1. Download Elasticsearch
Official website:https://www.elastic.co/cn/
The editor downloaded version 7.16.1 here
# 解压
tar -zxvf elasticsearch-7.16.1.tar.gz
# 切换目录
cd elasticsearch-7.16.1/
Modify the configuration file config/elasticsearch.yml and add the following configuration:
network.host: 192.168.12.128
http.port: 9200
192.168.12.128 is the local address
9200 is the access port of es
Start ES:
# ./bin/elasticsearch -d 加-d后台运行
./bin/elasticsearch
After es is installed, an error will be reported when starting as root: can not run elasticsearch as root
Reason: For security reasons, root user is not allowed to start
Solution:
After es5, you cannot start by adding startup parameters or modifying the configuration file. You must create a user:
1. Create user: elk
adduser elk
2. Create a user password, which needs to be entered twice.
passwd elk
3. Grant the corresponding folder permissions to the user
chown -R elk /db/elk/elasticsearch-7.16.1
4. Switch to elk user
su elk
5. Enter the startup directory to start: cd /db/elk/elasticsearch-7.16.1/bin
./elasticsearch -d
PS: Delete user command: userdel -r elk
Visit http://192.168.12.128:9200/ and find that an error is still reported:
What does it mean? Mainly problems with file permissions, memory size and default configuration:
Error: [3] Bootloader check failed. Before starting Elasticsearch, you must address the points described in the following lines [3].
Error message 1. Bootloader check failed [1] in [3]: The maximum file descriptor [4096] of the elasticsearch process is too low, increase it to at least [65535]< a i=2>Processing method: #Switch to root user for modification
vi /etc/security/limits.conf
# 在最后面追加下面内容:
elk hard nofile 65536
elk soft nofile 65536
Note: elk is the user who starts es
Error message 2. Bootloader check failed [2] of [3]: The maximum virtual memory area vm.max_map_count [65530] is too low, increase it to at least [262144]
Processing method: #Switch to root user for modification
vim /etc/sysctl.conf
# 在最后面追加下面内容:
vm.max_map_count=655360
Execute the command that takes effect immediately:
sysctl -p
Error message 3, bootstrap check failure [3] of [3]: The default discovery settings are not suitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured
Processing method: #Switch to the root user for modification
Modify the ./bin/elasticsearch.yml configuration file and add " cluster.initial_master_nodes: ["node-1"]", just restart elasticsearch. As shown below:
At this time, enter the startup directory to start: cd /db/elk/elasticsearch-7.16.1/bin
./elasticsearch -d
will start successfully!
Visit http://192.168.12.128:9200/