什么是ElasticStack?(what)
Elastic Stack是由ELK演化而来,ELK是三种软件的简称,分别是Elasticsearch、logstash、kibana组成,在发展的过程中,又有新成员Beats的加入,形成了Elastic Stack。
ELFK技术栈之ELasticSearch(集群)部署
服务器准备
主机IP | 集群角色 | 节点名 |
|---|---|---|
10.0.0.91 | master | elk01 |
10.0.0.92 | node1 | elk02 |
10.0.0.93 | node2 | elk03 |
1. 首先所有节点下载ElasticSearch二进制包
下载地址:https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.18-linux-x86_64.tar.gz
2.所有节点解压到指定目录
[root@elk01~] # tar xf elasticsearch-7.17.18-linux-x86_64.tar.gz -C /usr/local
[root@elk01~] # cd /usr/local
[root@elk01/usr/local] # ln -s elasticsearch-7.17.18/ es7.17.18
[root@elk01/usr/local] # ll
...
drwxr-xr-x 9 root root 4096 Feb 2 12:08 elasticsearch-7.17.18/
lrwxrwxrwx 1 root root 22 Apr 21 13:56 es7.17.18 -> elasticsearch-7.17.18//
...
2. 所有节点执行创建工作目录,添加用户并修改es是文件目录的权限
#创建文件目录
[root@elk01~] # mkdir -p /data/elastic/
[root@elk01~] # ll /data
drwxr-xr-x 4 root root 4096 Apr 21 13:59 elastic/
#创建启动用户
[root@elk01~] # useradd -u 1234 -m elastic
[root@elk01~] # id elastic
uid=1234(elastic) gid=1234(elastic) groups=1234(elastic)
#创建工作目录
[root@elk01~] # install -d /data/elastic/{log,data} -o elastic -g elastic
[root@elk01~] # ll /data/elastic/
drwxr-xr-x 2 elastic elastic 4096 Apr 21 13:59 data/
drwxr-xr-x 2 elastic elastic 4096 Apr 21 13:59 log/
#修改es文件目录的权限
[root@elk01~] # chown -R elastic.elastic /usr/local/elasticsearch-7.17.18/
3. 各个节点的配置文件
master节点
[root@elk01~] # grep ^[a-z] /usr/local/es7.17.18/config/elasticsearch.yml
cluster.name: es-cluster #集群名
node.name: es-master #节点名
path.data: /data/elastic/data #数据存放目录
path.logs: /data/elastic/log #日志存放目录
network.host: 0.0.0.0 #允许访问的网段
http.port: 9200 #端口
discovery.seed_hosts: ["10.0.0.91", "10.0.0.92","10.0.0.93"] #
cluster.initial_master_nodes: ["10.0.0.91", "10.0.0.92","10.0.0.93"]node1节点
[root@elk02/usr/local] # grep ^[a-z] /usr/local/es7.17.18/config/elasticsearch.yml
cluster.name: es-cluster
node.name: es-node1
path.data: /data/elastic/data
path.logs: /data/elastic/log
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["10.0.0.91", "10.0.0.92","10.0.0.93"]
cluster.initial_master_nodes: ["10.0.0.91", "10.0.0.92","10.0.0.93"]node2节点
[root@elk02/usr/local] # grep ^[a-z] /usr/local/es7.17.18/config/elasticsearch.yml
cluster.name: es-cluster
node.name: es-node1
path.data: /data/elastic/data
path.logs: /data/elastic/log
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["10.0.0.91", "10.0.0.92","10.0.0.93"]
cluster.initial_master_nodes: ["10.0.0.91", "10.0.0.92","10.0.0.93"]4. 所有节点编写配置
4.1 将es命令可以直接tab出来
[root@elk01~] # cat /etc/profile.d/elk.sh
#!/bin/bash
export ES_HOME=/usr/local/es7.17.18
export PATH=$PATH:$ES_HOME/bin
#编写完使用以下命令使其生效
[root@elk01~] # source /etc/profile.d/elk.sh4.2 修改内核参数
[root@elk01~] # cat /etc/sysctl.d/es.conf
vm.max_map_count=262144
#编写完使用以下命令使其生效
sysctl -p /etc/sysctl.d/es.conf5. 所有节点编写启动脚本并启动服务
cat > /usr/lib/systemd/system/es7.service <<EOF
[Unit]
Description=linux ES7 server daemon
Documentation=www.xwutx.cn
After=network.target
[Service]
User=elastic
LimitNOFILE=131070
LimitNPROC=8192
ExecStart=/usr/local/es7.17.18/bin/elasticsearch
[Install]
WantedBy=multi-user.target
EOF
#执行完成后执行
systemctl daemon-reload
systemctl enable --now es7
systemctl status es76. 查看集群状态
[root@elk01~] # curl 10.0.0.91:9200/_cat/nodes
10.0.0.91 11 81 2 0.23 0.17 0.07 cdfhilmrstw - es-master
10.0.0.92 24 97 2 0.65 0.33 0.19 cdfhilmrstw * es-node1
10.0.0.93 11 97 6 0.70 0.33 0.19 cdfhilmrstw - es-node2
评论区