【ELK】Elasticsearch 8.7单节点配置、安装和运行
时间来到了2023年4月,今天和大家一起研究下在虚拟机安装Elasticsearch 8.7.0单节点。关于elasticsearch.yml的配置,8.7.0版本默认启用了xpack.security认证。启动后,使用浏览器测试访问,弹出登陆框,查询了下,原来需要重置elastic用户密码。嗯,许久不碰es了,忘了不能使用root用户运行了。再次启动,又出现两个报错:1)文件句柄数设置太小;2)
·
时间来到了2023年4月,今天和大家一起研究下在虚拟机安装Elasticsearch 8.7.0单节点。
首先,就是一个很熟悉的报错
# ./elasticsearch
[2023-04-07T11:53:16,972][ERROR][o.e.b.Elasticsearch ] [vm-fsdh23re9ff] fatal exception while booting Elasticsearchjava.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.server@8.7.0/org.elasticsearch.bootstrap.Elasticsearch.initializeNatives(Elasticsearch.java:262)
at org.elasticsearch.server@8.7.0/org.elasticsearch.bootstrap.Elasticsearch.initPhase2(Elasticsearch.java:161)
at org.elasticsearch.server@8.7.0/org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:66)
See logs for more details.
ERROR: Elasticsearch did not exit normally - check the logs at /app/elasticsearch-8.7.0/logs/elasticsearch.log
ERROR: Elasticsearch exited unexpectedly
嗯,许久不碰es了,忘了不能使用root用户运行了。赶紧创建一个普通用户……
# groupadd app
# useradd -d /app -g app app
# chown -R app:app /app
关于elasticsearch.yml的配置,8.7.0版本默认启用了xpack.security认证。
-bash-4.2$ grep -v "#" elasticsearch.yml
cluster.name: mycluster
node.name: node-1
path.data: /app/elasticsearch-8.7.0/data
path.logs: /app/elasticsearch-8.7.0/logs
bootstrap.memory_lock: false
network.host: 192.168.223.199
http.port: 9200
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
cluster.initial_master_nodes: ["vm-fsdh23re9ff"]
http.host: 0.0.0.0
再次启动,又出现两个报错:1)文件句柄数设置太小;2)最大虚拟内存设置太小。
[2023-04-07T14:25:36,912][INFO ][o.e.b.BootstrapChecks ] [node-1] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2023-04-07T14:25:36,930][ERROR][o.e.b.Elasticsearch ] [node-1] node validation exception
[2] bootstrap checks failed. You must address the points described in the following [2] lines before starting Elasticsearch.
bootstrap check failure [1] of [2]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
bootstrap check failure [2] of [2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
[2023-04-07T14:25:36,934][INFO ][o.e.n.Node ] [node-1] stopping ...
[2023-04-07T14:25:36,968][INFO ][o.e.n.Node ] [node-1] stopped
[2023-04-07T14:25:36,969][INFO ][o.e.n.Node ] [node-1] closing ...
[2023-04-07T14:25:36,986][INFO ][o.e.n.Node ] [node-1] closed
[2023-04-07T14:25:36,991][INFO ][o.e.x.m.p.NativeController] [node-1] Native controller process has stopped - no new native processes can be started
修改系统最大文件句柄数(修改后需要重启系统才能生效)
# vi /etc/security/limits.conf
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
# vi /etc/security/limits.d/20-nproc.conf
* soft nproc 65535
root soft nproc 65535
# reboot
# ulimit -n
65535
修改最大虚拟内存
# vi /etc/sysctl.conf
vm.max_map_count=655360
使用后台方式启动
$ cd /app/elasticsearch-8.7.0/bin
$ ./elasticsearch -d
启动后,使用浏览器测试访问,弹出登陆框,查询了下,原来需要重置elastic用户密码
$ cd /app/elasticsearch-8.7.0/bin
$ ./elasticsearch-reset-password --username elastic
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y
Password for the [elastic] user successfully reset.
New value: WRRr6nNEYm423uBPzIzW
登录成功
更多推荐
已为社区贡献22条内容
所有评论(0)