Elasticsearch 安装设置

Centos 部署 Elasticsearch

# 下载
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.16.3-linux-x86_64.tar.gz
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.16.3-linux-x86_64.tar.gz.sha512
shasum -a 512 -c elasticsearch-7.16.3-linux-x86_64.tar.gz.sha512
tar -xzf elasticsearch-7.16.3-linux-x86_64.tar.gz
cd elasticsearch-7.16.3/

# 配置 vi config/elasticsearch.yml
etwork.host: 0.0.0.0 # 让其他机器可访问
node.name: node-1
xpack.security.enabled: true  # https://www.elastic.co/guide/en/elasticsearch/reference/7.16/security-minimal-setup.html
discovery.type: single-node # 单节点运行

# 安装分词插件
./bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.16.3/elasticsearch-analysis-ik-7.16.3.zip # 可能需要管理员权限安装

# 分词插件配置文件:config/analysis-ik/config/IKAnalyzer.cfg.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties><comment>IK Analyzer 扩展配置</comment><!--用户可以在这里配置自己的扩展字典 --><entry key="ext_dict">custom/mydict.dic;custom/single_word_low_freq.dic</entry><!--用户可以在这里配置自己的扩展停止词字典--><entry key="ext_stopwords">custom/ext_stopword.dic</entry><!--用户可以在这里配置远程扩展字典 --><entry key="remote_ext_dict">http://xxx.com/xxx.dic</entry><!--用户可以在这里配置远程扩展停止词字典--><entry key="remote_ext_stopwords">http://xxx.com/xxx.dic</entry>
</properties>
# 通过设置 remote_ext_dict 实现热更新 IK 分词
http 请求需要返回两个头部(header),一个是 Last-Modified,一个是 ETag,这两者都是字符串类型,只要有一个发生变化,该插件就会去抓取新的分词进而更新词库。
http 请求返回的内容格式是一行一个分词,换行符用 \n 即可。
满足上面两点要求就可以实现热更新分词了,不需要重启 ES 实例。# 运行
./bin/elasticsearch (需新建es用户执行)

# 自动生成密码
./bin/elasticsearch-setup-passwords auto# 测试 elasticsearch
curl -u elastic:Qy6EOzspEHXHa18EhRg9 127.0.0.1:9200

# 插件测试 https://github.com/medcl/elasticsearch-analysis-ik
curl -u elastic:Qy6EOzspEHXHa18EhRg9 -XPOST http://localhost:9200/index/_mapping -H 'Content-Type:application/json' -d'
{"properties": {"content": {"type": "text","analyzer": "ik_max_word","search_analyzer": "ik_smart"}}
}'curl -u elastic:Qy6EOzspEHXHa18EhRg9 -XPOST http://localhost:9200/index/_create/1 -H 'Content-Type:application/json' -d'
{"content":"美国留给伊拉克的是个烂摊子吗"}'curl -u elastic:Qy6EOzspEHXHa18EhRg9 -XPOST http://localhost:9200/index/_search  -H 'Content-Type:application/json' -d'
{"query" : { "match" : { "content" : "美国" }},"highlight" : {"pre_tags" : ["<tag1>", "<tag2>"],"post_tags" : ["</tag1>", "</tag2>"],"fields" : {"content" : {}}}
}'

# 安装 kibana 一个开源的 Elasticsearch 分析和可视化平台
curl -L -O https://artifacts.elastic.co/downloads/kibana/kibana-7.16.3-linux-x86_64.tar.gz
tar xzvf kibana-7.16.3-linux-x86_64.tar.gz
cd kibana-7.16.3-linux-x86_64/
# 配置 vi config/kibana.yml
server.host: "0.0.0.0"
server.publicBaseUrl: "http://<your-ip>:5601"
# 运行
./bin/kibana
# 连接
http://192.168.0.111:5601  # 使用用户名:elastic 及生成的密码登录

停止

ps -ef | grep elastic
kill <pid>

docker 安装 ES

环境:Centos 8

参考:https://www.elastic.co/guide/en/elasticsearch/reference/7.16/docker.html

# 拉取镜像
docker pull docker.elastic.co/elasticsearch/elasticsearch:7.16.3
# 单节点运行(开发或测试环境)
# -p 127.0.0.1:9200:9200 仅本机访问
docker run -p 127.0.0.1:9200:9200 -p 127.0.0.1:9300:9300 -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:7.16.3
# docker-compose.yml## 多节点
version: '2.2'
services:es01:image: docker.elastic.co/elasticsearch/elasticsearch:7.16.3container_name: es01environment:- node.name=es01- cluster.name=es-docker-cluster- discovery.seed_hosts=es02,es03- cluster.initial_master_nodes=es01,es02,es03- bootstrap.memory_lock=true- "ES_JAVA_OPTS=-Xms512m -Xmx512m"ulimits:memlock:soft: -1hard: -1volumes:- data01:/usr/share/elasticsearch/dataports:- 9200:9200networks:- elastices02:image: docker.elastic.co/elasticsearch/elasticsearch:7.16.3container_name: es02environment:- node.name=es02- cluster.name=es-docker-cluster- discovery.seed_hosts=es01,es03- cluster.initial_master_nodes=es01,es02,es03- bootstrap.memory_lock=true- "ES_JAVA_OPTS=-Xms512m -Xmx512m"ulimits:memlock:soft: -1hard: -1volumes:- data02:/usr/share/elasticsearch/datanetworks:- elastices03:image: docker.elastic.co/elasticsearch/elasticsearch:7.16.3container_name: es03environment:- node.name=es03- cluster.name=es-docker-cluster- discovery.seed_hosts=es01,es02- cluster.initial_master_nodes=es01,es02,es03- bootstrap.memory_lock=true- "ES_JAVA_OPTS=-Xms512m -Xmx512m"ulimits:memlock:soft: -1hard: -1volumes:- data03:/usr/share/elasticsearch/datanetworks:- elasticvolumes:data01:driver: localdata02:driver: localdata03:driver: localnetworks:elastic:driver: bridge

生产环境配置要求

/etc/sysctl.conf 中设置:

vm.max_map_count=262144

临时设置:

sysctl -w vm.max_map_count=262144

使用

An index can be thought of as an optimized collection of documents and each document is a collection of fields, which are the key-value pairs that contain your data.

Elasticsearch indexes all data in every field and each indexed field has a dedicated, optimized data structure.

For example, text fields are stored in inverted indices, and numeric and geo fields are stored in BKD trees. The ability to use the per-field data structures to assemble and return search results is what makes Elasticsearch so fast.

When dynamic mapping is enabled, Elasticsearch automatically detects and adds new fields to the index. This default behavior makes it easy to index and explore your data—just start indexing documents and Elasticsearch will detect and map booleans, floating point and integer values, dates, and strings to the appropriate Elasticsearch data types.

It’s often useful to index the same field in different ways for different purposes. For example, you might want to index a string field as both a text field for full-text search and as a keyword field for sorting or aggregating your data. Or, you might choose to use more than one language analyzer to process the contents of a string field that contains user input.

The analysis chain that is applied to a full-text field during indexing is also used at search time. When you query a full-text field, the query text undergoes the same analysis before the terms are looked up in the index.

From your applications, you can use the Elasticsearch client for your language of choice: Java, JavaScript, Go, .NET, PHP, Perl, Python or Ruby.

The Elasticsearch REST APIs support structured queries, full text queries, and complex queries that combine the two. Structured queries are similar to the types of queries you can construct in SQL. For example, you could search the gender and age fields in your employee index and sort the matches by the hire_date field. Full-text queries find all documents that match the query string and return them sorted by relevance—how good a match they are for your search terms.

In addition to searching for individual terms, you can perform phrase searches, similarity searches, and prefix searches, and get autocomplete suggestions.

在 Kibana Dev Tools 中测试

# 创建单个文档数据
POST logs-my_app-default/_doc
{"@timestamp": "2099-05-06T16:21:15.000Z","event": {"original": "192.0.2.42 - - [06/May/2099:16:21:15 +0000] \"GET /images/bg.jpg HTTP/1.0\" 200 24736"}
}

# 批量创建PUT logs-my_app-default/_bulk
{ "create": { } }
{ "@timestamp": "2099-05-07T16:24:32.000Z", "event": { "original": "192.0.2.242 - - [07/May/2020:16:24:32 -0500] \"GET /images/hm_nbg.jpg HTTP/1.0\" 304 0" } }
{ "create": { } }
{ "@timestamp": "2099-05-08T16:25:42.000Z", "event": { "original": "192.0.2.255 - - [08/May/2099:16:25:42 +0000] \"GET /favicon.ico HTTP/1.0\" 200 3638" } }

# 搜索全部并排序
GET logs-my_app-default/_search
{"query": {"match_all": { }},"sort": [{"@timestamp": "desc"}]
}

# 按范围条件查询指定字段值
GET logs-my_app-default/_search
{"query": {"range": { # 范围查询"@timestamp": {"gte": "2099-05-05","lt": "2099-05-08"}}},"fields": ["@timestamp" # 指定字段],"_source": false,"sort": [ # 排序{"@timestamp": "desc"}]
}

# 运行时字段
GET logs-my_app-default/_search
{"runtime_mappings": {"source.ip": { # 运行时字段,从非结构化内容中读取"type": "ip","script": """String sourceip=grok('%{IPORHOST:sourceip} .*').extract(doc[ "event.original" ].value)?.sourceip;if (sourceip != null) emit(sourceip);"""}},"query": {"bool": { # 组合查询"filter": [{"range": {"@timestamp": {"gte": "2099-05-05","lt": "2099-05-08"}}},{"range": {"source.ip": {"gte": "192.0.2.0","lte": "192.0.2.240"}}}]}},"fields": ["@timestamp","source.ip"],"_source": false,"sort": [{"@timestamp": "desc"}]
}
# 聚合查询数据
GET logs-my_app-default/_search
{"runtime_mappings": {"http.response.body.bytes": {"type": "long","script": """String bytes=grok('%{COMMONAPACHELOG}').extract(doc[ "event.original" ].value)?.bytes;if (bytes != null) emit(Integer.parseInt(bytes));"""}},"aggs": {"average_response_size":{"avg": {"field": "http.response.body.bytes"}}},"query": {"bool": {"filter": [{"range": {"@timestamp": {"gte": "2099-05-05","lt": "2099-05-08"}}}]}},"fields": ["@timestamp","http.response.body.bytes"],"_source": false,"sort": [{"@timestamp": "desc"}]
}
# 删除数据
DELETE _data_stream/logs-my_app-default

Java 客户端

https://www.elastic.co/guide/en/elasticsearch/client/java-api-client/current/introduction.html

全文搜索引擎 Elasticsearch 入门教程

http://www.ruanyifeng.com/blog/2017/08/elasticsearch.html

Centos 单节点部署 Elasticsearch相关推荐

  1. Elasticsearch在Linux中的单节点部署和集群部署

    目录 一.Elasticsearch简介 二.Linux单节点部署 1.软件下载解压 2.创建用户 3.修改配置文件 4.切换到刚刚创建的用户启动软件 5.测试 三.Linux集群配置 1.拷贝文件 ...

  2. ElasticSearch学习(四)——Linux 单节点部署

    文章名称 地址 ElasticSearch学习(一)--概述 前往 ElasticSearch学习(二)--索引.文档简单操作 前往 ElasticSearch学习(三)--Windows 集群部署 ...

  3. Graylog 日志服务器单节点部署

    资料 https://docs.graylog.org/docs/ 简介 Graylog项目由Lennart Koopmann在2009年左右启动.当时,最着名的日志管理软件vendor发布了他们产品 ...

  4. k8s二进制单节点部署

    k8s二进制单节点部署 常见的k8s部署方式 Kubernetes二进制部署(单节点) 环境准备 部署etcd集群(这里就不在单独的服务器上部署,直接部署在各节点上,节省资源) 下载证书制作工具 利用 ...

  5. 啃K8s之快速入门,以及哭吧S(k8s)单节点部署

    啃K8s之快速入门,以及哭吧S(k8s)单节点部署 一:Kubernets概述 1.1:Kubernets是什么? 1.2:Kubernets特性 1.3:Kubernets群集架构与组件 1.3.1 ...

  6. skywalking单节点部署

    skywalking单节点部署 skywalking服务部署 下载skywalking服务文件 下载地址:http://skywalking.apache.org/downloads/ 我使用的是Bi ...

  7. Ubuntu下用devstack单节点部署Openstack

    一.实验环境 本实验是在Vmware Workstation下创建的单台Ubuntu服务器版系统中,利用devstack部署的Openstack Pike版. 宿主机:win10 1803  8G内存 ...

  8. openstack 系列: 基于CentOS7系统使用packstack工具单节点部署openstacktrain---Part-I安装简易命令

    1说明 本人非linux专业人士,更不是云计算专家 部署过程是从各大博客自己百度知道 各种搜索排查,硬是搭起了train环境 过程纠结,先是在win 10 vmware 上安装centos7 再基于c ...

  9. 服务搭建篇(七) Elasticsearch单节点部署以及多节点集群部署

    感兴趣的话大家可以关注一下公众号 : 猿人刘先生 , 欢迎大家一起学习 , 一起进步 , 一起来交流吧! 1.Elasticsearch Elasticsearch(简称ES) 是一个分布式 , RE ...

最新文章

  1. Android, WindowsPhone7, IOS ,vc2010平台40多套图片滤镜开源
  2. [css] body{height:100%}和html,body{height:100%}有什么区别?为什么html要设置height:100%呢,html不就是整个窗口吗?
  3. c语言 枚举类型 uint32_浅谈C语言枚举类型 | 附自创用法分享
  4. IE11浏览器一个窗口打开多个页面设置方法
  5. html自定义标签模板,javascript – 模板与HTML自定义元素的使用
  6. 【Flink】 collector 非常慢 一次尴尬的 排查错误方向 chain 与 不chain 的 区别
  7. Kali桥接模式DHCP自动获取IP失败(VMware)
  8. ui曲线谁是横坐标_【鼎阳硬件智库原创 | 测试测量】关于示波器的幅频特性曲线...
  9. 中概股“回A”政策趋紧 霞客环保终止卖壳
  10. 静态代码编码安全审计: PHP源代码审计工具RIPS
  11. html中js怎么实现页面跳转页面,JavaScript实现页面跳转的几种常用方式
  12. 关于物联网卡禁区和死卡问题的最全解释
  13. 首次揭秘!字节跳动基础架构技术迭代演进之路
  14. 超声波清洗机对人体有辐射,有伤害吗?
  15. 属于计算机语言基本元素是,高级编程语言的共有的一些基本要素
  16. SaaS、PaaS、LaaS以及之间的区别
  17. oracle sys_context()函数
  18. 将文字生成png图片
  19. 上帝给我们大龄程序员的出路,就在这!(附:现状分析)
  20. Tempest之Testr使用

热门文章

  1. 2022年深圳技能大赛-大数据技术应用职业技能竞赛介绍
  2. 高光谱图像分类_高光谱图像分析-分类
  3. 深度学习系列-前言:深度学习的好教程
  4. truffle-contract调用合约
  5. 2021年 Java 面试题集锦 -- 持续更新
  6. 51单片机使用HC-SR501人体红外感应器C语言
  7. 计算小分子之间的RMSD
  8. Kaggle之泰坦尼克号(1)
  9. 基于R语言的随机森林算法运用
  10. Chrony与NTP对比