文檔地址：

官網文檔地址： https://www.elastic.co/guide/index.html
rpm包/源碼下載地址：https://www.elastic.co/cn/downloads

源碼安裝-環境準備：

node-01       192.168.95.174
node-02       192.168.95.173
node-03       192.168.95.172在每臺機器上都下載源碼包
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.10.1-linux-x86_64.tar.gz    # ES的，我用的7.14.0版本
wget https://artifacts.elastic.co/downloads/kibana/kibana-7.10.1-linux-x86_64.tar.gz   # Kibana 的，版本要一致，只在node-001上安裝修改一下解析hosts文件，這一步每臺機器都要配置
vim /etc/hosts
192.168.95.174 node-01
192.168.95.173 node-02
192.168.95.172 node-03修改服務器配置參數
#### 每臺ES服務器都需要執行vim /etc/security/limits.conf* soft nofile 65535
* hard nofile 65537vim /etc/sysctl.conf
vm.max_map_count = 655360
vm.swappiness=0sysctl -p

解壓ES源碼包

每一臺ES機器都需要執行# 切到工作目錄
mkdir /data/maycur/unzip && cd /data/maycur/unzip
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.10.1-linux-x86_64.tar.gztar -xvzf elasticsearch-7.10.1-linux-x86_64.tar.gz ../cd elasticsearch-7.10.1

修改ES集群配置文件

#集群名稱和節點名稱
cluster.name: my-es-cluster
node.name: node-1
network.host: 0.0.0.0
# 用于集群內各機器間通信,對外使用，其他機器訪問本機器的es服務，一般為本機宿主機IP
network.publish_host: 192.168.95.174
node.master: true # 使節點有資格成為主節點
node.data: true # 使節點可以存儲數據
#最大集群節點數
node.max_local_storage_nodes: 3
# 列出所有節點的私有IP地址
discovery.seed_hosts: ["192.168.95.174:9300", "192.168.95.173:9300","192.168.95.172:9300"]
# 首次啟動時指定的候選主節點列表
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"]#是否允許跨域
http.cors.enabled: true
http.cors.allow-origin: "*"#安全認證部分
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

#集群名稱和節點名稱
cluster.name: my-es-cluster
node.name: node-2
network.host: 0.0.0.0
# 用于集群內各機器間通信,對外使用，其他機器訪問本機器的es服務，一般為本機宿主機IP
network.publish_host: 192.168.95.173
node.master: true # 使節點有資格成為主節點
node.data: true # 使節點可以存儲數據
#最大集群節點數
node.max_local_storage_nodes: 3
# 列出所有節點的私有IP地址
discovery.seed_hosts: ["192.168.95.174:9300", "192.168.95.173:9300","192.168.95.172:9300"]
# 首次啟動時指定的候選主節點列表
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"]#是否允許跨域
http.cors.enabled: true
http.cors.allow-origin: "*"#安全認證部分
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

#集群名稱和節點名稱
cluster.name: my-es-cluster
node.name: node-3
network.host: 0.0.0.0
# 用于集群內各機器間通信,對外使用，其他機器訪問本機器的es服務，一般為本機宿主機IP
network.publish_host: 192.168.95.172
node.master: true # 使節點有資格成為主節點
node.data: true # 使節點可以存儲數據
#最大集群節點數
node.max_local_storage_nodes: 3
# 列出所有節點的私有IP地址
discovery.seed_hosts: ["192.168.95.174:9300", "192.168.95.173:9300","192.168.95.172:9300"]
# 首次啟動時指定的候選主節點列表
cluster.initial_master_nodes: ["node-1", "node-2", "node-3"]#是否允許跨域
http.cors.enabled: true
http.cors.allow-origin: "*"#安全認證部分
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

以上配置文件開啟了安裝認證，如果不開啟認證則可以注釋，如果開啟則需要執行一下操作步驟：

安全認證操作步驟

在192.168.95.174 node-01節點操作

去到cd /path/elasticsearch-7.10.1/bin

1.生成CA證書
// 生成CA證書,執行命令后,系統還會提示你輸入密碼,可以直接留空
./elasticsearch-certutil ca會在config下生成一個elastic-stack-ca.p12文件
ls -al ../config/elastic-stack-ca.p12 
-rw-------. 1 elastic elastic 2527 May 21 14:29 ../config/elastic-stack-ca.p122.根據elastic-stack-ca.p12文件 生成elastic-certificates.p12
//生成證書和私鑰,系統還會提示你輸入密碼，你可以輸入證書和密鑰的密碼，也可以留空
./elasticsearch-certutil cert --ca elastic-stack-ca.p12

將節點node-01上生成的兩個文件拷貝到另外的節點

scp elastic-stack-ca.p12 node-02:/path/elasticsearch-7.10.1/config/

scp elastic-stack-ca.p12 node-03:/path/elasticsearch-7.10.1/config/

啟動ES集群服務

1、創建用戶

#### 每臺ES服務器都需要執行# 因為ES不允許用root用戶啟動，所以我就創建一個普通用戶來進行管理
groupadd elastic
useradd -g elastic -d /home/elastic elastic
passwd elastic
密碼（password)##修改es程序所有者和權限
chown -R elastic:elastic /maycur/elasticsearch-7.10.1

2、啟動

su elastic
cd ...../elasticsearch-7.10.1/bin/
./elasticsearch -d

配置systemd服務啟動es

cat > /etc/systemd/system/elasticsearch.service << EOF
[Unit]
Description=Elasticsearch service
After=syslog.target network.target[Service]
Type=simple
User=elastic
Group=elastic
ExecStart=/data/maycur/elasticsearch-7.10.1/bin/elasticsearch
Restart=always
StandardOutput=syslog
StandardError=syslog
LimitNOFILE=65535
LimitMEMLOCK=infinity[Install]
WantedBy=multi-user.target
EOF

設置es密碼

在其中一臺機器上執行,我這里在 192.168.95.174 node-01節點機器操作,我這里密碼全部設置為（123456）

cd cd /path/elasticsearch-7.10.1/bin
./elasticsearch-setup-passwords interactiveInitiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]yEnter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

用過用戶名密碼驗證集群狀態

curl -u elastic 'http://192.168.95.174:9200/_cat/health?v'

curl -u elastic 'http://192.168.95.174:9200/_cat/nodes?v'