一、配置准备

节点类型	CPU	内存	硬盘	网络	机器数	操作系统
data节点	16C	64G	2000G本地 SSD	所有es同一可用区	3(ecs)	Centos7
master节点	2C	8G	200G云SSD	所有es同一可用区	3(ecs)	Centos7

备注：

磁盘挂载 XFS 格式,noatime操作系统选择 Centos7数据量超过 TB 思考 master 节点和 data 节点独立

slb 1个，按量高配，tcp协议绑定3台data节点的9200服务端口申请slb对应的DNS解释，

二、部署前准备

1. 防火墙

修改/etc/sysconfig/iptables文件，开通以下端口，并执行service iptables reload

# es
-A INPUT -i eth0 -p tcp --dport 9200 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 9300 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 5601 -j ACCEPT
# 监控
-A INPUT -i eth0 -p tcp --dport 9100 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 9108 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 9308 -j ACCEPT

2. 系统参数调整

在/etc/security/limits.conf文件中增加以下配置：

* soft nofile 65536

* hard nofile 131072

elastic soft memlock unlimited

elastic hard memlock unlimited

elastic hard nproc 4096

elastic soft nproc 4096

3. 内核参数调优

在/etc/sysctl.conf文件增加以下内容，并执行sysctl -p

vm.max_map_count=262144

vm.swappiness=0

4. 安装 jdk(安装 1.8 版本的 openjdk)

yum -y install java-1.8.0-openjdk*

5. 创建用户

useradd -s /sbin/nologin elastic-u 5555

三、ES安装

1.下载安装

下载地址： wget

https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.4.tar.gz

tar -xzf elasticsearch-6.2.4.tar.gz

mv elasticsearch-6.2.4 /usr/local/

mkdir -p /home/data/es/data /home/data/es/log /home/data/backup/es

cd /usr/local/ elasticsearch-6.2.4

2.开启ssl

bin/x-pack/certutil ca

mkdir config/certs

密码： 自定义

mv elastic-stack-ca.p12 config/certs/

生成 elasticsearch.keystore, 密码是前面 ca 设的密码

bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password

bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

chown -R elastic:elastic config/

3.配置ES

需要修改： cluster.name , node.name ,network.host,

discovery.zen.ping.unicast.hosts

# ------------------------------------ Cluster ------------------------------------
# 集群名字，公司内唯一 
cluster.name: es_test
# ------------------------------------ Node ------------------------------------
# 主机名字，集群内唯一
node.name: es_test-1
# data节点，只存储数据。如果是master节点则2项值相反。
node.master: false
node.data: true
#node.attr.rack: r1
# ----------------------------------- Paths ------------------------------------
path.data: /home/data/es/data
path.logs: /home/data/es/log
# 备份目录
path.repo: /home/data/backup/es
# ----------------------------------- Memory -----------------------------------
#bootstrap.memory_lock: true
# ---------------------------------- Network -----------------------------------
# 本机IP
network.host: 192.168.191.10
http.port: 9200
# --------------------------------- Discovery ----------------------------------
# 所有master的IP
discovery.zen.ping.unicast.hosts: ["192.168.191.10", "host2"]
#discovery.zen.minimum_master_nodes:
# ---------------------------------- Gateway -----------------------------------
#gateway.recover_after_nodes: 3
# ---------------------------------- Various -----------------------------------
#action.destructive_requires_name: true
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-stack-ca.p12
transport.tcp.compress: true
transport.tcp.connect_timeout: 30s
transport.ping_schedule: 30s
discovery.zen.ping_timeout: 15s
discovery.zen.fd.ping_timeout: 30s
discovery.zen.fd.ping_retries: 6
discovery.zen.fd.ping_interval: 5s

4.x-pack安装

bin/elasticsearch-plugin install x-pack

chown -R elastic:elastic /usr/local/elasticsearch-6.2.4/ /home/data/es

5. 修改 JVM

1、data节点

vi jvm.options
将-Xms设为物理内存的一半大小,不要超过32G
-Xms30g
-Xmx30g

2、master节点

vi jvm.options
将-Xms设为物理内存的一半大小
-Xms4g
-Xmx4g

6. 安装 sql 插件

./bin/elasticsearch-plugin install https://github.com/NLPchina/elasticsearch-sql/releases/download/6.2.4.0/elasticsearch-sql-6.2.4.0.zip

7.安装ik插件

./bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v6.2.4/elasticsearch-analysis-ik-6.2.4.zip

8. 启动 es

chown -R elastic:elastic /usr/local/elasticsearch-6.2.4/

chown -R elastic:elastic /home/data/es/home/data/backup/es

su -s /bin/bash elastic -c ‘/usr/local/elasticsearch-6.2.4/bin/elasticsearch -d’

9. 设置用户密码（注意：设置了密码需要重启服务）

bin/x-pack/setup-passwords interactive

elastic:

kibana:

logstash_system: