用 Docker 安装 Elasticsearch

使用 Docker 方式进行安装 Elasticsearch

服务器优化

1. 调整控制进程可以打开的最大文件数的参数

vim /etc/security/limits.conf

* soft nofile 65536
* hard nofile 65536

2. 进程可以拥有的最大内存映射区域的数量。

vim /etc/sysctl.conf

vm.max_map_count=262144

# 重载
# sysctl -p

安装Elasticsearch

1. 创建新的Docker网络

docker network create elastic

2. 下载Docker镜像

华为云白嫖加速

docker pull docker.elastic.co/elasticsearch/elasticsearch:8.15.3

3. 开启Elasticsearch 容器

docker run --name es01 --net elastic -p 9200:9200 -it -m 2g docker.elastic.co/elasticsearch/elasticsearch:8.15.3

4. 记住账户密码

在运行完毕后会显示该内容,可将它保存下来

✅ Elasticsearch security features have been automatically configured!
✅ Authentication is enabled and cluster connections are encrypted.

ℹ️  Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
  RPY0tFQQTFCT9cGyaxFM

ℹ️  HTTP CA certificate SHA-256 fingerprint:
  83dc79d08c8212b3aebcf6f59fcaae7a9f57cddb3828867998a08508eb921af7

ℹ️  Configure Kibana to use this cluster:
• Run Kibana and click the configuration link in the terminal when Kibana starts.
• Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
  eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTcyLjE4LjAuMjo5MjAwIl0sImZnciI6IjgzZGM3OWQwOGM4MjEyYjNhZWJjZjZmNTlmY2FhZTdhOWY1N2NkZGIzODI4ODY3OTk4YTA4NTA4ZWI5MjFhZjciLCJrZXkiOiJ1TDR5bnBJQi1TZmxtUHlmZXZFNTpyelhZM3NNcVNSaTFwdDBwRG83N3FnIn0=

ℹ️ Configure other nodes to join this cluster:
• Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):
  eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTcyLjE4LjAuMjo5MjAwIl0sImZnciI6IjgzZGM3OWQwOGM4MjEyYjNhZWJjZjZmNTlmY2FhZTdhOWY1N2NkZGIzODI4ODY3OTk4YTA4NTA4ZWI5MjFhZjciLCJrZXkiOiJ0cjR5bnBJQi1TZmxtUHlmZXZFNTpBVEMzbDgxdVRMT1c5X0JfeXJobGVBIn0=

  If you're running in Docker, copy the enrollment token and run:
  `docker run -e "ENROLLMENT_TOKEN=<token>" docker.elastic.co/elasticsearch/elasticsearch:8.15.3`

也可以使用 Docker 命令进行重置

docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana

官方还建议将 elastic 密码设置直环境变量中

export ELASTIC_PASSWORD="RPY0tFQQTFCT9cGyaxFM"

5. 复制 http_ca.crt ssl证书

docker cp es01:/usr/share/elasticsearch/config/certs/http_ca.crt .

6. 调用API接口确认ES服务是否正常运行

curl --cacert http_ca.crt -u elastic:$ELASTIC_PASSWORD https://localhost:9200

#{
#  "name" : "a6a9e518010f",
#  "cluster_name" : "docker-cluster",
#  "cluster_uuid" : "5SFj9w2kT9yb3WfUWX-Q-Q",
#  "version" : {
#    "number" : "8.15.3",
#    "build_flavor" : "default",
#    "build_type" : "docker",
#    "build_hash" : "f97532e680b555c3a05e73a74c28afb666923018",
#    "build_date" : "2024-10-09T22:08:00.328917561Z",
#    "build_snapshot" : false,
#    "lucene_version" : "9.11.1",
#    "minimum_wire_compatibility_version" : "7.17.0",
#    "minimum_index_compatibility_version" : "7.0.0"
#  },
#  "tagline" : "You Know, for Search"
#}

添加节点

1. 生成招募密钥

使用已经存在的节点为新的节点生成一个招募密钥.

docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node

2. 创建一个新的节点

docker run -e ENROLLMENT_TOKEN="eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTcyLjE4LjAuMjo5MjAwIl0sImZnciI6IjgzZGM3OWQwOGM4MjEyYjNhZWJjZjZmNTlmY2FhZTdhOWY1N2NkZGIzODI4ODY3OTk4YTA4NTA4ZWI5MjFhZjciLCJrZXkiOiJLNTQ1bnBJQmI1dnVPOEtMR3hHbDpFdTRuX1RIclRiNmx1RVo5MzY3ZlF3In0" --name es02 --net elastic -idt -m 2g docker.elastic.co/elasticsearch/elasticsearch:8.15.3

3. 调用API检查服务是否正常

curl --cacert http_ca.crt -u elastic:$ELASTIC_PASSWORD https://localhost:9200/_cat/nodes
#172.18.0.3 41 74 1 0.47 0.47 0.28 cdfhilmrstw - 6a67e42a51f6
#172.18.0.2 15 73 1 0.47 0.47 0.28 cdfhilmrstw * 6becb91a940c

运行Kibana

1. 下载镜像

docker pull docker.elastic.co/kibana/kibana:8.15.3

2. 开启容器

docker run --name kib01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:8.15.3

3. 打开浏览器

此时启动命令会提示一个URL 通过这个URL进行初始化 Kibana

i Kibana has not been configured.

Go to http://0.0.0.0:5601/?code=738110 to get started.

4. 获取初始化Token

docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana

5. 登录Kibana

elastic 身份进入 Kibanna 密码就是之前在 elasticsearch 中生成的如果你忘记了可以使用以下命令查看或重置

echo $ELASTIC_PASSWORD

docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic

附件