【无标题】

Elasticsearch集群安装

Step 1:修改Elasticsearch目录属主和数组

$ chown -R elastic.elastic /opt/elasticsearch8

2.4.6 node01 节点启动单实例

Step 1:修改Elasticsearch配置文件

$ cp /opt/elasticsearch8/soft/elasticsearch-8.18.2/config/elasticsearch.yml{,.bak}

$ vim /opt/elasticsearch8/soft/elasticsearch-8.18.2/config/elasticsearch.yml

cluster.name: elastic-cluster

node.name: node01

path.data: /opt/elasticsearch8/data

path.logs: /opt/elasticsearch8/log

network.host: 0.0.0.0

http.port: 9200

http.cors.enabled: true

http.cors.allow-origin: "*"

http.cors.allow-headers: "Authorization, X-Requested-With, Content-Type, Content-Length"

http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE

Step 2:启动Elasticsearch实例

$ su -c "/opt/elasticsearch8/soft/elasticsearch-8.18.2/bin/elasticsearch" elastic

提示:node01 启动完成,测试通过后,关闭该示例

2.4.5 node01 节点修改配置文件

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/config/

$ vim elasticsearch.yml

cluster.name: elastic-cluster

node.name: node01

path.data: /opt/elasticsearch8/data

path.logs: /opt/elasticsearch8/log

bootstrap.memory_lock: true # 锁定JVM内存页,避免操作系统交换(Swap),提升性能。

network.host: 0.0.0.0

http.port: 9200

discovery.seed_hosts: "node01", "node02", "node03" # 指定elasticsearch集群节点

http.cors.enabled: true

http.cors.allow-origin: "*"

http.cors.allow-headers: "Authorization, X-Requested-With, Content-Type, Content-Length"

http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE

xpack.security.enabled: true # 启用安全功能(认证、授权、审计)

xpack.security.enrollment.enabled: true # 允许通过API自动注册节点证书,简化证书管理

xpack.security.http.ssl:

enabled: true # # 启用HTTP层TLS加密

keystore.path: certs/http.p12 # HTTP服务证书存储路径

xpack.security.transport.ssl:

enabled: true # # 启用节点间加密通信

verification_mode: certificate # 仅验证证书有效性,不校验主机名

keystore.path: certs/transport.p12 # 节点身份证书存储路径

truststore.path: certs/transport.p12 # 节点信任证书存储路径

cluster.initial_master_nodes: "node01" # 指定elasticsearch集群初始化master节点,仅首次启动时有效,后续由选举机制动态调整。

ingest.geoip.downloader.enabled: false # 禁用GeoIP数据库自动下载。若需地理位置分析(如IP定位),需手动配置数据库路径并定期更新

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/bin/

$ su -c "./elasticsearch" elastic

2.5.6 node01 节点生成其他节点加入集群 Token 值

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/bin/

$ ./elasticsearch-create-enrollment-token -s node # 生成新节点加入安全集群的临时注册令牌;默认有效期30分钟;新节点启动时通过 --enrollment-token 参数使用该令牌,即可自动完成与现有集群的安全认证和配置同步。

2.5.7 node02 加入 node01 集群

Step 1:node01修改配置文件

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/config

$ cp elasticsearch.yml{,.bak}

$ vim elasticsearch.yml

cluster.name: elastic-cluster

node.name: node02

path.data: /opt/elasticsearch8/data

path.logs: /opt/elasticsearch8/log

bootstrap.memory_lock: true

network.host: 0.0.0.0

http.port: 9200

ingest.geoip.downloader.enabled: false

Step 2:切换工作目录

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/bin/

Step 3:加入node01集群

$ su -c "./elasticsearch --enrollment-token eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTkyLjE2OC4xNzQuMTQwOjkyMDAiXSwiZmdyIjoiYTczNjNlMTEzZjZkZGU0NDkyZjhlZWEzNmFjY2JhYmEzODMyNjkwZjQwNzBiYTU1MGJjYzVkMDVhNDAzODQ1MyIsImtleSI6ImNZMjJvWmNCMlBUczhpeWRnX3gtOlJYZWxGdXQ1a015N0xydDA3LTY0blEifQ==" elastic

2.5.8 node03 加入 node01 集群

Step 1:node01修改配置文件

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/config

$ cp elasticsearch.yml{,.bak}

$ vim elasticsearch.yml

cluster.name: elastic-cluster

node.name: node03

path.data: /opt/elasticsearch8/data

path.logs: /opt/elasticsearch8/log

bootstrap.memory_lock: true

network.host: 0.0.0.0

http.port: 9200

ingest.geoip.downloader.enabled: false

Step 2:切换工作目录

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/bin/

Step 3:加入node01集群

$ su -c "./elasticsearch --enrollment-token eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTkyLjE2OC4xNzQuMTQwOjkyMDAiXSwiZmdyIjoiYTczNjNlMTEzZjZkZGU0NDkyZjhlZWEzNmFjY2JhYmEzODMyNjkwZjQwNzBiYTU1MGJjYzVkMDVhNDAzODQ1MyIsImtleSI6ImNZMjJvWmNCMlBUczhpeWRnX3gtOlJYZWxGdXQ1a015N0xydDA3LTY0blEifQ==" elastic

2.5.9 Elasticsearch Head 插件测试

Step 1:node01重置密码

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/bin/

$ ./elasticsearch-reset-password -u elastic -i

2.5.10 Kibana 连接 Elasticsearch 集群

Step 1:下载Kibana安装包

$ wget https://artifacts.elastic.co/downloads/kibana/kibana-8.18.2-linux-x86_64.tar.gz

Step 2:解压安装包至指定目录

$ mkdir /opt/kibana

$ tar xf kibana-8.18.2-linux-x86_64.tar.gz -C /opt/kibana/

Step 3:切换工作目录

$ cd /opt/kibana/kibana-8.18.2/

Steo 4:拷贝Elasticsearch证书文件到配置文件目录

$ cp ~/elasticsearch-ca.pem /opt/kibana/kibana-8.18.2/config/

Step 5:生成Kibana加密秘钥

$ cd /opt/kibana/kibana-8.18.2/bin/

$ ./kibana-encryption-keys generate # 生成 Kibana 加密密钥

Kibana is currently running with legacy OpenSSL providers enabled! For details and instructions on how to disable see https://www.elastic.co/guide/en/kibana/8.19/production.html#openssl-legacy-provider

Kibana Encryption Key Generation Utility

The 'generate' command guides you through the process of setting encryption keys for:

xpack.encryptedSavedObjects.encryptionKey

Used to encrypt stored objects such as dashboards and visualizations

https://www.elastic.co/guide/en/kibana/current/xpack-security-secure-saved-objects.html#xpack-security-secure-saved-objects

xpack.reporting.encryptionKey

Used to encrypt saved reports

https://www.elastic.co/guide/en/kibana/current/reporting-settings-kb.html#general-reporting-settings

xpack.security.encryptionKey

Used to encrypt session information

https://www.elastic.co/guide/en/kibana/current/security-settings-kb.html#security-session-and-cookie-settings

Already defined settings are ignored and can be regenerated using the --force flag. Check the documentation links for instructions on how to rotate encryption keys.

Definitions should be set in the kibana.yml used configure Kibana.

Settings:

xpack.encryptedSavedObjects.encryptionKey: 4f2b237b2eb3da3c2298589e6dcdeb03 # 防止未授权用户篡改或查看保存的 Kibana 对象

xpack.reporting.encryptionKey: 01d610e04b1afe164a705223a562f57d # 确保报告内容在存储和传输中不被窃取

xpack.security.encryptionKey: 2c3fedfa18edac2c1869e17a6802f86c # 保护用户会话 Cookie,防止会话劫持

Step 6:修改配置文件

$ cp config/kibana.yml{,.bak}

$ vim config/kibana.yml

server.port: 5601

server.host: "0.0.0.0"

server.name: "elastic-cluster"

i18n.locale: "zh-CN"

xpack.encryptedSavedObjects.encryptionKey: "4f2b237b2eb3da3c2298589e6dcdeb03"

Step 7:创建Kibana用户

$ useradd kibana

Step 8:修改Kibana属主和数组

$ chown -R kibana.kibana /opt/kibana/

Step 9:启动Kibana

$ cd /opt/kibana/kibana-8.18.2/bin/

$ nohup su -c "./kibana" kibana &

$ tail -f nohup.out

Step 1:node01生成Kibana加入Token值

$ cd /opt/elasticsearch8/soft/elasticsearch-8.18.2/bin/

$ ./elasticsearch-create-enrollment-token -s kibana

Step 1:Kibana获取验证码

$ cd /opt/kibana/kibana-8.18.2/bin/

$ ./kibana-verification-code

相关推荐
ton_tom1 分钟前
设备驱动程序编程-Linux2.6.10-kdb安装-32位
linux·运维·服务器
Elastic 中国社区官方博客3 分钟前
谁来评判评判者?在 Elasticsearch Workflows 中使用 LLM-as-a-Judge
大数据·运维·人工智能·elasticsearch·搜索引擎·ai·全文检索
SSO_Crown1 小时前
AI 招聘管理系统深度评测与选型指南
大数据·运维·人工智能
cft56200_ln1 小时前
gPTP Master 报文目的 MAC 地址
运维·服务器·网络
AOwhisky3 小时前
Linux(CentOS)系统管理入门笔记(第四期)——文件系统(下篇):文件与目录操作实战——cpmvmkdirrmln
linux·运维·笔记·centos·云计算·文件系统
XTIOT6664 小时前
CRPT 诚实标识采集落地技术实践:分工况硬件选型与合规数据标准化解决方案
大数据·运维·人工智能·嵌入式硬件·物联网
weixin_505061454 小时前
线束中国探展专访|广东星坤:以高可靠互连突围,打造国产连接器全球化标杆
运维
想你依然心痛5 小时前
嵌入式容器:Docker与BalenaOS在边缘设备上的实践——容器运行时与OTA
运维·docker·容器
竣达技术5 小时前
NAS / 服务器断电数据丢失?UPS 配套 USB关机保护板,市电断电池低自动提示服务器/电脑关机
运维·服务器·电脑
Lottie20265 小时前
京东电商进阶运营:精准定价+安全铺货+竞品监控+利润管控全自动化方案
运维·安全·自动化