修改主机名

1
2
3
hostnamectl set-hostname es_1
hostnamectl set-hostname es_2
hostnamectl set-hostname es_3

创建目录

1
[ ! -d /data/server ] && mkdir -p /data/server

下载软件安装包

1
2
3
wget https://mirrors.huaweicloud.com/elasticsearch/7.3.0/elasticsearch-7.3.0-linux-x86_64.tar.gz
tar xf elasticsearch-7.3.0-linux-x86_64.tar.gz
tar xf kibana-7.3.0-linux-x86_64.tar.gz

创建用户

1
2
useradd elk
chown -R elk:elk /data/server

修改配置

vi config/elasticsearch.yml

修改配置文件为

1
2
3
4
5
6
7
8
9
10
11
##########
cluster.name: es_cluster
node.name: node-1/node-3/node-3 # 每个节点不一样
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["192.168.21.71", "192.168.21.72", "192.168.21.73"] # 填些所有节点的ip地址
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"] # 每个节点的 node.mane 配置
xpack.security.enabled: false
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"

生成启动脚本

1
2
3
4
5
6
7
8
9
10
11
12
cat >restart.sh <<EOF
#!/bin/sh
echo \`ps -ef|grep elasticsearch|grep -v grep|awk '{print \$2}'\`
echo "start kill elasticsearch"
kill -9 \`ps -ef|grep elasticsearch|grep -v grep|awk '{print \$2}'\`
sleep 5
sudo -u elk /data/server/elasticsearch-7.3.0/bin/elasticsearch -d
echo starting
echo \`ps -ef|grep elasticsearch-7.3.0|grep -v grep|awk '{print \$2}'\`
EOF

chmod +x restart.sh

开启认证

生成证书

在一个master上执行即可, 所有选项全部保持默认

1
2
3
cd /data/server/elasticsearch-7.3.0
./bin/elasticsearch-certutil ca
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

复制证书

把生成的文件放到conf下, 用户为 elk

1
2
chown elk.elk elastic-certificates.p12  elastic-stack-ca.p12
mv elastic-certificates.p12 elastic-stack-ca.p12 config/

然后把这两个文件复制到其他的节点config目录下.

修改配置文件

1
2
3
4
5
6
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

然后挨个节点重启ElasticSearch

设置密码

1
./bin/elasticsearch-setup-passwords auto
1
./bin/elasticsearch-setup-passwords interactive