Elasticsearch搭建与使用

##  Elasticsearch搭建与使用

### 安装环境

- 树莓派 3B+
- JDK 8
- 操作系统 centos 7

### 安装jdk

Elasticsearch需要jdk的环境，[jdk下载地址](https://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html)，如果不嫌麻烦的话自己注册账号，一劳永逸，我使用的arm7CPU的centos系统，下载` Linux ARM 32 Hard Float ABI `

解压jdk到指定的文件夹内容

```shell
tar -zxvf jdk-8u231-linux-arm32-vfp-hflt.tar.gz -C /usr/local/java/
```

修改/etc/profile文件

```shell
export JAVA_HOME=/usr/local/java/jdk1.8.0_231
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$JAVA_HOME/bin:$PATH
```

重新加载配置

```shell
source profile
java -version # 测试是否通过

java version "1.8.0_231"
Java(TM) SE Runtime Environment (build 1.8.0_231-b11)
Java HotSpot(TM) Client VM (build 25.231-b11, mixed mode)

```

### Elasticsearch安装

配置yum源

```shell
$ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
$ vim /etc/yum.repos.d/elasticsearch.repo

在elasticsearch.repo文件中添加如下内容
[elasticsearch-5.x]
name=Elasticsearch repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

安装elasticsearch
$ yum install -y elasticsearch
```

创建elasticsearch data存放目录，并修改目录角色和用户组

```shell
$ mkdir -p /data/es-data # -p: 递归创建目录，即使上级目录不存在，会按目录层级自动创建目录
$ chown -R elasticsearch:elasticsearch /var/log/elasticsearch/
$ chown -R elasticsearch:elasticsearch /data/es-data
```

修改elasticsearch的配置文件

```shell
$ vim /etc/elasticsearch/elasticsearch.yml
# 使用vim中的查找快捷键进行查找 `/[关键字]`，回车后查找，`n`查找下一个
cluster.name: my-application # 集群名称
node.name: node-1 # 节点名称
path.data: /data/es-data # data 存放路径 
path.logs: /var/log/elasticsearch # logs 日志存放路径
bootstrap.memory_lock: true # 配置内存使用用交换分区
network.host: 0.0.0.0 # 监听地址
http.port: 9200 # 监听端口
# 增加新的参数，这样head插件可以访问es (5.x版本，如果没有可以自己手动加)
http.cors.enabled: true
http.cors.allow-origin: "*"
```

![image-20191208100535931](https://mufeng-blog.oss-cn-beijing.aliyuncs.com/typecho/image-20191208100535931.png)

修改描述符的最大值

```shell
$ vim /etc/security/limits.conf # 文件末尾追加
* soft nofile 65536
* hard nofile 65536
* soft nproc 2048
* hard nproc 2048
* soft memlock unlimited
* hard memlock unlimited
```

启动elasticsearch服务

```shell
 $ systemctl start elasticsearch
```

测试是否配置成功，开启9200端口远程访问` http://192.168.124.22:9200/ `，能够正常访问则搭建成功。

```
{
    name: "node-1",
    cluster_name: "my-application",
    cluster_uuid: "DSVyUn1iQKOl1Sp6ClUNRw",
    version: {
        number: "5.6.16",
        build_hash: "3a740d1",
        build_date: "2019-03-13T15:33:36.565Z",
        build_snapshot: false,
        lucene_version: "6.6.1"
    },
    tagline: "You Know, for Search"
}
```

> 原本还得安装插件 elasticsearch-head ，但是由于硬件的原因， elasticsearch-head 没有arm版本的，所以这里就没有安装。
>
> elasticsearch也能使用docker镜像进行安装，具体如何配置请[移步](https://hub.docker.com/r/webhippie/elasticsearch)
>
> ```shell
> $ docker run --rm mplatform/mquery webhippie/elasticsearch # 检测当前cpu是否能使用
> Image: webhippie/elasticsearch
>  * Manifest List: Yes
>  * Supported platforms:
>    - linux/amd64
>    - linux/arm64
>    - linux/arm/v6
> $ docker pull webhippie/elasticsearch:latest
> ```
>
>

## FAQ

### 启动elasticsearch后报错

#### jdk路径问题

```shell
Dec 08 10:12:47 localhost systemd[1]: Starting Elasticsearch...
Dec 08 10:12:47 localhost systemd[1]: Started Elasticsearch.
Dec 08 10:12:48 localhost elasticsearch[18323]: which: no java in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin)
Dec 08 10:12:48 localhost elasticsearch[18323]: Could not find any executable java binary. Please install java ..._HOME
Dec 08 10:12:48 localhost systemd[1]: elasticsearch.service: main process exited, code=exited, status=1/FAILURE
Dec 08 10:12:48 localhost systemd[1]: Unit elasticsearch.service entered failed state.
Dec 08 10:12:48 localhost systemd[1]: elasticsearch.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
```

**解决办法：**elasticsearch找不到jdk的原因，以下的几个解决办法

1. 建立软连接

```shell
   $ which java
   /usr/local/java/jdk1.8.0_121/bin/java
   # 建立软连接
   $ ln -s /usr/local/java/jdk1.8.0_121/bin/java /usr/bin/java
   ```

2. elasticsearch添加`JAVA_HOME`路径

```shell
   $ vi /etc/sysconfig/elasticsearch
   JAVA_HOME=/usr/local/java
   ```

#### jvm内存不足

elasticsearch调用的jvm内存不够，树莓派的内存就只有1G，这里使用到的服务器内存是2G，所以无法启动。

```
Dec 08 10:48:48 localhost systemd[1]: Starting Elasticsearch...
Dec 08 10:48:48 localhost systemd[1]: Started Elasticsearch.
Dec 08 10:48:49 localhost elasticsearch[31448]: Error occurred during initialization of VM
Dec 08 10:48:49 localhost systemd[1]: elasticsearch.service: main process exited, code=exited, status=1/FAILURE
Dec 08 10:48:49 localhost systemd[1]: Unit elasticsearch.service entered failed state.
Dec 08 10:48:49 localhost systemd[1]: elasticsearch.service failed.

```

#### 权限不够

```
Dec 08 11:18:03 localhost elasticsearch[20043]: 2019-12-08 11:18:03,038 main ERROR Null object returned for RollingFile in Appenders.
Dec 08 11:18:03 localhost elasticsearch[20043]: 2019-12-08 11:18:03,041 main ERROR Null object returned for RollingFile in Appenders.
Dec 08 11:18:03 localhost elasticsearch[20043]: 2019-12-08 11:18:03,044 main ERROR Null object returned for RollingFile in Appenders.
Dec 08 11:18:03 localhost elasticsearch[20043]: 2019-12-08 11:18:03,048 main ERROR Unable to locate appender "rolling" for logger config "root"
Dec 08 11:18:03 localhost elasticsearch[20043]: 2019-12-08 11:18:03,050 main ERROR Unable to locate appender "index_indexing_slowlog_rolling" for logger config "index.indexing.slowlog.index"
Dec 08 11:18:03 localhost elasticsearch[20043]: 2019-12-08 11:18:03,052 main ERROR Unable to locate appender "index_search_slowlog_rolling" for logger config "index.search.slowlog"
Dec 08 11:18:03 localhost elasticsearch[20043]: 2019-12-08 11:18:03,054 main ERROR Unable to locate appender "deprecation_rolling" for logger config "org.elasticsearch.deprecation"

```

**解决办法：**

```shell
$ chown -R elasticsearch:elasticsearch /var/log/elasticsearch/
$ chown -R elasticsearch:elasticsearch /data/es-data
```

####  交换分区

这是在因为Centos6不支持SecComp，而ES5.2.0默认bootstrap.system_call_filter为true进行检测，所以导致检测失败，失败后直接导致ES不能启动。但是我的系统是centos7的，不知道为什么也不能使用

```
system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
```

**解决办法：**修改elasticsearch配置

```shell
$ vim /etc/elasticsearch/jvm.options
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
```

---

### 安装logstash

直接简单的使用docker来进行logstash的安装，[docker连接](https://hub.docker.com/r/dimdm/logstash/dockerfile)

```shell
$ docker pull dimdm/logstash:5.6.3-arm32v6
$ docker run -d -p 12201:12201/udp -p 9600:9600/tcp --name logstash dimdm/logstash:5.6.3-arm32v6 
```

这里使用参考地址：https://blog.mufeng.info/index.php/archives/264/

---

### 2022年3月19日

这里简单演示一下 windows 的安装过程

在官网：https://www.elastic.co/downloads/past-releases/elasticsearch-7-17-1，中选择下载Windows 最新安装包，下载后得到`elasticsearch-7.17.1-windows-x86_64.zip`文件，解压运行 bin/elasticsearch.bat 文件。无需修改配置，直接启动。

启动后 Elasticsearch 会监听 9200 和 9300 端口。浏览器请求：http://localhost:9200/，响应

```json
{
  "name" : "DESKTOP-P6BAGHG",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "Ps-MIkwpQg6rv3h6rtENJQ",
  "version" : {
    "number" : "7.17.1",
    "build_flavor" : "default",
    "build_type" : "zip",
    "build_hash" : "e5acb99f822233d62d6444ce45a4543dc1c8059a",
    "build_date" : "2022-02-23T22:20:54.153567231Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}
```

幕峰网

Elasticsearch搭建与使用

添加新评论

轻语

热门文章

最新文章

最近回复

标签