Elasticsearch簡單入門--elasticsearch 在Linux下的安裝、執行、停止
1.首先對Elasticsearch進行簡短的介紹
Elasticsearch是一個高度可伸縮的開源全文搜尋和分析引擎。它允許您快速、實時地儲存、搜尋和分析大量資料。它通常用作底層引擎/技術,為具有複雜搜尋特性和需求的應用程式提供支援。
核心概念:NRT、Cluster、Node、Index、Type、Document、Shards & Replicas、
1. Near Realtime(NRT) 近實時
Elasticsearch是一個近實時的搜尋平臺,這意味著從索引文件到可搜尋文件有輕微的延遲(通常是一秒)
2. Cluster 叢集
一個叢集是一個或多個節點(伺服器)的集合,這些節點一起儲存你的全部資料,並提供跨所有節點的聯邦索引和搜尋功能,一個叢集由一個唯一的預設為“elasticsearch”的名稱標識,這個名稱很重要,因為只有在節點被設定為通過其名稱加入叢集時,節點才能成為叢集的一部分。
確保在不同的環境你沒有重複使用同樣的叢集的名稱,否則你可能以讓節點加入到錯誤的叢集而告終,
3. Node 節點
一個節點是屬於叢集的單個伺服器,儲存資料,並參與叢集的索引和搜尋功能,就像叢集一樣,節點由一個名稱標識,該名稱在預設情況下是在啟動時分配給節點的隨機全域性惟一識別符號(UUID),如果你不想要這個預設節點名稱,可以定義任意節點名稱。
此名稱對於管理目的非常重要,在管理目的中,您希望確定網路中的哪些伺服器對應於Elasticsearch叢集中的哪些節點。
可以將節點配置為按叢集名稱連線特定的叢集,預設情況下,每個節點都被設定為加入一個名為elasticsearch的叢集,這意味著如果您在網路上啟動多個節點並假設它們可以發現彼此,它們將自動形成並加入一個名為elasticsearch的叢集。
4. index 、type、document、shards&replicas
參考:https://www.elastic.co/guide/en/elasticsearch/reference/6.0/_basic_concepts.html
2. 在Linux Centos7下安裝Elasticsearch
1. 安裝前的準備
Elasticsearch需要JDK的版本至少是Java 8. 推薦使用Oracle JDK 的版本是1.8.0_131,所有,首先檢視你linux機器上安裝的java版本,
[[email protected] ~]# java -version
java version "1.8.0_161"
Java(TM) SE Runtime Environment (build 1.8.0_161-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.161-b12, mixed mode)
[ 2. 安裝,通過zip/tar.gz包安裝
通過下載elasticsearch的zip包進行安裝,安裝方式很多,rpm、docker等
Elasticsearch提供了.zip和.tar.gz包,這些包可以被用來在任何系統中安裝,Elasticsearch的最新穩定版本下載地址
https://www.elastic.co/downloads/elasticsearch, 其他版本下載地址 https://www.elastic.co/downloads/past-releases
# 下載elasticsearch
[[email protected] software]# wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.6.14.zip
# 解壓
[[email protected] software]# unzip elasticsearch-5.6.14.zip
# 將解壓後的elasticsearch-5.6.14 移動到 /usr/local/elk目錄
[[email protected] software]# mv elasticsearch-5.6.14 /usr/local/elk
通過命令列啟動Elasticsearch
# cd 到/usr/local/elk/elasticsearch-5.6.14目錄,並啟動elasticsearch
[[email protected] elasticsearch-5.6.14]# pwd
/usr/local/elk/elasticsearch-5.6.14
[[email protected] elasticsearch-5.6.14]# ./bin/elasticsearch
此時為報錯,因為當前使用者為root,elasticsearch為了安全,不允許使用root使用者啟動elasticsearch。
所有需要新建使用者,使用root使用者新建es使用者 及es使用者組,並將/usr/local/elk許可權賦予es使用者,操作如下
# 建立使用者組 es
[[email protected] elasticsearch-5.6.14]# groupadd es
# 建立使用者es 並指定使用者所屬的群組為es
[[email protected] elasticsearch-5.6.14]# useradd -g es es
#給es使用者賦許可權
[[email protected] elasticsearch-5.6.14]# chown -R es:es /usr/local/elk/
# 設定es使用者密碼
[[email protected] elasticsearch-5.6.14]# passwd es
# 切換至es使用者
[[email protected] elasticsearch-5.6.14]# su es
# 啟動es
[[email protected] elasticsearch-5.6.14]# ./bin/elasticsearch這樣就啟動成功,
[[email protected] elasticsearch-5.6.14]$ ./bin/elasticsearch
[2019-01-07T16:54:21,911][INFO ][o.e.n.Node ] [] initializing ...
[2019-01-07T16:54:22,097][INFO ][o.e.e.NodeEnvironment ] [sPw1Vhx] using [1] data paths, mounts [[/ (rootfs)]], net usable_space [13.5gb], net total_space [16.9gb], spins? [unknown], types [rootfs]
[2019-01-07T16:54:22,097][INFO ][o.e.e.NodeEnvironment ] [sPw1Vhx] heap size [1.9gb], compressed ordinary object pointers [true]
[2019-01-07T16:54:22,101][INFO ][o.e.n.Node ] node name [sPw1Vhx] derived from node ID [sPw1VhxBTW6jo2sYFB4V1Q]; set [node.name] to override
[2019-01-07T16:54:22,102][INFO ][o.e.n.Node ] version[5.6.14], pid[1662], build[f310fe9/2018-12-05T21:20:16.416Z], OS[Linux/3.10.0-862.el7.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_161/25.161-b12]
[2019-01-07T16:54:22,102][INFO ][o.e.n.Node ] JVM arguments [-Xms2g, -Xmx2g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -XX:+HeapDumpOnOutOfMemoryError, -Des.path.home=/usr/local/elk/elasticsearch-5.6.14]
[2019-01-07T16:54:24,128][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [aggs-matrix-stats]
[2019-01-07T16:54:24,128][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [ingest-common]
[2019-01-07T16:54:24,128][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [lang-expression]
[2019-01-07T16:54:24,128][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [lang-groovy]
[2019-01-07T16:54:24,128][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [lang-mustache]
[2019-01-07T16:54:24,128][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [lang-painless]
[2019-01-07T16:54:24,128][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [parent-join]
[2019-01-07T16:54:24,129][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [percolator]
[2019-01-07T16:54:24,129][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [reindex]
[2019-01-07T16:54:24,129][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [transport-netty3]
[2019-01-07T16:54:24,129][INFO ][o.e.p.PluginsService ] [sPw1Vhx] loaded module [transport-netty4]
[2019-01-07T16:54:24,129][INFO ][o.e.p.PluginsService ] [sPw1Vhx] no plugins loaded
[2019-01-07T16:54:28,679][INFO ][o.e.d.DiscoveryModule ] [sPw1Vhx] using discovery type [zen]
[2019-01-07T16:54:30,168][INFO ][o.e.n.Node ] initialized
[2019-01-07T16:54:30,168][INFO ][o.e.n.Node ] [sPw1Vhx] starting ...
[2019-01-07T16:54:30,744][INFO ][o.e.t.TransportService ] [sPw1Vhx] publish_address {127.0.0.1:9300}, bound_addresses {[::1]:9300}, {127.0.0.1:9300}
[2019-01-07T16:54:30,760][WARN ][o.e.b.BootstrapChecks ] [sPw1Vhx] max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
[2019-01-07T16:54:30,760][WARN ][o.e.b.BootstrapChecks ] [sPw1Vhx] max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
[2019-01-07T16:54:33,968][INFO ][o.e.c.s.ClusterService ] [sPw1Vhx] new_master {sPw1Vhx}{sPw1VhxBTW6jo2sYFB4V1Q}{edktK-_4QFq147_64LQ5qA}{127.0.0.1}{127.0.0.1:9300}, reason: zen-disco-elected-as-master ([0] nodes joined)
[2019-01-07T16:54:34,028][INFO ][o.e.g.GatewayService ] [sPw1Vhx] recovered [0] indices into cluster_state
[2019-01-07T16:54:34,047][INFO ][o.e.h.n.Netty4HttpServerTransport] [sPw1Vhx] publish_address {127.0.0.1:9200}, bound_addresses {[::1]:9200}, {127.0.0.1:9200}
[2019-01-07T16:54:34,047][INFO ][o.e.n.Node ] [sPw1Vhx] started
預設,Elasticsearch在前端執行,會將日誌列印到標準輸出中,可以通過Ctrl-C 使其停止。
3. 檢查Elasticsearch是否正在執行
你可以通過傳送http請求測試剛才啟動Elasticsearch節點 是否正常執行。
curl -X GET "localhost:9200/"
[[email protected] ~]# curl -X GET "localhost:9200"
{
"name" : "sPw1Vhx",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "6VtrjLY4SsGcu2Li2rwk4w",
"version" : {
"number" : "5.6.14",
"build_hash" : "f310fe9",
"build_date" : "2018-12-05T21:20:16.416Z",
"build_snapshot" : false,
"lucene_version" : "6.6.1"
},
"tagline" : "You Know, for Search"
}
[[email protected] ~]# curl http://localhost:9200
{
"name" : "sPw1Vhx",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "6VtrjLY4SsGcu2Li2rwk4w",
"version" : {
"number" : "5.6.14",
"build_hash" : "f310fe9",
"build_date" : "2018-12-05T21:20:16.416Z",
"build_snapshot" : false,
"lucene_version" : "6.6.1"
},
"tagline" : "You Know, for Search"
}
響應內容內容如上就說明elasticsearch正常執行。
4. 作為守護程序後端執行elasticsearch
作為守護程序執行elasticsearch,需要在命令列指定 -d 並且使用-p 選項 將程序ID 記錄到檔案中
[[email protected] elasticsearch-5.6.14]$ ./bin/elasticsearch -d -p pid
此時,日誌就不會在打印出來了,日誌資訊在/usr/loca/elk/elasticsearch-5.6.14/logs目錄下可以檢視
[[email protected] elasticsearch-5.6.14]$ cd logs
[[email protected] logs]$ pwd
/usr/local/elk/elasticsearch-5.6.14/logs
[[email protected] logs]$ ls
elasticsearch_deprecation.log elasticsearch_index_indexing_slowlog.log elasticsearch_index_search_slowlog.log elasticsearch.log
[[email protected] logs]$ tail -f elasticsearch.log
在elasticsearch資料夾就會多出一個pid檔案
# 通過cat 或more 命令檢視pid檔案內容, 就可以得到elasticsearch的程序號
[[email protected] elasticsearch-5.6.14]$ more pid
1916
要關閉Elasticsearch, kill 被記錄到pid檔案中的程序ID即可,命令如下:
[[email protected] elasticsearch-5.6.14]$ kill `cat pid`
# 此時查詢 elasticsearch的程序ID 已經不存在了
[[email protected] elasticsearch-5.6.14]$ ps -ef|grep elasticsearch
es 1999 1647 0 17:25 pts/0 00:00:00 grep --color=auto elasticsearch
5. 通過命令列配置Elasticsearch
預設Elasticsearch從/usr/local/elk/elasticsearch-5.6.14/config/elasticsearch.yml檔案中載入配置資訊, 同時,任何在配置檔案能指定的引數同樣能通過命令列方式指定,通過使用 -E ,如下
[[email protected] elasticsearch-5.6.14]$ ./bin/elasticsearch -d -Ecluster.name=my_cluster -Enode.name=node_1
官網上這麼說:
Typically, any cluster-wide settings (like cluster.name) should be added to the elasticsearch.yml config file, while any node-specific settings such as node.name could be specified on the command line(通常,所有叢集範圍的設定(如cluster.name)都應該新增到elasticsearch.yml中。而任何特定於節點的設定,如node.name,都可以在命令列中指定)