ElasticSearch教程FG002-ElasticSearch安装与生产初始化配置实战
本文档风哥主要介绍ElasticSearch数据库的安装与生产初始化配置,包括ElasticSearch的安装类型、系统要求、安装流程、目录结构规划、网络配置、服务管理、安全配置等内容,风哥教程参考ElasticSearch官方文档Installation Guides、Configuring Elasticsearch等内容编写,适合DBA人员和开发人员在学习和测试中使用,如果要应用于生产环境则需要自行确认。
Part01-基础概念与理论知识
1.1 ElasticSearch安装类型
ElasticSearch支持多种安装方式,包括:
- RPM包安装:适用于Red Hat、CentOS等Linux发行版
- Deb包安装:适用于Debian、Ubuntu等Linux发行版
- 归档包安装:适用于所有Linux、macOS和Windows系统
- Docker容器安装:适用于容器化环境
- 云服务:如Elastic Cloud、AWS Elasticsearch Service等
1.2 系统要求与依赖
ElasticSearch的系统要求:
## 操作系统
– Linux:Red Hat 7.x/8.x/9.x, CentOS 7.x/8.x/9.x, Oracle Linux 7.x/8.x/9.x
– Windows:Windows Server 2016/2019/2022
– macOS:macOS 10.15+ (Catalina+)
## Java
– ElasticSearch 7.x:Java 8或11
– ElasticSearch 8.x:内置JDK,无需单独安装
## 内存
– 最低:8GB RAM
– 推荐:16GB-64GB RAM
## 磁盘
– 推荐:SSD
– 最小可用空间:50GB
## 网络
– 端口:9200(API),9300(节点间通信)
– 网络协议:TCP/IP
1.3 安装流程概述
ElasticSearch的安装流程:
- 准备系统环境
- 安装Java(如果使用7.x版本)
- 下载并安装ElasticSearch
- 配置ElasticSearch
- 启动ElasticSearch服务
- 验证安装
- 配置安全设置
Part02-生产环境规划与建议
2.1 安装前检查
安装前的系统检查:
## 1. 检查系统信息
$ uname -a
Linux fgedu.net.cn 5.14.0-362.8.1.el9_3.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Oct 13 17:40:42 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
## 2. 检查内存
$ free -h
total used free shared buff/cache available
Mem: 32G 2.1G 28G 128M 1.8G 29G
Swap: 4G 0B 4G
## 3. 检查磁盘空间
$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 50G 10G 38G 21% /
/dev/sdb1 200G 10G 180G 6% /es
## 4. 检查Java版本(仅7.x版本需要)
$ java -version
openjdk version “11.0.16” 2022-07-19
OpenJDK Runtime Environment (build 11.0.16+8-post-RHEL-0.el8_6)
OpenJDK 64-Bit Server VM (build 11.0.16+8-post-RHEL-0.el8_6, mixed mode, sharing)
## 5. 检查网络端口
$ netstat -tuln | grep 9200
$ netstat -tuln | grep 9300
2.2 目录结构规划
ElasticSearch的目录结构规划:
## 1. 安装目录
– 建议路径:/es/app/elasticsearch
– 原因:单独分区,便于管理和扩展
## 2. 数据目录
– 建议路径:/es/fgdata
– 原因:单独分区,提高I/O性能
## 3. 日志目录
– 建议路径:/es/app/elasticsearch/logs
– 原因:便于日志管理和监控
## 4. 配置目录
– 建议路径:/es/app/elasticsearch/config
– 原因:集中管理配置文件
## 5. 备份目录
– 建议路径:/es/backup
– 原因:存储快照备份
2.3 网络配置建议
网络配置建议:
- 网络隔离:将ElasticSearch集群部署在专用网络段
- 防火墙设置:开放9200和9300端口,限制外部访问
- 网络参数:调整TCP参数,优化网络性能
- 主机名解析:确保所有节点可以通过主机名相互访问
Part03-生产环境项目实施方案
3.1 RPM包安装实战
使用RPM包安装ElasticSearch:
## 1. 导入Elasticsearch GPG密钥
$ rpm –import https://artifacts.elastic.co/GPG-KEY-elasticsearch
## 2. 创建yum仓库文件
$ cat > /etc/yum.repos.d/elasticsearch.repo << EOF
[elasticsearch-8.x]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
EOF
## 3. 安装Elasticsearch
$ yum install -y elasticsearch
## 4. 查看安装结果
$ rpm -qa | grep elasticsearch
elasticsearch-8.7.0-1.x86_64
## 5. 启动并启用服务
$ systemctl daemon-reload
$ systemctl enable elasticsearch
$ systemctl start elasticsearch
## 6. 检查服务状态
$ systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2026-04-07 10:00:00 CST; 1min ago
Docs: https://www.elastic.co
Main PID: 12345 (java)
Tasks: 68
Memory: 2.1G
CGroup: /system.slice/elasticsearch.service
└─12345 /usr/share/elasticsearch/jdk/bin/java -Xms1g -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200...
3.2 归档包安装实战
使用归档包安装ElasticSearch:
## 1. 创建用户和组
$ groupadd elasticsearch
$ useradd -g elasticsearch elasticsearch
## 2. 创建目录结构
$ mkdir -p /es/app /es/fgdata /es/backup
$ chown -R elasticsearch:elasticsearch /es/
## 3. 下载并解压Elasticsearch
$ cd /es/app
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.7.0-linux-x86_64.tar.gz
$ tar -xzf elasticsearch-8.7.0-linux-x86_64.tar.gz
$ ln -s elasticsearch-8.7.0 elasticsearch
$ chown -R elasticsearch:elasticsearch /es/app/
## 4. 配置Elasticsearch
$ vi /es/app/elasticsearch/config/elasticsearch.yml
# 添加以下配置
cluster.name: fgedu-cluster
node.name: node-1
path.data: /es/fgdata
path.logs: /es/app/elasticsearch/logs
network.host: 192.168.1.10
http.port: 9200
discovery.seed_hosts: [“192.168.1.10”, “192.168.1.11”, “192.168.1.12”]
cluster.initial_master_nodes: [“node-1”, “node-2”, “node-3”]
## 5. 创建systemd服务文件
$ cat > /etc/systemd/system/elasticsearch.service << EOF
[Unit]
Description=Elasticsearch
Documentation=https://www.elastic.co
After=network.target
[Service]
Type=simple
User=elasticsearch
ExecStart=/es/app/elasticsearch/bin/elasticsearch
Restart=on-failure
LimitNOFILE=65536
LimitMEMLOCK=infinity
[Install]
WantedBy=multi-user.target
EOF
## 6. 启动并启用服务
$ systemctl daemon-reload
$ systemctl enable elasticsearch
$ systemctl start elasticsearch
## 7. 检查服务状态
$ systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
Loaded: loaded (/etc/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2026-04-07 10:10:00 CST; 1min ago
Main PID: 67890 (java)
Tasks: 68
Memory: 2.1G
CGroup: /system.slice/elasticsearch.service
└─67890 /es/app/elasticsearch/jdk/bin/java -Xms1g -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200...
3.3 初始化配置实战
ElasticSearch初始化配置:
## 1. 配置JVM堆大小
$ vi /es/app/elasticsearch/config/jvm.options
# 修改以下参数
-Xms16g
-Xmx16g
## 2. 配置系统参数
$ vi /etc/sysctl.conf
# 添加以下参数
vm.max_map_count=262144
$ sysctl -p
## 3. 配置文件描述符
$ vi /etc/security/limits.conf
# 添加以下参数
elasticsearch soft nofile 65536
elasticsearch hard nofile 65536
elasticsearch soft memlock unlimited
elasticsearch hard memlock unlimited
## 4. 重启服务
$ systemctl restart elasticsearch
## 5. 检查服务状态
$ systemctl status elasticsearch
● elasticsearch.service – Elasticsearch
Loaded: loaded (/etc/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2026-04-07 10:20:00 CST; 1min ago
Main PID: 98765 (java)
Tasks: 68
Memory: 2.1G
CGroup: /system.slice/elasticsearch.service
└─98765 /es/app/elasticsearch/jdk/bin/java -Xms16g -Xmx16g -XX:+UseG1GC -XX:MaxGCPauseMillis=200…
Part04-生产案例与实战讲解
4.1 服务管理实战
ElasticSearch服务管理:
## 1. 启动服务
$ systemctl start elasticsearch
## 2. 停止服务
$ systemctl stop elasticsearch
## 3. 重启服务
$ systemctl restart elasticsearch
## 4. 查看服务状态
$ systemctl status elasticsearch
## 5. 查看服务日志
$ journalctl -u elasticsearch
## 6. 查看Elasticsearch日志
$ tail -f /es/app/elasticsearch/logs/fgedu-cluster.log
4.2 安全配置实战
ElasticSearch安全配置:
## 1. 生成证书
$ /es/app/elasticsearch/bin/elasticsearch-certutil cert -out /es/app/elasticsearch/config/elastic-certificates.p12 -pass “”
## 2. 配置安全设置
$ vi /es/app/elasticsearch/config/elasticsearch.yml
# 添加以下配置
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
## 3. 重启服务
$ systemctl restart elasticsearch
## 4. 设置内置用户密码
$ /es/app/elasticsearch/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
4.3 验证测试实战
ElasticSearch验证测试:
## 1. 检查集群健康状态
$ curl -u elastic:your_password -X GET “http://192.168.1.10:9200/_cluster/health?pretty”
{
“cluster_name” : “fgedu-cluster”,
“status” : “green”,
“timed_out” : false,
“number_of_nodes” : 1,
“number_of_data_nodes” : 1,
“active_primary_shards” : 0,
“active_shards” : 0,
“relocating_shards” : 0,
“initializing_shards” : 0,
“unassigned_shards” : 0,
“delayed_unassigned_shards” : 0,
“number_of_pending_tasks” : 0,
“number_of_in_flight_fetch” : 0,
“task_max_waiting_in_queue_millis” : 0,
“active_shards_percent_as_number” : 100.0
}
## 2. 创建测试索引
$ curl -u elastic:your_password -X PUT “http://192.168.1.10:9200/fgedu-test”
{
“acknowledged” : true,
“shards_acknowledged” : true,
“index” : “fgedu-test”
}
## 3. 索引测试文档
$ curl -u elastic:your_password -X POST “http://192.168.1.10:9200/fgedu-test/_doc/1” -H “Content-Type: application/json” -d ‘{
“name”: “测试文档”,
“content”: “这是一个测试文档”
}’
{
“_index” : “fgedu-test”,
“_type” : “_doc”,
“_id” : “1”,
“_version” : 1,
“result” : “created”,
“_shards” : {
“total” : 2,
“successful” : 1,
“failed” : 0
},
“_seq_no” : 0,
“_primary_term” : 1
}
## 4. 搜索测试文档
$ curl -u elastic:your_password -X GET “http://192.168.1.10:9200/fgedu-test/_search?pretty”
{
“took” : 1,
“timed_out” : false,
“_shards” : {
“total” : 1,
“successful” : 1,
“skipped” : 0,
“failed” : 0
},
“hits” : {
“total” : {
“value” : 1,
“relation” : “eq”
},
“max_score” : 1.0,
“hits” : [
{
“_index” : “fgedu-test”,
“_type” : “_doc”,
“_id” : “1”,
“_score” : 1.0,
“_source” : {
“name” : “测试文档”,
“content” : “这是一个测试文档”
}
}
]
}
}
Part05-风哥经验总结与分享
5.1 安装最佳实践
ElasticSearch安装最佳实践:
- 使用专用用户:创建elasticsearch用户,避免使用root用户运行
- 合理分配资源:根据服务器配置设置合适的JVM堆大小
- 使用SSD存储:提高I/O性能,尤其是对于索引和搜索操作
- 配置网络隔离:限制ElasticSearch端口的访问范围
- 启用安全功能:设置密码,启用SSL/TLS加密
- 定期备份:配置快照备份,确保数据安全
- 监控集群状态:使用Kibana或其他监控工具监控集群健康状态
5.2 常见问题与解决方案
ElasticSearch安装常见问题与解决方案:
## 1. 内存锁定失败
– 错误信息:memory locking requested for elasticsearch process but memory is not locked
– 解决方案:在/etc/security/limits.conf中设置memlock unlimited
## 2. 最大文件描述符不足
– 错误信息:max file descriptors [4096] for elasticsearch process is too low
– 解决方案:在/etc/security/limits.conf中设置nofile 65536
## 3. 最大虚拟内存区域不足
– 错误信息:max virtual memory areas vm.max_map_count [65530] is too low
– 解决方案:在/etc/sysctl.conf中设置vm.max_map_count=262144
## 4. 端口占用
– 错误信息:bind exception: Address already in use
– 解决方案:检查并停止占用9200或9300端口的进程
## 5. 集群启动失败
– 错误信息:master not discovered yet, this node has not previously joined a bootstrapped cluster
– 解决方案:确保discovery.seed_hosts和cluster.initial_master_nodes配置正确
5.3 安装后检查清单
ElasticSearch安装后检查清单:
## 1. 服务状态
– [ ] 服务是否正常运行
– [ ] 端口是否正常开放
– [ ] 日志是否有错误信息
## 2. 配置验证
– [ ] JVM堆大小是否合理
– [ ] 数据和日志目录权限是否正确
– [ ] 网络配置是否正确
– [ ] 安全设置是否启用
## 3. 功能测试
– [ ] 集群健康状态是否为green
– [ ] 能否创建索引
– [ ] 能否索引文档
– [ ] 能否搜索文档
– [ ] 备份功能是否正常
## 4. 监控设置
– [ ] 是否配置了监控
– [ ] 是否设置了告警
– [ ] 日志是否正常轮转
## 5. 安全检查
– [ ] 密码是否设置
– [ ] 访问控制是否配置
– [ ] SSL/TLS是否启用
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
