Elasticsearch Cluster

Server IP	Host Role
192.168.10.10	Elasticsearch Node01
192.168.10.11	Elasticsearch Node02
192.168.10.12	Elasticsearch Node03

Elasticsearch Node01

1. Download elasticsearch installation package

   Server Supports Internet Access

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.18.1-linux-x86_64.tar.gz

   Server Does Not Support Internet Access

   # Link to download elasticsearch installation package, upload to deployment server after download
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.18.1-linux-x86_64.tar.gz

2. Download elasticsearch-ik plugin package

   Server Supports Internet Access

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.18.1.zip

   Server Does Not Support Internet Access

   # Link to download elasticsearch-ik plugin package, upload to deployment server after download
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.18.1.zip

3. Extract elasticsearch to installation directory

   tar xf elasticsearch-8.18.1-linux-x86_64.tar.gz
   mv elasticsearch-8.18.1 /usr/local/elasticsearch

4. Extract elasticsearch-ik plugin to installation directory

   mkdir /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik
   unzip elasticsearch-analysis-ik-8.18.1.zip -d /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik/

5. Adjust system environment parameters

   echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
   echo 'vm.swappiness=1' >> /etc/sysctl.conf
   echo 'net.ipv4.tcp_retries2=5' >> /etc/sysctl.conf
   sysctl -p
   
   echo "* soft nofile 65536" >> /etc/security/limits.conf
   echo "* hard nofile 65536" >> /etc/security/limits.conf
   ulimit -n 65536

6. Modify elasticsearch configuration file

   cat > /usr/local/elasticsearch/config/elasticsearch.yml <<EOF
   cluster.name: md-elasticsearch-private
   node.name: elasticsearch-1
   node.roles:
   - master
   - data
   network.host: 0.0.0.0
   network.publish_host: 192.168.10.10
   http.port: 9200
   transport.port: 9300
   path.data: /data/elasticsearch/data
   path.logs: /data/elasticsearch/logs
   discovery.seed_hosts:
   - 192.168.10.10:9300
   - 192.168.10.11:9300
   - 192.168.10.12:9300
   cluster.initial_master_nodes:
   - elasticsearch-1
   - elasticsearch-2
   - elasticsearch-3
   xpack.security.enabled: true
   xpack.security.http.ssl.enabled: false
   xpack.security.transport.ssl.enabled: true
   xpack.security.transport.ssl.verification_mode: certificate 
   xpack.security.transport.ssl.keystore.path: cert/elastic-node-certificate.p12
   xpack.security.transport.ssl.truststore.path: cert/elastic-node-certificate.p12
   ingest.geoip.downloader.enabled: false
   cluster.max_shards_per_node: 20000
   EOF

   • Note that each node has a different node.name
   • The value of network.publish_host is the local IP
   • The values in discovery.seed_hosts should be replaced with the actual IPs of the elasticsearch nodes during deployment

7. Modify elasticsearch jvm memory limit to 4g

   sed -ri "s/##[, ]*(-Xm[s|x])[0-9]g/\14g/g" /usr/local/elasticsearch/config/jvm.options

8. Create data directories

   mkdir -p /data/elasticsearch/{data,logs}
   mkdir /usr/local/elasticsearch/config/cert

9. Generate certificate files

   /usr/local/elasticsearch/bin/elasticsearch-certutil ca --out /usr/local/elasticsearch/config/cert/elastic-ca.p12 --days 36500 --pass ""
   
   /usr/local/elasticsearch/bin/elasticsearch-certutil cert --ca /usr/local/elasticsearch/config/cert/elastic-ca.p12 --ca-pass "" --out /usr/local/elasticsearch/config/cert/elastic-node-certificate.p12 --days 36500 --pass ""

   • The certificate file /usr/local/elasticsearch/config/cert/elastic-node-certificate.p12 generated here will need to be copied to the other two nodes later

10. Create elasticsearch user and authorize directory permissions

    useradd -M -s /sbin/nologin elasticsearch
    chown -R elasticsearch:elasticsearch /data/elasticsearch /usr/local/elasticsearch

11. Configure systemd management

    cat > /etc/systemd/system/elasticsearch.service <<EOF
    [Unit]
    Description=Elasticsearch
    [Service]
    User=elasticsearch
    Group=elasticsearch
    LimitNOFILE=102400
    ExecStart=/usr/local/elasticsearch/bin/elasticsearch
    ExecStop=/usr/bin/kill  \$MAINPID
    Restart=on-failure
    [Install]
    WantedBy=multi-user.target
    EOF

12. Start elasticsearch service and enable boot startup

    systemctl start elasticsearch
    systemctl enable elasticsearch

Elasticsearch Node02

1. Download elasticsearch installation package

   Server Supports Internet Access

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.18.1-linux-x86_64.tar.gz

   Server Does Not Support Internet Access

   # Link to download elasticsearch installation package, upload to deployment server after download
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.18.1-linux-x86_64.tar.gz

2. Download elasticsearch-ik plugin package

   Server Supports Internet Access

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.18.1.zip

   Server Does Not Support Internet Access

   # Link to download elasticsearch-ik plugin package, upload to deployment server after download
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.18.1.zip

3. Extract elasticsearch to installation directory

   tar xf elasticsearch-8.18.1-linux-x86_64.tar.gz
   mv elasticsearch-8.18.1 /usr/local/elasticsearch

4. Extract elasticsearch-ik plugin to installation directory

   mkdir /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik
   unzip elasticsearch-analysis-ik-8.18.1.zip -d /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik/
   sed -i 's/8.18.1/8.18.1/g' /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik/plugin-descriptor.properties

5. Adjust system environment parameters

   echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
   echo 'vm.swappiness=1' >> /etc/sysctl.conf
   echo 'net.ipv4.tcp_retries2=5' >> /etc/sysctl.conf
   sysctl -p
   
   echo "* soft nofile 65536" >> /etc/security/limits.conf
   echo "* hard nofile 65536" >> /etc/security/limits.conf
   ulimit -n 65536

6. Modify elasticsearch configuration file

   cat > /usr/local/elasticsearch/config/elasticsearch.yml <<EOF
   cluster.name: md-elasticsearch-private
   node.name: elasticsearch-2
   node.roles:
   - master
   - data
   network.host: 0.0.0.0
   network.publish_host: 192.168.10.11
   http.port: 9200
   transport.port: 9300
   path.data: /data/elasticsearch/data
   path.logs: /data/elasticsearch/logs
   discovery.seed_hosts:
   - 192.168.10.10:9300
   - 192.168.10.11:9300
   - 192.168.10.12:9300
   cluster.initial_master_nodes:
   - elasticsearch-1
   - elasticsearch-2
   - elasticsearch-3
   xpack.security.enabled: true
   xpack.security.http.ssl.enabled: false
   xpack.security.transport.ssl.enabled: true
   xpack.security.transport.ssl.verification_mode: certificate 
   xpack.security.transport.ssl.keystore.path: cert/elastic-node-certificate.p12
   xpack.security.transport.ssl.truststore.path: cert/elastic-node-certificate.p12
   ingest.geoip.downloader.enabled: false
   cluster.max_shards_per_node: 20000
   EOF

   • Note that each node has a different node.name
   • The value of network.publish_host is the local IP
   • The values in discovery.seed_hosts should be replaced with the actual IPs of the elasticsearch nodes during deployment

7. Modify elasticsearch jvm memory limit to 4g

   sed -ri "s/##[, ]*(-Xm[s|x])[0-9]g/\14g/g" /usr/local/elasticsearch/config/jvm.options

8. Create data directories

   mkdir -p /data/elasticsearch/{data,logs}
   mkdir /usr/local/elasticsearch/config/cert

9. Copy certificate files

   Copy the certificate file /usr/local/elasticsearch/config/cert/elastic-node-certificate.p12 generated by Elasticsearch Node01 to this node under /usr/local/elasticsearch/config/cert/

10. Create elasticsearch user and authorize directory permissions

    useradd -M -s /sbin/nologin elasticsearch
    chown -R elasticsearch:elasticsearch /data/elasticsearch /usr/local/elasticsearch

11. Configure systemd management

    cat > /etc/systemd/system/elasticsearch.service <<EOF
    [Unit]
    Description=Elasticsearch
    [Service]
    User=elasticsearch
    Group=elasticsearch
    LimitNOFILE=102400
    ExecStart=/usr/local/elasticsearch/bin/elasticsearch
    ExecStop=/usr/bin/kill  \$MAINPID
    Restart=on-failure
    [Install]
    WantedBy=multi-user.target
    EOF

12. Start elasticsearch service and enable boot startup

    systemctl start elasticsearch
    systemctl enable elasticsearch

Elasticsearch Node03

1. Download elasticsearch installation package

   Server Supports Internet Access

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.18.1-linux-x86_64.tar.gz

   Server Does Not Support Internet Access

   # Link to download elasticsearch installation package, upload to deployment server after download
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-8.18.1-linux-x86_64.tar.gz

2. Download elasticsearch-ik plugin package

   Server Supports Internet Access

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.18.1.zip

   Server Does Not Support Internet Access

   # Link to download elasticsearch-ik plugin package, upload to deployment server after download
   https://pdpublic.mingdao.com/private-deployment/offline/common/elasticsearch-analysis-ik-8.18.1.zip

3. Extract elasticsearch to installation directory

   tar xf elasticsearch-8.18.1-linux-x86_64.tar.gz
   mv elasticsearch-8.18.1 /usr/local/elasticsearch

4. Extract elasticsearch-ik plugin to installation directory

   mkdir /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik
   unzip elasticsearch-analysis-ik-8.18.1.zip -d /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik/
   sed -i 's/8.18.1/8.18.1/g' /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik/plugin-descriptor.properties

5. Adjust system environment parameters

   echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
   echo 'vm.swappiness=1' >> /etc/sysctl.conf
   echo 'net.ipv4.tcp_retries2=5' >> /etc/sysctl.conf
   sysctl -p
   
   echo "* soft nofile 65536" >> /etc/security/limits.conf
   echo "* hard nofile 65536" >> /etc/security/limits.conf
   ulimit -n 65536

6. Modify elasticsearch configuration file

   cat > /usr/local/elasticsearch/config/elasticsearch.yml <<EOF
   cluster.name: md-elasticsearch-private
   node.name: elasticsearch-3
   node.roles:
   - master
   - data
   network.host: 0.0.0.0
   network.publish_host: 192.168.10.13
   http.port: 9200
   transport.port: 9300
   path.data: /data/elasticsearch/data
   path.logs: /data/elasticsearch/logs
   discovery.seed_hosts:
   - 192.168.10.10:9300
   - 192.168.10.11:9300
   - 192.168.10.12:9300
   cluster.initial_master_nodes:
   - elasticsearch-1
   - elasticsearch-2
   - elasticsearch-3
   xpack.security.enabled: true
   xpack.security.http.ssl.enabled: false
   xpack.security.transport.ssl.enabled: true
   xpack.security.transport.ssl.verification_mode: certificate 
   xpack.security.transport.ssl.keystore.path: cert/elastic-node-certificate.p12
   xpack.security.transport.ssl.truststore.path: cert/elastic-node-certificate.p12
   ingest.geoip.downloader.enabled: false
   cluster.max_shards_per_node: 20000
   EOF

   • Note that each node has a different node.name
   • The value of network.publish_host is the local IP
   • The values in discovery.seed_hosts should be replaced with the actual IPs of the elasticsearch nodes during deployment

7. Modify elasticsearch jvm memory limit to 4g

   sed -ri "s/##[, ]*(-Xm[s|x])[0-9]g/\14g/g" /usr/local/elasticsearch/config/jvm.options

8. Create data directories

   mkdir -p /data/elasticsearch/{data,logs}
   mkdir /usr/local/elasticsearch/config/cert

9. Copy certificate files

   Copy the certificate file /usr/local/elasticsearch/config/cert/elastic-node-certificate.p12 generated by Elasticsearch Node01 to this node under /usr/local/elasticsearch/config/cert/

10. Create elasticsearch user and authorize directory permissions

    useradd -M -s /sbin/nologin elasticsearch
    chown -R elasticsearch:elasticsearch /data/elasticsearch /usr/local/elasticsearch

11. Configure systemd management

    cat > /etc/systemd/system/elasticsearch.service <<EOF
    [Unit]
    Description=Elasticsearch
    [Service]
    User=elasticsearch
    Group=elasticsearch
    LimitNOFILE=102400
    ExecStart=/usr/local/elasticsearch/bin/elasticsearch
    ExecStop=/usr/bin/kill  \$MAINPID
    Restart=on-failure
    [Install]
    WantedBy=multi-user.target
    EOF

12. Start elasticsearch service and enable boot startup

    systemctl start elasticsearch
    systemctl enable elasticsearch

Configure Authentication

Operate on any Elasticsearch node

/usr/local/elasticsearch/bin/elasticsearch-reset-password -u elastic -i

# Password 123456 will not be displayed while typing, just paste or type normally

# Or configure non-interactively, make sure the service is running first
ss -lnt|grep 9200

elastic_pwd=123456
echo -e 'y\n'$elastic_pwd'\n'$elastic_pwd'' | /usr/local/elasticsearch/bin/elasticsearch-reset-password -u elastic -i

Cluster Verification

Check cluster status

curl -u elastic:123456 127.0.0.1:9200/_cat/health?v

Check node roles

curl -u elastic:123456 127.0.0.1:9200/_cat/nodes

Check installed plugins on nodes

curl -u elastic:123456 127.0.0.1:9200/_cat/plugins