-all
12. View cluster status
Enter the following URL in the cluster to obtain the cluster health status information:
$ curl //10.28.204.65:9200/_cluster/health? pretty { "cluster_name" : "my-apprenwole", //Cluster name "status" : "green", //The cluster status is divided into red/green/light, green: healthy, yellow: sub healthy, red: sick "timed_out" : false, "number_of_nodes" : 4, //Number of nodes "number_of_data_nodes" : 4, //Data node "active_primary_shards" : 6, //Total number of main partitions "active_shards" : 22, //Total number of partitions of all indexes in the cluster "relocating_shards" : 0, //Number of partitions being migrated "initializing_shards" : 0, //Number of partitions being initialized "unassigned_shards" : 0, //Number of partitions not allocated to specific nodes "delayed_unassigned_shards" : 0, "number_of_pending_tasks" : 0, "number_of_in_flight_fetch" : 0, "task_max_waiting_in_queue_millis" : 0, "active_shards_percent_as_number" : 100.0 //Percentage of active fragments }
We use 4 ES instances, so the cluster also displays specific data, indicating that the cluster is running normally.
The ES cluster has been installed. This article is original and can be directly used in production. ES has many plug-ins. Later, I will write some related documents, such as Kibana, Logstash, and X-Pack, which are official plug-ins and are quite practical.