时间来到了2023年4月,今天和大家一起研究下在虚拟机安装Elasticsearch 8.7.0单节点。

首先,就是一个很熟悉的报错

# ./elasticsearch
[2023-04-07T11:53:16,972][ERROR][o.e.b.Elasticsearch      ] [vm-fsdh23re9ff] fatal exception while booting Elasticsearchjava.lang.RuntimeException: can not run elasticsearch as root
        at org.elasticsearch.server@8.7.0/org.elasticsearch.bootstrap.Elasticsearch.initializeNatives(Elasticsearch.java:262)
        at org.elasticsearch.server@8.7.0/org.elasticsearch.bootstrap.Elasticsearch.initPhase2(Elasticsearch.java:161)
        at org.elasticsearch.server@8.7.0/org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:66)

See logs for more details.

ERROR: Elasticsearch did not exit normally - check the logs at /app/elasticsearch-8.7.0/logs/elasticsearch.log

ERROR: Elasticsearch exited unexpectedly

嗯,许久不碰es了,忘了不能使用root用户运行了。赶紧创建一个普通用户……

# groupadd app

# useradd -d /app -g app app

# chown -R app:app /app

关于elasticsearch.yml的配置,8.7.0版本默认启用了xpack.security认证。

-bash-4.2$ grep -v "#" elasticsearch.yml 
cluster.name: mycluster
node.name: node-1
path.data: /app/elasticsearch-8.7.0/data
path.logs: /app/elasticsearch-8.7.0/logs
bootstrap.memory_lock: false
network.host: 192.168.223.199
http.port: 9200


xpack.security.enabled: true

xpack.security.enrollment.enabled: true

xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
cluster.initial_master_nodes: ["vm-fsdh23re9ff"]

http.host: 0.0.0.0

再次启动,又出现两个报错:1)文件句柄数设置太小;2)最大虚拟内存设置太小。

[2023-04-07T14:25:36,912][INFO ][o.e.b.BootstrapChecks    ] [node-1] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2023-04-07T14:25:36,930][ERROR][o.e.b.Elasticsearch      ] [node-1] node validation exception
[2] bootstrap checks failed. You must address the points described in the following [2] lines before starting Elasticsearch.
bootstrap check failure [1] of [2]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
bootstrap check failure [2] of [2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
[2023-04-07T14:25:36,934][INFO ][o.e.n.Node               ] [node-1] stopping ...
[2023-04-07T14:25:36,968][INFO ][o.e.n.Node               ] [node-1] stopped
[2023-04-07T14:25:36,969][INFO ][o.e.n.Node               ] [node-1] closing ...
[2023-04-07T14:25:36,986][INFO ][o.e.n.Node               ] [node-1] closed
[2023-04-07T14:25:36,991][INFO ][o.e.x.m.p.NativeController] [node-1] Native controller process has stopped - no new native processes can be started

修改系统最大文件句柄数(修改后需要重启系统才能生效)

# vi /etc/security/limits.conf
*       soft    nproc   65535
*       hard    nproc   65535
*       soft    nofile  65535
*       hard    nofile  65535

# vi /etc/security/limits.d/20-nproc.conf
*          soft    nproc     65535
root       soft    nproc     65535

# reboot

# ulimit -n
65535

修改最大虚拟内存

# vi /etc/sysctl.conf
vm.max_map_count=655360

使用后台方式启动

$ cd /app/elasticsearch-8.7.0/bin
$ ./elasticsearch -d

启动后,使用浏览器测试访问,弹出登陆框,查询了下,原来需要重置elastic用户密码

$ cd /app/elasticsearch-8.7.0/bin

$ ./elasticsearch-reset-password --username elastic
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y


Password for the [elastic] user successfully reset.
New value: WRRr6nNEYm423uBPzIzW

登录成功

Logo

华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。

更多推荐