Elasticsearch is a distributed and RESTful search and data analysis engine, which can solve the emerging use cases. As the core of Elastic Stack, it centrally stores your data and helps you find unexpected and unexpected situations.
Elasticsearch is a JSON based distributed search and analysis engine.
Elasticsearch is developed in the Java language and released as an open source under the Apache license terms. It is a popular enterprise search engine. Elasticsearch for cloud computing It can achieve real-time search, stable, reliable, fast and convenient installation and use.
- Distributed real-time file storage, each field is indexed and searchable
- Distributed search engine for real-time analysis
- It can be extended to hundreds of servers to process PB level structured or unstructured data
Official website address: Elasticsearch: the official distributed search and analysis engine | Elastic
preparation in advance
For security reasons, elasticsearch is not allowed to run under the root account by default.
ES cannot be installed with root user, and ordinary user is required.
# Create user useradd leyou # Set password passwd leyou # Switch users su - leyou
Download the installation package of ElasticSeach. This case uses version 6.2.4
# Unzip the installation package tar -zxvf elasticsearch-6.2.4.tar.gz # Rename folder mv elasticsearch-6.3.0/ elasticsearch # Enter config directory cd config
Modify the configuration item JVM options
# Edit JVM options: vim jvm.options # The default configuration is as follows: -Xms1g -Xmx1g Too much memory, let's turn it down: -Xms512m -Xmx512m
Modify the configuration item elasticsearch yml
# Edit elasticsearch yml vim elasticsearch.yml # Modify the data and log directory: (we need to create a folder to store data and logs according to this path) path.data: /home/leyou/elasticsearch/data # Data directory location path.logs: /home/leyou/elasticsearch/logs # Log directory location # Continue to modify elasticsearch yml # Only local access is allowed by default. After it is modified to 0.0.0.0, it can be accessed remotely network.host: 0.0.0.0 # Bind to 0.0.0.0 and allow any ip to access
Resolve error reporting
Enter the bin directory and enter the startup command
Startup failed. There is a problem with the configuration item and it needs to be solved.
1.3.1. Error 1: kernel too low
Modify elasticsearch YML file, add the following configuration at the bottom:
1.3.2. Error 2: insufficient file permissions
Error log: max file descriptors  for elasticsearch process like too low, increase to at least
# Exit current user exit # Raise file permissions vim /etc/security/limits.conf # Add the following: * soft nofile 65536 * hard nofile 131072 * soft nproc 4096 * hard nproc 4096
1.3.3. Error 3: insufficient threads
Error log: max number of threads  for user [leyou] is too low, increase to at least 
# Number of modified threads vim /etc/security/limits.d/90-nproc.conf perhaps vim /etc/security/limits.d/20-nproc.conf # Change nproc to: * soft nproc 4096
1.3.4. Error 4: process virtual memory
Error log: Max virtual memory areas VM max_ map_ count  likely too low, increase to at least 
vim /etc/sysctl.conf # Add the following: vm.max_map_count=655360 # Then execute the command: sysctl -p
Enter the bin directory, enter the command, and finally print out started, indicating that the startup is successful
Available http://127.0.0.1:9200 , if the data is returned, it indicates that the startup is successful.