elasticsearch:7.10.0安装部署记录信息

--------------------------elasticsearch:7.10.0安装记录-------------------------
subnet网段地址。
docker network ls
查看docker网卡
docker network inspect 网卡id
删除docker网卡
docker network rm 网卡id

docker network inspect mynetwork

查看docker网卡的相关详细信息
创建网络ip
docker network create --subnet=172.18.0.0/24 mynetwork

添加用户执行docker
sudo groupadd docker     #添加docker用户组
sudo gpasswd -a king docker     #将登陆用户加入到docker用户组中
newgrp docker     #更新用户组 

mkdir -p /kdata/elasticsearch/config
mkdir -p /kdata/elasticsearch/data
mkdir -p /kdata/elasticsearch/logs
mkdir -p /kdata/elasticsearch/plugins
mkdir -p /kdata/kibana/config

chmod -R 777 /kdata/

--启动集群版
docker run --restart=always --name es01 \
-p 9200:9200 -p 9300:9300 \
--net mynetwork --ip 172.18.0.2 --privileged=true  \
-e ES_JAVA_OPTS="-Xms512m -Xmx512m" \
-v /kdata/elasticsearch01/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /kdata/elasticsearch01/data:/usr/share/elasticsearch/data \
-v /kdata/elasticsearch01/plugins:/usr/share/elasticsearch/plugins \
-v /kdata/elasticsearch01/logs:/usr/share/elasticsearch/logs \
-d elasticsearch:7.10.0

docker run --restart=always --name es02 \
-p 9201:9201 -p 9301:9301 \
--net mynetwork --ip 172.18.0.3 --privileged=true  \
-e ES_JAVA_OPTS="-Xms512m -Xmx512m" \
-v /kdata/elasticsearch02/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /kdata/elasticsearch02/data:/usr/share/elasticsearch/data \
-v /kdata/elasticsearch02/plugins:/usr/share/elasticsearch/plugins \
-v /kdata/elasticsearch02/logs:/usr/share/elasticsearch/logs \
-d elasticsearch:7.10.0

配置elasticsearch.yml
http.host: 0.0.0.0
# 配置跨域
http.cors.enabled: true   # 开启跨域
# 允许所有都可以访问
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
xpack.security.enabled: true

创建keystore
./bin/elasticsearch-keystore create 
生成证书
./bin/elasticsearch-certutil ca
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

移动证书到指定位置
docker cp es01:/usr/share/elasticsearch/elastic-certificates.p12 /kdata/elasticsearch01/config
docker cp es01:/usr/share/elasticsearch/elastic-stack-ca.p12 /kdata/elasticsearch01/config
docker cp es01:/usr/share/elasticsearch/config/elasticsearch.keystore /kdata/elasticsearch01/config

docker cp es02:/usr/share/elasticsearch/elastic-certificates.p12 /kdata/elasticsearch01/config
docker cp es02:/usr/share/elasticsearch/elastic-stack-ca.p12 /kdata/elasticsearch01/config
docker cp es02:/usr/share/elasticsearch/config/elasticsearch.keystore /kdata/elasticsearch01/config

docker cp /kdata/elasticsearch01/config/elastic-certificates.p12 es01:/usr/share/elasticsearch/config/
docker cp /kdata/elasticsearch01/config/elastic-stack-ca.p12 es01:/usr/share/elasticsearch/config/
docker cp /kdata/elasticsearch01/config/elasticsearch.keystore es01:/usr/share/elasticsearch/config/

docker cp /kdata/elasticsearch02/config/elastic-certificates.p12 es02:/usr/share/elasticsearch/config/
docker cp /kdata/elasticsearch02/config/elastic-stack-ca.p12 es02:/usr/share/elasticsearch/config/
docker cp /kdata/elasticsearch02/config/elasticsearch.keystore es02:/usr/share/elasticsearch/config/

mv elastic-certificates.p12 elastic-stack-ca.p12  config
cd config
--授权(可不设置)
chmod 777 elastic-certificates.p12
chmod 777 elastic-stack-ca.p12
chmod 777 elasticsearch.keystore

sudo vi /etc/sysctl.conf 
文件添加 
vm.max_map_count=262144
执行
sudo sysctl -p

systemctl restart docker

--查看日志
docker logs -f --tail=10 es01
docker logs -f --tail=10 es02

再次配置elasticsearch.yml(具体ip需各自调整)
# 集群名称
cluster.name: escluster
# 当前该节点的名称
node.name: es01
# 是不是有资格竞选主节点
node.master: true
# 是否存储数据
node.data: true
# 最大集群节点数
node.max_local_storage_nodes: 2
# 给当前节点自定义属性（可以省略）
#node.attr.rack: r1
# 数据存档位置
#path.data: /usr/share/elasticsearch/data
# 日志存放位置
#path.logs: /usr/share/elasticsearch/log
# 是否开启时锁定内存（默认为是）
#bootstrap.memory_lock: true
# 设置网关地址，我是被这个坑死了，这个地址我原先填写了自己的实际物理IP地址，
# 然后启动一直报无效的IP地址，无法注入9300端口，这里只需要填写0.0.0.0
network.host: 0.0.0.0
# 设置其它结点和该结点交互的ip地址，如果不设置它会自动判断，值必须是个真实的ip地址，设置当前物理机地址,
# 如果是docker安装节点的IP将会是配置的IP而不是docker网管ip
network.publish_host: 192.168.31.129
# 设置映射端口
http.port: 9200
# 内部节点之间沟通端口
transport.tcp.port: 9300
# 集群发现默认值为127.0.0.1:9300,如果要在其他主机上形成包含节点的群集,如果搭建集群则需要填写
#es7.x 之后新增的配置，写入候选主节点的设备地址，在开启服务后可以被选为主节点，也就是说把所有的节点都写上
discovery.seed_hosts: ["192.168.31.129:9300","192.168.31.129:9301"]
# 当你在搭建集群的时候，选出合格的节点集群，有些人说的太官方了，
# 其实就是，让你选择比较好的几个节点，在你节点启动时，在这些节点中选一个做领导者，
# 如果你不设置呢，elasticsearch就会自己选举，这里我们把三个节点都写上
cluster.initial_master_nodes: ["192.168.31.129:9300","192.168.31.129:9301"]
# 在群集完全重新启动后阻止初始恢复，直到启动N个节点
# 简单点说在集群启动后，至少复活多少个节点以上，那么这个服务才可以被使用，否则不可以被使用，
#gateway.recover_after_nodes: 1
# 删除索引是是否需要显示其名称，默认为显示
#action.destructive_requires_name: true
# 配置跨域
http.cors.enabled: true   # 开启跨域
# 允许所有都可以访问
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate 
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12


重置密码
./bin/elasticsearch-setup-passwords interactive
默认账号
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

分词器下载地址
https://github.com/medcl/elasticsearch-analysis-ik/releases
文件上传通道下载地址
https://www.elastic.co/guide/en/elasticsearch/plugins/current/ingest-attachment.html
查看集群地址：
http://192.168.31.129:9200/_cat/nodes