Elasticsearch 单节点

服务器IP	主机角色
192.168.10.10	Elasticsearch Server

Elasticsearch Node01

1. 下载 elasticsearch 安装包

   服务器支持访问互联网

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.19.8-linux-x86_64.tar.gz

   服务器不支持访问互联网

   # elasticsearch 安装包文件下载链接，下载完成后上传到部署服务器
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.19.8-linux-x86_64.tar.gz

2. 下载 elasticsearch-ik 插件包

   服务器支持访问互联网

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.19.8.zip

   服务器不支持访问互联网

   # elasticsearch-ik 插件包文件下载链接，下载完成后上传到部署服务器
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.19.8.zip

3. 解压 elasticsearch 至安装目录

   tar xf elasticsearch-8.19.8-linux-x86_64.tar.gz
   mv elasticsearch-8.19.8 /usr/local/elasticsearch

4. 解压 elasticsearch-ik 插件至安装目录

   mkdir /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik
   unzip elasticsearch-analysis-ik-8.19.8.zip -d /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik/

5. 系统环境参数调整

   echo 'vm.max_map_count=262144' >> /etc/sysctl.d/99-sysctl.conf
   echo 'vm.swappiness=1' >> /etc/sysctl.d/99-sysctl.conf
   echo 'net.ipv4.tcp_retries2=5' >> /etc/sysctl.d/99-sysctl.conf
   sysctl -p
   
   echo "* soft nofile 65536" >> /etc/security/limits.conf
   echo "* hard nofile 65536" >> /etc/security/limits.conf
   ulimit -n 65536

6. 修改 elasticsearch 配置文件

   cat > /usr/local/elasticsearch/config/elasticsearch.yml <<'EOF'
   cluster.name: md-elasticsearch-private
   node.name: elasticsearch-1
   node.roles: [master,data]
   network.host: 0.0.0.0
   http.port: 9200
   transport.port: 9300
   path.data: /data/elasticsearch/data
   path.logs: /data/elasticsearch/logs
   ingest.geoip.downloader.enabled: false
   xpack.security.enabled: true
   xpack.security.http.ssl.enabled: false
   xpack.security.transport.ssl.enabled: false
   cluster.max_shards_per_node: 20000
   discovery.type: single-node
   EOF

7. 修改 elasticsearch jvm 内存限制为4g

   sed -ri "s/##[, ]*(-Xm[s|x])[0-9]g/\14g/g" /usr/local/elasticsearch/config/jvm.options

8. 创建数据目录

   mkdir -p /data/elasticsearch/{data,logs}

9. 创建 elasticsearch 用户并授权目录权限

   useradd -M -s /sbin/nologin elasticsearch
   chown -R elasticsearch:elasticsearch /data/elasticsearch /usr/local/elasticsearch

10. 配置 systemd 管理

    cat > /etc/systemd/system/elasticsearch.service <<'EOF'
    [Unit]
    Description=Elasticsearch
    [Service]
    User=elasticsearch
    Group=elasticsearch
    LimitNOFILE=102400
    ExecStart=/usr/local/elasticsearch/bin/elasticsearch
    ExecStop=/usr/bin/kill  $MAINPID
    Restart=on-failure
    [Install]
    WantedBy=multi-user.target
    EOF

11. 启动 elasticsearch 服务并加入开机自启动

    systemctl start elasticsearch
    systemctl enable elasticsearch

12. 配置认证

    /usr/local/elasticsearch/bin/elasticsearch-reset-password -u elastic -i
    
    # 密码 123456 输入后终端不会显示，正常黏贴或敲入即可
    # 实际正式部署时必须修改为强口令，若密码中包含特殊字符，仅允许 `-` 或 `_`，禁止使用 `@ ! # &` 等字符，以避免兼容性问题
    
    # 若使用非交互式方式重置密码，请确保 Elasticsearch 服务已启动：
    ss -lnt | grep 9200
    
    elastic_pwd=123456
    echo -e "y\n${elastic_pwd}\n${elastic_pwd}" | /usr/local/elasticsearch/bin/elasticsearch-reset-password -u elastic -i

状态检查

查看服务状态

systemctl status elasticsearch

查看 Elasticsearch 节点状态

curl -u elastic:123456 127.0.0.1:9200/_cat/health?v

查看节点已安装的插件

curl -u elastic:123456 127.0.0.1:9200/_cat/plugins