elasticsearch添加分词和认证
- 2022-09-21 16:43:00
- admin 原创
- 447
安装elasticsearch
cd /usr/local
tar zxvf elasticsearch-7.14.1-linux-x86_64.tar.gz
cd /usr/local/elasticsearch-7.14.1
一、资源设置
vi /etc/security/limits.conf
资源限制设置
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096
重启
ulimit -S -n
二、虚拟内存设置
vi /etc/sysctl.conf
虚拟内存设置
vm.max_map_count=655360
重启
sysctl -p
三、添加用户
groupadd es
useradd es -g es
passwd es
chown -R es:es elasticsearch-7.14.1/
配置文件confg/elasticsearch.yml
# ======================== Elasticsearch Configuration ========================= # # NOTE: Elasticsearch comes with reasonable defaults for most settings. # Before you set out to tweak and tune the configuration, make sure you # understand what are you trying to accomplish and the consequences. # # The primary way of configuring a node is via this file. This template lists # the most important settings you may want to configure for a production cluster. # # Please consult the documentation for further information on configuration options: # https://www.elastic.co/guide/en/elasticsearch/reference/index.html # # ---------------------------------- Cluster ----------------------------------- # # Use a descriptive name for your cluster: # cluster.name: my-application # # ------------------------------------ Node ------------------------------------ # # Use a descriptive name for the node: # node.name: node-3 # node为主节点 node.master: true # node为存储数据的节点 node.data: true # # Add custom attributes to the node: # #node.attr.rack: r1 # # ----------------------------------- Paths ------------------------------------ # # Path to directory where to store the data (separate multiple locations by comma): # path.data: /usr/local/elasticsearch-7.14.1/data # # Path to log files: # path.logs: /usr/local/elasticsearch-7.14.1/logs # # ----------------------------------- Memory ----------------------------------- # # Lock the memory on startup: # #bootstrap.memory_lock: true # # Make sure that the heap size is set to about half the memory available # on the system and that the owner of the process is allowed to use this # limit. # # Elasticsearch performs poorly when the system is swapping the memory. # # ---------------------------------- Network ----------------------------------- # # By default Elasticsearch is only accessible on localhost. Set a different # address here to expose this node on the network: # network.host: 0.0.0.0 # # By default Elasticsearch listens for HTTP traffic on the first free port it # finds starting at 9200. Set a specific HTTP port here: # http.port: 9200 transport.port: 9300 # # For more information, consult the network module documentation. # # --------------------------------- Discovery ---------------------------------- # # Pass an initial list of hosts to perform discovery when this node is started: # The default list of hosts is ["127.0.0.1", "[::1]"] # cluster.initial_master_nodes: ["node-1", "node-2"] # # Bootstrap the cluster using an initial set of master-eligible nodes: # discovery.seed_hosts: ["10.18.224.116:9300", "10.18.224.72","10.18.118.72"] transport.tcp.compress: true # # For more information, consult the discovery and cluster formation module documentation. # # ---------------------------------- Various ----------------------------------- # # Require explicit names when deleting indices: # #action.destructive_requires_name: true
五、启动
su es
/usr/local/elasticsearch-7.14.1/bin/elasticsearch -d
日志查看
tail -f /usr/local/elasticsearch-7.14.1/logs/my-application.log
一、添加ik分词器
bin/elasticsearch-plugin install 'file:elasticsearch-analysis-ik-7.14.1.zip'
二、elasticsearch认证
一、生成证书在主节点 ./bin/elasticsearch-certutil ca 碰到第一个直接回车,不用管 碰到第二个输入密码,例如123456 二、生成秘钥 ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 输入;第一的密码,路径输入空 mkdir config/certificates # 移动凭证至指定目录下 mv elastic-certificates.p12 config/certificates/ 三、将就是把elastic-certificates.p12这个文件移动到每一个es安装目录的相同路径下 四、授予权限(各个节点) # 赋值权限,不然会出问题 chown -R es:es /usr/local/elasticsearch-7.14.1/ 五、配置文件修改(各个节点) # 跨域 http.cors.enabled: true http.cors.allow-origin: "*" http.cors.allow-headers: Authorization,X-Requested-With,Content-Type,Content-Length xpack.security.enabled: true xpack.security.authc.accept_default_password: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-7.14.1/config/certificates/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-7.14.1/config/certificates/elastic-certificates.p12 六、各个节点上添加密码(各个节点) ./bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password ./bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password 七、启动各个节点 su es ./bin/elasticsearch -d 八、设置密码(在主节点执行一下就可以了) ./bin/elasticsearch-setup-passwords interactive
发表评论
文章分类
联系方式
| 联系人: | 郑州-小万 |
|---|---|
| 电话: | 13803993919 |
| Email: | 1027060531@qq.com |
| QQ: | 1027060531 |
| 网址: | www.wanhejia.com |
Update Required
To play the media you will need to either update your browser to a recent version or update your Flash plugin.