ElasticSearch简介

什么是ElasticSearch:

  • ElasticSearch是基于Apache Lucene构建的开源搜索引擎
  • 采用Java编写,提供了简单易用的RESTFul API
  • 轻松的横向扩展,可支持PB级的结构化或非结构化的数据处理

应用场景:

  • 海量数据分析引擎
  • 站内搜索引擎
  • 作为数据仓库

一线公司实际应用场景:

  • 英国卫报 - 实时分析公众对文章的回应
  • 维基百科、GitHub - 站内实时搜索引擎
  • 百度 - 实时日志监控平台

单实例安装ElasticSearch

在安装ElasticSearch之前,首先准备好Java环境:

[root@localhost /usr/local/jdk1.8]# java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)
[root@localhost /usr/local/jdk1.8]# 

到ElasticSearch官网上复制ElasticSearch的下载链接:

https://www.elastic.co/cn/

复制ElasticSearch 5.x版本的下载地址,到命令行上进行下载:

[root@localhost ~]# cd /usr/local/src/
[root@localhost /usr/local/src]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.5.2.tar.gz

下载好后,解压到相应的目录中:

[root@localhost /usr/local/src]# ls
elasticsearch-5.5.2.tar.gz
[root@localhost /usr/local/src]# tar -zvxf elasticsearch-5.5.2.tar.gz -C /usr/local
[root@localhost /usr/local/src]# ls /usr/local/elasticsearch-5.5.2/
bin  config  lib  LICENSE.txt  modules  NOTICE.txt  plugins  README.textile
[root@localhost /usr/local/src]#

安装完成后,我们需要新建一个普通用户,因为ElasticSearch不允许在root用户下运行,所以我们需要创建独立的用户来运行es。创建elsearch用户组及elsearch用户:

[root@localhost ~]# groupadd elsearch
[root@localhost ~]# useradd elsearch -g elsearch -p elasticsearch
[root@localhost ~]# passwd elsearch  # 设置密码

更改elasticsearch安装目录及其内部文件的所属用户及组为elsearch:elsearch,如下:

[root@localhost ~]# cd /usr/local/
[root@localhost /usr/local]# chown -R elsearch:elsearch elasticsearch-5.5.2/
[root@localhost /usr/local]# ll |grep elasticsearch-5.5.2
drwxr-xr-x. 8 elsearch elsearch 143 6月  19 10:46 elasticsearch-5.5.2
[root@localhost /usr/local]#

由于在CentOS7下,elasticsearch 5.x 设置了ip后,启动会有些问题导致启动报错,我们需要设置如下系统参数来解决这个问题:

[root@localhost /usr/local/elasticsearch-5.5.2]# vim /etc/security/limits.conf
*                hard    nofile          65536
*                soft    nofile          131072
*                soft    nproc           2048   
*                hard    nproc           4096
[root@localhost /usr/local/elasticsearch-5.5.2]# vim /etc/security/limits.d/90-nproc.conf
*                soft    nproc           2048
[root@localhost /usr/local/elasticsearch-5.5.2]# vim /etc/sysctl.conf
vm.max_map_count=655360
[root@localhost /usr/local/elasticsearch-5.5.2]# sysctl -p
vm.max_map_count = 655360
[root@localhost /usr/local/elasticsearch-5.5.2]# 

关于这个问题可以参考如下issues:

https://github.com/elastic/elasticsearch/issues/22899

Elasticsearch5.5.1安装问题汇总:

https://github.com/DimonHo/DH_Note/issues/3


完成以上的配置后,我们从root用户切换到elsearch用户:

[root@localhost ~]# su elsearch
[elsearch@localhost root]$

在启动es前先设置一下绑定的ip,设置为可被外部访问的ip,以及设置bootstrap相关的参数:

[elsearch@localhost root]$ cd /usr/local/elasticsearch-5.5.2/
[elsearch@localhost elasticsearch-5.5.2]$ vim config/elasticsearch.yml
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
network.host: 0.0.0.0  # 找到该项,设置为可被外部访问的ip
[elsearch@localhost elasticsearch-5.5.2]$ 

启动ElasticSearch服务的命令:

[elsearch@localhost elasticsearch-5.5.2]$ sh bin/elasticsearch

加上-d参数表示后台启动,一般我们都采用后台启动的方式:

[elsearch@localhost elasticsearch-5.5.2]$ sh bin/elasticsearch -d

ElasticSearch服务启动成功后,可看到如下进程信息:

[elsearch@localhost elasticsearch-5.5.2]$ ps aux |grep elasticsearch
elsearch  13353  107 83.1 4697512 1550164 pts/0 Sl   11:04   0:03 /usr/local/jdk1.8/bin/java -Xms2g -Xmx2g -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -XX:+AlwaysPreTouch -server -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -Djdk.io.permissionsUseCanonicalPath=true -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Dlog4j.skipJansi=true -XX:+HeapDumpOnOutOfMemoryError -Des.path.home=/usr/local/elasticsearch-5.5.2 -cp /usr/local/elasticsearch-5.5.2/lib/* org.elasticsearch.bootstrap.Elasticsearch -d
elsearch  13372  0.0  0.0 112720   988 pts/0    S+   11:05   0:00 grep --color=auto elasticsearch
[elsearch@localhost elasticsearch-5.5.2]$ 

查看ElasticSearch服务所监听的端口:

[elsearch@localhost elasticsearch-5.5.2]$ netstat -lntp |grep java
tcp6       0      0 :::9200                 :::*                    LISTEN      14849/java          
tcp6       0      0 :::9300                 :::*                    LISTEN      14849/java          
[elsearch@localhost elasticsearch-5.5.2]$ 

设置防火墙规则,开放ElasticSearch服务所监听的端口:

[elsearch@localhost elasticsearch-5.5.2]$  sudo firewall-cmd --zone=public --add-port=9200/tcp --permanent
success
[elsearch@localhost elasticsearch-5.5.2]$  sudo firewall-cmd --zone=public --add-port=9300/tcp --permanent
success
[elsearch@localhost elasticsearch-5.5.2]$  sudo firewall-cmd --reload
success
[elsearch@localhost elasticsearch-5.5.2]$ 

开放了相应的端口后,从浏览器中访问,看看能否访问成功,如下则是访问成功的:
CentOS7 下安装 ElasticSearch 5.x 及填坑

关于关闭及重启elasticsearch服务,elasticsearch没有直接的关闭或重启命令,关闭elasticsearch服务只能通过kill命令来杀掉服务的进程,如下:

[elsearch@localhost elasticsearch-5.5.2]$ ps aux |grep es  # 查看进程id
[elsearch@localhost elasticsearch-5.5.2]$ kill -8 193460  # 通过进程id来杀掉服务

重启:

[elsearch@localhost elasticsearch-5.5.2]$ ps aux |grep es  # 查看进程id
[elsearch@localhost elasticsearch-5.5.2]$ kill -8 193460  # 通过进程id来杀掉服务
[elsearch@localhost elasticsearch-5.5.2]$ sh bin/elasticsearch -d

也可以编写一个服务脚本,以此来方便的启动或关闭elasticsearch服务。


插件安装

本小节我们来安装es的实用插件elasticsearch-head,这个插件可以提供一个图形化的界面,能让我们直观的查看节点数据以及集群健康状态等。github地址如下:

https://github.com/mobz/elasticsearch-head

进入elasticsearch-head的github地址,复制其.zip的下载链接,到命令行上进行下载:

[root@localhost /usr/local/src]# wget https://github.com/mobz/elasticsearch-head/archive/master.zip

注:切换成root用户

解压下载好的.zip压缩包:

[root@localhost /usr/local/src]# unzip master.zip
[root@localhost /usr/local/src]# mv elasticsearch-head-master/ /usr/local/
[root@localhost /usr/local/src]# ls /usr/local/elasticsearch-head-master/
Dockerfile         elasticsearch-head.sublime-project  grunt_fileSets.js  LICENCE       plugin-descriptor.properties  README.textile  src
Dockerfile-alpine  Gruntfile.js                        index.html         package.json  proxy                         _site           test
[root@localhost /usr/local/src]#

elasticsearch-head是一个提供图形化的插件,其图形化是基于node.js的,所以我们需要先准备好node.js环境,node.js官网下载地址如下:

https://nodejs.org/en/download/

在命令行中下载并解压安装包:

[root@localhost /usr/local/src]# wget https://nodejs.org/dist/v8.11.3/node-v8.11.3-linux-x64.tar.xz
[root@localhost /usr/local/src]# tar -Jxvf node-v8.11.3-linux-x64.tar.xz -C /usr/local/
[root@localhost /usr/local/src]# mv /usr/local/node-v8.11.3-linux-x64/ /usr/local/node-8.11.3

配置环境变量:

[root@localhost /usr/local/src]# vim /etc/profile
export NODE_HOME=/usr/local/node-8.11.3
export PATH=$PATH:$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$NODE_HOME/bin
[root@localhost /usr/local/src]# source /etc/profile
[root@localhost /usr/local/src]# node -v  # 输出版本号则代表配置成功
v8.11.3
[root@localhost /usr/local/src]#

进入es-head的安装目录,执行npm install命令安装所需的模块:

[root@localhost /usr/local/src]# cd /usr/local/elasticsearch-head-master/
[root@localhost /usr/local/elasticsearch-head-master]# npm install phantomjs-prebuilt@2.1.14 --ignore-scripts  # 因为有墙,phantomjs-prebuilt需要单独安装,不然会失败
[root@localhost /usr/local/elasticsearch-head-master]# npm install

es-head使用的是grunt server作为服务器,而grunt server默认监听的是localhost,所以我们需要修改Gruntfile.js文件,增加一段配置,不然外部是无法访问的,如下:

[root@localhost /usr/local/elasticsearch-head-master]# vim Gruntfile.js
connect: {
        server: {
                options: {
                        hostname: '0.0.0.0',  # 增加这段
                        port: 9100,
                        base: '.',
                        keepalive: true
                }
        }
}
[root@localhost /usr/local/elasticsearch-head-master]#

设置防火墙规则,开放9100端口:

[root@localhost /usr/local/elasticsearch-head-master]# firewall-cmd --zone=public --add-port=9100/tcp --permanent
success
[root@localhost /usr/local/elasticsearch-head-master]# firewall-cmd --reload
success
[root@localhost /usr/local/elasticsearch-head-master]# 

es与es-head是两个独立的进程,当es-head访问es服务时,会存在一个跨域问题。所以我们需要修改es的配置文件,增加一些配置项来解决这个问题,如下:

[root@localhost /usr/local/elasticsearch-head-master]# cd ../elasticsearch-5.5.2/config/
[root@localhost /usr/local/elasticsearch-5.5.2/config]# vim elasticsearch.yml  # 文件末尾加上如下配置
http.cors.enabled: true
http.cors.allow-origin: "*"
[root@localhost /usr/local/elasticsearch-5.5.2/config]# 

注:修改完配置文件后需切换到elsearch用户中重启es服务。

接着再次进入es-head的安装目录,使用如下命令,启动es-head:

[root@localhost /usr/local/elasticsearch-head-master]# npm run start

使用浏览器访问如下:
CentOS7 下安装 ElasticSearch 5.x 及填坑


伪分布式安装ElasticSearch

以上我们介绍了es单实例的安装以及es-head的安装,本小节我们来介绍如何在单机情况下安装伪分布式的es服务。首先配置之前已安装好的es服务的配置文件,如下:

[root@localhost ~]# cd /usr/local/elasticsearch-5.5.2/config/
[root@localhost /usr/local/elasticsearch-5.5.2/config]# vim elasticsearch.yml   # 在文件末尾加入如下内容
cluster.name: es
node.name: master
node.master: true
[root@localhost /usr/local/elasticsearch-5.5.2/config]# 

参数说明:

  • cluster.name 集群的名称,可自定义
  • node.name 节点的名称,可自定义
  • node.master 是否指定为master角色

新建一个存放slave的目录,拷贝es压缩包到该目录中并解压,然后再拷贝多一份slave,最后还需要更改es_slave目录的所属用户及用户组为elsearch:

[root@localhost ~]# mkdir /usr/local/es_slave
[root@localhost ~]# cp /usr/local/src/elasticsearch-5.5.2.tar.gz /usr/local/es_slave/
[root@localhost ~]# cd /usr/local/es_slave/
[root@localhost /usr/local/es_slave]# tar -zxvf elasticsearch-5.5.2.tar.gz
[root@localhost /usr/local/es_slave]# mv elasticsearch-5.5.2 ./es_slave1
[root@localhost /usr/local/es_slave]# cp -r ./es_slave1/ es_slave2/
[root@localhost /usr/local]# cd ../
[root@localhost /usr/local]# chown -R elsearch:elsearch es_slave/

逐个修改slave的配置文件:

[root@localhost /usr/local/es_slave]# vim es_slave1/config/elasticsearch.yml
cluster.name: es
node.name: slave1

network.host: 127.0.0.1
http.port: 8200

discovery.zen.ping.unicast.hosts: ["127.0.0.1"]
[root@localhost /usr/local/es_slave]# vim es_slave1/config/elasticsearch.yml
cluster.name: es
node.name: slave2

network.host: 127.0.0.1
http.port: 7200

discovery.zen.ping.unicast.hosts: ["127.0.0.1"]
[root@localhost /usr/local]# 

开放端口:

[root@localhost /usr/local/elasticsearch-head-master]# firewall-cmd --zone=public --add-port=8200/tcp --permanent
success
[root@localhost /usr/local/elasticsearch-head-master]# firewall-cmd --zone=public --add-port=7200/tcp --permanent
success
[root@localhost /usr/local/elasticsearch-head-master]# firewall-cmd --reload
success
[root@localhost /usr/local/elasticsearch-head-master]# 

切换到elsearch用户中重启master节点,并启动其他两个slave节点:

[elsearch@localhost elasticsearch-5.5.2]$ ps aux |grep elastic
[elsearch@localhost elasticsearch-5.5.2]$ kill -8 16410
[elsearch@localhost elasticsearch-5.5.2]$ sh bin/elasticsearch -d
[elsearch@localhost elasticsearch-5.5.2]$ cd
[elsearch@localhost root]$ sh /usr/local/es_slave/es_slave1/bin/elasticsearch -d
[elsearch@localhost root]$ sh /usr/local/es_slave/es_slave1/bin/elasticsearch -d

启动es-head:

[root@localhost ~]# cd /usr/local/elasticsearch-head-master/
[root@localhost /usr/local/elasticsearch-head-master]# npm run start

使用浏览器访问如下:
CentOS7 下安装 ElasticSearch 5.x 及填坑