阿里雲Ubuntu16.04安裝ElasticSearch7.2

最近用學生認證買了個阿里雲服務器，然後安裝了一下ElasticSearch7.2版本，並且做了登錄認證。其中遇到的坑，和大家分享一下。

1.首先是下載

這裏給大家分享一個鏡像的網址，可以快速下載ElasticSearch。

https://thans.cn/mirror/elasticsearch.html

2.安裝

1.首先要配置jdk，這裏使用下載好的ElasticSearch7.2文件夾下自帶的jdk就可以了。

2.新建一個ElasticSearch的文件夾。

mkdir /user/elastic

3.解壓 

tar -zxvf elasticsearch.tar.gz

4.創建用戶組並設置密碼，因爲ElasticSearch不能用root用戶打開

groupadd elk

useradd esuser -g elk-p espassword

5.然後使用root用戶進行授權

chown -R esuser:elk /user/elastic/elasticsearch-7.2.0

6.然後切換到elk用戶，直接su elk

7.進入到bin目錄下，直接./elasticsearch或者./elasticsearch -d

有的小夥伴在這裏報錯了,報錯如下,原因是在分配內存配置文件上) 

Java HotSpot(TM) 64-Bit Server VM warning: INFO: os::commit_memory(0x00000000c5330000, 986513408, 0) failed; error='Cannot allocate memory' (errno=12)

 修改jvm.options配置(根據版本不一樣和你的服務器配置差異,這裏把它改成小一點的,比如256m即可,如果你的機器配置高,一般不會報錯,不用修改也行,如果配置低設置合理就行了)

# Xms represents the initial size of total heap space
# Xmx represents the maximum size of total heap space
-Xms256m
-Xmx256m

如果想要外部訪問我們的ElasticSearch，需要進行如下配置

1.打開ElasticSearch目錄下的config文件夾下的elasticsearch.yml,我把我的借鑑給大家，僅供參考。

# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /user/elasticsearch-cluster/elasticsearch1/data
#
# Path to log files:
#
path.logs: /user/elasticsearch-cluster/elasticsearch1/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
bootstrap.memory_lock: false
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
# discovery.seed_hosts: ["127.0.0.1:9200"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["node-1"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
http.cors.enabled: true
http.cors.allow-origin: "*"

這裏network.host: 0.0.0.0代表可以隨意訪問。

還有http.cors.enabled: true和http.cors.allow-origin: "*"代表可以讓head插件訪問。

2.切換到su root,進入以下路徑/etc/security找到limits.conf進行編輯,在# End of file前(注意,不要以爲是註釋的就無所謂),*代表用戶,elk也行

* soft nofile 65536
* hard nofile 65536
* soft nproc 4096
* hard nproc 4096

使配置生效(執行以下命令後會有4個bash: elasticsearch: 未找到命令,忽略它)

source /etc/security/limits.conf 
編輯/etc/sysctl.conf,在文本最後添加

vm.max_map_count=655360
fs.file-max=655360

使用命令sysctl -p，使配置生效

3.要去阿里雲的安全組添加9200的端口，要不然是訪問不到的。

4.還有重要的一步就是要開啓防火牆9200通過的端口。這一點坑了我兩個小時。

firewall-cmd --zone=public --add-port=9300/tcp
firewall-cmd --zone=public --add-port=9200/tcp

通過這些配置，我們就可以使用ElasticSearch了。

ElasticSearch安全認證

如果是項目組使用的話，可能會需要登錄驗證這一過程，我自己也碰到過，自己項目組的es數據庫被刪。唉。。。，長點記性吧。

1.修改elasticsearch.yml,

http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true

2.啓動ElasticSearch

3.進入到bin目錄下，執行

./elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y

Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

4.如果不行的話，就重啓一下，reboot命令就可以了。重啓之後，一定要9200和9300通過防火牆認證，不然外部是訪問不到的。

firewall-cmd --zone=public --add-port=9300/tcp
firewall-cmd --zone=public --add-port=9200/tcp