Docker 安装 Elasticsearch 8.x

文档

• 请注意文档链接中的版本号

1. https://www.elastic.co/guide/en/elasticsearch/reference/8.9/docker.html

说明

1. 本文以 Elasticsearch 8.9.0 为例

前提条件

vm.max_map_count 至少为 262144

1. 检查

   sysctl vm.max_map_count

   [root@dev-1 ~]# sysctl vm.max_map_count
   vm.max_map_count = 65530
   [root@dev-1 ~]#

2. 设置

   echo 'vm.max_map_count=262144' >> /etc/sysctl.conf

   sysctl -p

创建 Elasticsearch 使用的网卡

1. 创建

   docker network create elastic

   如果遇见下列错误，请重启 docker

   [root@dev-1 ~]# sudo docker network create elastic
   Error response from daemon: Failed to Setup IP tables: Unable to enable SKIP DNAT rule:  (iptables failed: iptables --wait -t nat -I DOCKER -i br-de54e958445c -j RETURN: iptables: No chain/target/match by that name.
   (exit status 1))

创建 Elasticsearch

1. 创建 Elasticsearch 容器

   1. 容器名称：es01
   2. 使用网络：elastic
   3. 内部端口：9200
   4. 外部端口：9200
   5. 交互式命令：-it，等于直接看到容器运行的日志，能直接看到密码，退出（按 Ctrl + C）查看后，容器将停止运行，需要自行启动
   6. 交互式命令后台运行：-itd，创建时无法看到运行的日志，需要自行查看运行的日志（docker logs -f es01），才能看到密码
   7. 镜像：docker.elastic.co/elasticsearch/elasticsearch:8.9.0
   8. 支持自动启动：--restart=always

   docker run --name es01 --net elastic -p 9200:9200 -it docker.elastic.co/elasticsearch/elasticsearch:8.9.0

2. 凭证

   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
   ✅ Elasticsearch security features have been automatically configured!
   ✅ Authentication is enabled and cluster connections are encrypted.
   
   ℹ️  Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
   +22i_g57+B8TA-rg51ay
   
   ℹ️  HTTP CA certificate SHA-256 fingerprint:
   79dd5ccf9e99963518c57c106bf9913b2f7c9d108b5bed5f658de219c2f45fbe
   
   ℹ️  Configure Kibana to use this cluster:
   • Run Kibana and click the configuration link in the terminal when Kibana starts.
   • Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
   eyJ2ZXIiOiI4LjkuMCIsImFkciI6WyIxNzIuMTcuMC4yOjkyMDAiXSwiZmdyIjoiNzlkZDVjY2Y5ZTk5OTYzNTE4YzU3YzEwNmJmOTkxM2IyZjdjOWQxMDhiNWJlZDVmNjU4ZGUyMTljMmY0NWZiZSIsImtleSI6Im05OFotSWtCVzhyQi1CM0JDMzBBOjJiNzFieWdJUzV1SXQ3am5DemUtM1EifQ==
   
   ℹ️ Configure other nodes to join this cluster:
   • Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):
   eyJ2ZXIiOiI4LjkuMCIsImFkciI6WyIxNzIuMTcuMC4yOjkyMDAiXSwiZmdyIjoiNzlkZDVjY2Y5ZTk5OTYzNTE4YzU3YzEwNmJmOTkxM2IyZjdjOWQxMDhiNWJlZDVmNjU4ZGUyMTljMmY0NWZiZSIsImtleSI6Im5kOFotSWtCVzhyQi1CM0JDMzBGOnJrNkpuRF9iUl9DOF83aTI4WDBsM2cifQ==
   
   If you're running in Docker, copy the enrollment token and run:
   `docker run -e "ENROLLMENT_TOKEN=<token>" docker.elastic.co/elasticsearch/elasticsearch:8.9.0`
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

测试

1. 将证书从容器 es01 内复制出来

   docker cp es01:/usr/share/elasticsearch/config/certs/http_ca.crt .

2. 使用证书连接

   curl --cacert http_ca.crt -u elastic https://localhost:9200

   [root@dev-1 ~]# curl --cacert http_ca.crt -u elastic https://localhost:9200
   Enter host password for user 'elastic':

   输入上方查看日志中的密码：+22i_g57+B8TA-rg51ay

   [root@dev-1 ~]# curl --cacert http_ca.crt -u elastic https://localhost:9200
   Enter host password for user 'elastic':
   {
       "name" : "44c4e05125d7",
       "cluster_name" : "docker-cluster",
       "cluster_uuid" : "_IiZxa6HSMGWKV-8P-7uTg",
       "version" : {
           "number" : "8.9.0",
           "build_flavor" : "default",
           "build_type" : "docker",
           "build_hash" : "8aa461beb06aa0417a231c345a1b8c38fb498a0d",
           "build_date" : "2023-07-19T14:43:58.555259655Z",
           "build_snapshot" : false,
           "lucene_version" : "9.7.0",
           "minimum_wire_compatibility_version" : "7.17.0",
           "minimum_index_compatibility_version" : "7.0.0"
       },
       "tagline" : "You Know, for Search"
   }
   [root@dev-1 ~]#

重新生成密码

docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic

[root@dev-1 ~]# docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y


Password for the [elastic] user successfully reset.
New value: UH1_sUOWF=PV+mmOFdqZ
[root@dev-1 ~]#