1.1.3、安装说明（RPM-based Linux）

$ cd /usr/local/src && wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.6.1-linux-x86_64.tar.gz --no-check-certificate
$ tar -xzf elasticsearch-8.6.1-linux-x86_64.tar.gz -C /usr/local
$ cd .. && mv elasticsearch-8.6.1 elasticsearch
$ echo 'export ELASTIC_HOME=/usr/local/elasticsearch' >>/etc/profile
$ echo 'export PATH="$PATH:$ELASTIC_HOME/bin"' >>/etc/profile
$ source /etc/profile

$ mkdir -p /home/elastic/data
$ mkdir -p /home/elastic/logs

#创建用户和分组
$ groupadd elastic
$ useradd -g elastic -M -s /bin/bash elastic
$ chown -R elastic. /usr/local/elasticsearch/
$ chown -R elastic. /home/elastic/data
$ chown -R elastic. /home/elastic/logs
#赋予root权限
$ echo 'elastic ALL=(ALL) ALL' >>/etc/sudoers

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
# 数据存储路径
path.data: /home/elastic/data
#
# Path to log files:
# 日志存储路径
path.logs: /home/elastic/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
# 默认开启了内存地址锁定，为了避免内存交换提高性能
bootstrap.memory_lock: false
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
#network.host: 192.168.0.1
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
# 对外提供服务的http端口，默认为9200
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# --------------------------------- Readiness ----------------------------------
#
# Enable an unauthenticated TCP readiness endpoint on localhost
#
#readiness.port: 9399
#
# ---------------------------------- Various -----------------------------------
#
# Allow wildcard deletion of indices:
#
#action.destructive_requires_name: false
# 是否支持跨域
http.cors.enabled: true
# *表示支持所有域名
http.cors.allow-origin: "*"
# 解决StartupException
xpack.ml.enabled: false

#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 02-02-2023 06:58:20
#
# --------------------------------------------------------------------------------

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["k8s-worker-node2"]

# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0

# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
#transport.host: 0.0.0.0

#----------------------- END SECURITY AUTO CONFIGURATION -------------------------

# 开放9200端口号
firewall-cmd --zone=public --add-port=9200/tcp --permanent
firewall-cmd --zone=public --add-port=9300/tcp --permanent
# 刷新防火墙
firewall-cmd --reload
# 需要使用root账号 -- 如果防火墙没有开启 需要先开启
systemctl start firewalld
# 查看开放的端口号
firewall-cmd --list-ports

# Start the Elasticsearch Service
$ su elastic
$ bin/elasticsearch

# 修改elastic jvm配置文件
vi /usr/local/elasticsearch/config/jvm.options
-Xms256m
-Xmx256m

 Elasticsearch security features have been automatically configured!
✅ Authentication is enabled and cluster connections are encrypted.

ℹ️  Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
  WgUhDFoJ7f7p_nKZxNwC

ℹ️  HTTP CA certificate SHA-256 fingerprint:
  eae2801630443b4eb297f27f9bce4d13ccd4966c57156318c8b9870c1c270197

ℹ️  Configure Kibana to use this cluster:
• Run Kibana and click the configuration link in the terminal when Kibana starts.
• Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
  eyJ2ZXIiOiI4LjYuMSIsImFkciI6WyIxMC4yMzMuNjkuMDo5MjAwIl0sImZnciI6ImVhZTI4MDE2MzA0NDNiNGViMjk3ZjI3ZjliY2U0ZDEzY2NkNDk2NmM1NzE1NjMxOGM4Yjk4NzBjMWMyNzAxOTciLCJrZXkiOiJGVjdDRVlZQjRKcjQ2Q3JjY3lDZTp5VEJBUWJLVVNkcWpqV19Id0x1LXJRIn0=

ℹ️  Configure other nodes to join this cluster:
• On this node:
  ⁃ Create an enrollment token with `bin/elasticsearch-create-enrollment-token -s node`.
  ⁃ Uncomment the transport.host setting at the end of config/elasticsearch.yml.
  ⁃ Restart Elasticsearch.
• On other nodes:
  ⁃ Start Elasticsearch with `bin/elasticsearch --enrollment-token <token>`, using the enrollment token that you generated.

# 通过命令或者浏览器下载elasticsearch-analysis-ik插件
$ cd /usr/local/src && wget https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v8.6.0/elasticsearch-analysis-ik-8.6.0.zip
$ unzip elasticsearch-analysis-ik-8.6.0.zip -d /usr/local/elasticsearch/plugins/elasticsearch-analysis-ik-8.6.0
$ elasticsearch-plugin install elasticsearch-analysis-ik-8.6.0.zip
$ elasticsearch-plugin list elasticsearch-analysis-ik-8.6.0.zip

/usr/local/elasticsearch/bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-pinyin/releases/download/v8.6.0/elasticsearch-analysis-pinyin-8.6.0.zip

[root@rocketmq ~]# vi /lib/systemd/system/elasticsearch.service

[Unit]
Description=Elasticsearch Server
Documentation=https://www.elastic.co/guide
After=network.target

[Service]
User=elastic
Group=elastic
ExecStart=/usr/local/elasticsearch/bin/elasticsearch -d 2>&1 &
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID

# StandardOutput is configured to redirect to journalctl since
# some error messages may be logged in standard output before
# elasticsearch logging system is initialized. Elasticsearch
# stores its logs in /var/log/elasticsearch and does not use
# journalctl by default. If you also want to enable journalctl
# logging, you can simply remove the "quiet" option from ExecStart.
StandardOutput=journal
StandardError=inherit

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65535

# Specifies the maximum number of processes
LimitNPROC=4096

# Specifies the maximum size of virtual memory
LimitAS=infinity

# Specifies the maximum file size
LimitFSIZE=infinity

# Disable timeout logic and wait until process is stopped
TimeoutStopSec=0

# SIGTERM signal is used to stop the Java process
KillSignal=SIGTERM

# Send the signal only to the JVM rather than its control group
KillMode=process

# Java process is never killed
SendSIGKILL=no

# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143

[Install]
WantedBy=multi-user.target

[root@rocketmq ~]# systemctl daemon-reload
[root@rocketmq ~]# systemctl disable elasticsearch.service
[root@rocketmq ~]# systemctl enable elasticsearch.service
[root@rocketmq ~]# systemctl start elasticsearch.service
[root@rocketmq ~]# systemctl status elasticsearch.service
[root@rocketmq ~]# systemctl stop elasticsearch.service
[root@rocketmq ~]# systemctl restart elasticsearch.service

bin\elasticsearch-create-enrollment-token --scope kibana