OpenSearch EP 1:OpenSearch單體(Standalone)基本安裝
安裝OpenSearch
安裝一個單節點的OpenSearch,但先不啟用加密、權限…等功能,就是一個單體運作的環境,請注意,這是一個練習,並不適合正式環境。
環境
- CPU:4 Cores
- Memory:4 GB
- OS:CentOS 7 (Update to date)
- Java:11
- OpenSearch:v1.2.3
- Firewall:Disable
- SELinux:Disable
前置準備
步驟1:新增用作OpenSearch運行的是群組(opensearch)與使用者帳號(opensearch)。
$ useradd opensearch步驟2:新增放置資料與Log的目錄,並賦予使用者權限。
$ mkdir /var/lib/opensearch
$ chown -R opensearch:opensearch /var/lib/opensearch/
$ mkdir /var/log/opensearch
$ chown -R opensearch:opensearch /var/log/opensearch/步驟3:修改作業系統的核心設定。
$ vi /etc/sysctl.conf
# 新增以下這行設定,參數最少必須是262144。
vm.max_map_count=262144
$ vi /etc/security/limits.conf
#<domain> <type> <item> <value>
opensearch soft nofile 65536
opensearch hard nofile 65536
opensearch soft nproc 65536
opensearch hard nproc 65536步驟4:安裝Java Open-JDK 11 LTS
$ yum install java-11-openjdk -y
$ java --version
openjdk 11.0.13 2021-10-19 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.13+8-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.13+8-LTS, mixed mode, sharing)步驟5:下載OpenSearch安裝包,解壓縮放置/opt/下,並賦予opensearch所有權。
$ wget https://artifacts.opensearch.org/releases/bundle/opensearch/1.2.3/opensearch-1.2.3-linux-x64.tar.gz
$ tar zxvf opensearch-1.2.3-linux-x64.tar.gz
$ mv opensearch-1.2.3 /opt/opensearch/
$ chown -R opensearch:opensearch /opt/opensearch/步驟6:重新啟動伺服器,確保上面的所有設定都生效。
$ sudo reboot安裝
步驟1:指定到設定檔的目錄(/opt/opensearch/config),設定jvm.options。
$ vi jvm.options
# 重要的兩個設定,以此來調整JVM的記憶體量
-Xms1g #初始最小記憶體
-Xmx1g #可使用最大的記憶體量**目前OpenSearch仍是以Elasticsearch 7.10.2為核心,理論上,JVM最大建議記憶體仍為64GB,伺服器記憶體為64GB的兩倍128GB,再多,也無濟於事!
步驟2:設定opensearch.yml,這個設定檔一樣在設定檔的目錄(/opt/opensearch/config)。
$ vi /opt/opensearch/config/opensearch.yml
# ======================== OpenSearch Configuration =========================
#
# NOTE: OpenSearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.opensearch.org
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
# 設定叢集的名稱
cluster.name: my-opensearch-cluster
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: lab-opensearch.example.com
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/opensearch
#
# Path to log files:
#
path.logs: /var/log/opensearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# OpenSearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["lab-opensearch.example.com"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["lab-opensearch.example.com"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
plugins.security.disabled: true
node.master: true
node.data: true
node.ingest: true步驟3:使用shell完成設定與啟動OpenSearch。
# 在/opt/opensearch根目錄下
$ ./bin/opensearch步驟4:啟用後,可以使用Curl呼叫Restful API來測試OpenSearch是否啟動成功。
$ curl -XGET http://lab-opensearch.example.com:9200 --insecure
{
"name" : "lab-opensearch.example.com",
"cluster_name" : "my-opensearch-cluster",
"cluster_uuid" : "_TYeBUc7RTOSGVKs-XSraw",
"version" : {
"distribution" : "opensearch",
"number" : "1.2.3",
"build_type" : "tar",
"build_hash" : "8a529d77c7432bc45b005ac1c4ba3b2741b57d4a",
"build_date" : "2021-12-21T01:36:21.407473Z",
"build_snapshot" : false,
"lucene_version" : "8.10.1",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}若看到上面那些OpenSearch的資訊,就代表啟用成功能!
步驟5:若要確認Plugin是否安裝成功,可以用以下API來確認。
$ curl -XGET http://lab-opensearch.example.com:9200/_cat/plugins?v --insecure
name component version
lab-opensearch.example.com opensearch-alerting 1.2.3.0
lab-opensearch.example.com opensearch-anomaly-detection 1.2.3.0
lab-opensearch.example.com opensearch-asynchronous-search 1.2.3.0
lab-opensearch.example.com opensearch-cross-cluster-replication 1.2.3.0
lab-opensearch.example.com opensearch-index-management 1.2.3.0
lab-opensearch.example.com opensearch-job-scheduler 1.2.3.0
lab-opensearch.example.com opensearch-knn 1.2.3.0
lab-opensearch.example.com opensearch-observability 1.2.3.0
lab-opensearch.example.com opensearch-performance-analyzer 1.2.3.0
lab-opensearch.example.com opensearch-reports-scheduler 1.2.3.0
lab-opensearch.example.com opensearch-security 1.2.3.0
lab-opensearch.example.com opensearch-sql 1.2.3.0步驟6:設定systemd的設定檔,在/etc/systemd/system目錄下新增一個opensearch.service。
**此處參考ElasticSearch的elasticsearch.service。
$ vi /etc/systemd/system/opensearch.service
[Unit]
Description=OpenSearch
[Service]
Type=simple
RuntimeDirectory=opensearch
PrivateTmp=true
Environment=ES_HOME=/opt/opensearch
Environment=ES_PATH_CONF=/opt/opensearch/config
Environment=PID_DIR=/var/run/opensearch
Environment=ES_SD_NOTIFY=true
WorkingDirectory=/opt/opensearch
User=opensearch
Group=opensearch
ExecStart=/opt/opensearch/bin/opensearch -p ${PID_DIR}/opensearch.pid
# StandardOutput is configured to redirect to journalctl since
# some error messages may be logged in standard output before
# elasticsearch logging system is initialized. Elasticsearch
# stores its logs in /var/log/elasticsearch and does not use
# journalctl by default. If you also want to enable journalctl
# logging, you can simply remove the "quiet" option from ExecStart.
StandardOutput=journal
StandardError=inherit
# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65536
# Specifies the maximum number of processes
LimitNPROC=65536
# Specifies the maximum size of virtual memory
LimitAS=infinity
# Specifies the maximum file size
LimitFSIZE=infinity
# Disable timeout logic and wait until process is stopped
TimeoutStopSec=0
# SIGTERM signal is used to stop the Java process
KillSignal=SIGTERM
# Send the signal only to the JVM rather than its control group
KillMode=process
# Java process is never killed
SendSIGKILL=no
# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143
# Allow a slow startup before the systemd notifier module kicks in to extend the timeout
TimeoutStartSec=75
[Install]
WantedBy=multi-user.target步驟7:使用systemctl來執行啟動、查詢狀態、關閉…等動作。
# 啟動OpenSearch
$ systemctl start opensearch.service
# 查詢狀態
$ systemctl status opensearch.service -l
# 開機啟動OpenSearch
$ systemctl enable opensearch.service
# 取消開機啟動OpenSearch
$ systemctl disable opensearch.service
# 關閉OpenSearch
$ systemctl stop opensearch.service至此,已經完成一個單節點OpenSearch的安裝,但再次提醒,目前為止還不適用於正式的營運環境,仍需要完成安全性設定(包含:憑證、驗證、授權…等)與多節點的叢集架構,才是一個標準且基本的正式營運環境。
~ END ~
