1.先决条件
使用三台服务器 centos7
ip:hosts | 192.168.75.101 | elk101 |
192.168.75.102 | elk102 | |
192.168.75.103 | elk103 |
这里使用的是elasticsearch7.17版本
三台机器全部关闭防火墙
systemctl disable --now firewalld && systemctl is-enabled firewalld
systemctl status firewalld
关闭三台服务器的selinux
sed -ri 's#(SELINUX=)enforcing#\1disabled#' /etc/selinux/config
grep ^SELINUX= /etc/selinux/config
setenforce 0
getenforce
修改三台服务器本地hosts解析(三台服务器全都进行修改.)
vim /etc/hosts
192.168.75.101 elk101
192.168.75.102 elk102
192.168.75.103 elk103
elk01生成密钥,并对三台机器都做免密认证登录操作
#elk01生成密钥对
[root@elk101 ~[]# ssh-keygen
#对其余机器做免密认证登录,输入yes,+对应用户的密码即可.
for ((host_id=101;host_id<=103;host_id++));do ssh-copy-id elk${host_id} ;done
测试免密认证是否成功
[root@elk101 ~[]# ssh elk102
The authenticity of host 'elk102 (192.168.75.102)' can't be established.
ECDSA key fingerprint is SHA256:mZAHYig8+sGB9l2lRNZNVk2cJcO2J5Icp21vg5TkUF0.
ECDSA key fingerprint is MD5:54:27:7f:63:28:bd:96:fb:75:cf:fb:ed:59:e6:70:0f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'elk102' (ECDSA) to the list of known hosts.
Last login: Wed Mar 6 14:41:56 2024 from 192.168.75.1
[root@elk102 ~[]# hostnlogout
Connection to elk102 closed.
[root@elk101 ~[]# ssh elk101
The authenticity of host 'elk101 (192.168.75.101)' can't be established.
ECDSA key fingerprint is SHA256:mZAHYig8+sGB9l2lRNZNVk2cJcO2J5Icp21vg5TkUF0.
ECDSA key fingerprint is MD5:54:27:7f:63:28:bd:96:fb:75:cf:fb:ed:59:e6:70:0f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'elk101' (ECDSA) to the list of known hosts.
Last login: Wed Mar 6 14:41:52 2024 from 192.168.75.1
[root@elk101 ~[]# logout
Connection to elk101 closed.
[root@elk101 ~[]# ssh elk103
The authenticity of host 'elk103 (192.168.75.103)' can't be established.
ECDSA key fingerprint is SHA256:mZAHYig8+sGB9l2lRNZNVk2cJcO2J5Icp21vg5TkUF0.
ECDSA key fingerprint is MD5:54:27:7f:63:28:bd:96:fb:75:cf:fb:ed:59:e6:70:0f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'elk103' (ECDSA) to the list of known hosts.
Last login: Wed Mar 6 14:41:59 2024 from 192.168.75.1
设置服务器之间的时间同步
(1)安装常⽤的Linux⼯具,您可以⾃定义哈。
yum -y install vim net-tools
(2)安装chrony服务
yum -y install ntpdate chrony
(3)修改chrony服务配置⽂件
vim /etc/chrony.conf
...
# 注释官⽅的时间服务器,换成国内的时间服务器即可
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
server ntp3.aliyun.com iburst
server ntp4.aliyun.com iburst
server ntp5.aliyun.com iburst
...
(4)配置chronyd的开机⾃启动
systemctl enable --now chronyd
systemctl restart chronyd
(5)查看服务
systemctl status chronyd
使用rpm包进行部署参考地址:
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/rpm.html
三台服务器都下载相同的安装包下载rpm包
#下载elasticseerch的rpm包
wget -c https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.18-x86_64.rpm
#下载校验文件
wget -c https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.18-x86_64.rpm.sha512
#校验rpm包是否安全
shasum -a 512 -c elasticsearch-7.17.18-x86_64.rpm.sha512
三台机器都做,清空临时数据目录,保证环境清洁.
#安装之前将数据目录和临时目录清空,以防止有残留数据影响启动
pkill java
rm -rf /var/{lib,log}/elasticsearch/* /tmp/*
ll /var/{lib,log}/elasticsearch/ /tmp/
#安装elasticsearch
rpm --install elasticsearch-7.17.18-x86_64.rpm
修改配置文件
#elk1机器
[root@elk101 ~[]# vim /etc/elasticsearch/elasticsearch.yml
#指定集群名称
cluster.name: oldboyedu-elk
#当前节点名称
node.name: elk101
#数据目录
path.data: /var/lib/elasticsearch
#日志目录
path.logs: /var/log/elasticsearch
#网络可见地址
network.host: 0.0.0.0
#集群节点主机名称
discovery.seed_hosts: ["elk101","elk102","elk103"]
#集群节点master主机
cluster.initial_master_nodes: ["elk101","elk102","elk103"]
#elk2
[root@elk102 ~[]# vim /etc/elasticsearch/elasticsearch.yml
cluster.name: oldboyedu-elk
node.name: elk102
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
discovery.seed_hosts: ["elk101","elk102","elk103"]
cluster.initial_master_nodes: ["elk101","elk102","elk103"]
#elk3
[root@elk103 ~[]# vim /etc/elasticsearch/elasticsearch.yml
cluster.name: oldboyedu-elk
node.name: elk103
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
discovery.seed_hosts: ["elk101","elk102","elk103"]
cluster.initial_master_nodes: ["elk101","elk102","elk103"]
启动集群
#(1)所有节点启动服务
systemctl start elasticsearch
#(2)启动过程中建议查看⽇志查看是否有错误项
tail -100f /var/log/elasticsearch/oldboyedu-elk.log
#查看集群是否正常
[root@elk101 ~[]# curl elk103:9200/_cat/nodes?v
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
192.168.75.101 9 97 49 0.96 0.25 0.12 cdfhilmrstw - elk101
192.168.75.102 17 95 52 0.54 0.15 0.09 cdfhilmrstw * elk102
192.168.75.103 7 95 44 0.91 0.24 0.12 cdfhilmrstw - elk103