简介
安装Elastic
安装elastic之前需要检查是否安装Java环境,Java版本至少是Java8
$ java -version java version "1.8.0_144" Java(TM) SE Runtime Environment (build 1.8.0_144-b01) Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)安装elastic,最简单的方法是下载压缩包,并解压
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.2.tar.gz $ tar -xvf elasticsearch-6.2.2.tar.gz $ cd elasticsearch-6.2.2/进入解压后的目录,运行如下命令,启动elastic
$ ./bin/elasticsearch 或者 $ ./bin/elasticsearch -d -p pid运行正常会出现如下界面,默认运行在
9200端口$ ./bin/elasticsearch [2018-02-26T13:23:32,399][INFO ][o.e.n.Node ] [] initializing ... [2018-02-26T13:23:32,455][INFO ][o.e.e.NodeEnvironment ] [Ftxy5_l] using [1] data paths, mounts [[/ (/dev/disk1)]], net usable_space [133.8gb], net total_space [232.6gb], types [hfs] [2018-02-26T13:23:32,456][INFO ][o.e.e.NodeEnvironment ] [Ftxy5_l] heap size [989.8mb], compressed ordinary object pointers [true] [2018-02-26T13:23:32,457][INFO ][o.e.n.Node ] node name [Ftxy5_l] derived from node ID [Ftxy5_lYRBa67IuaMyOOBw]; set [node.name] to override [2018-02-26T13:23:32,457][INFO ][o.e.n.Node ] version[6.2.2], pid[2242], build[10b1edd/2018-02-16T19:01:30.685723Z], OS[Mac OS X/10.12.6/x86_64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_144/25.144-b01] [2018-02-26T13:23:32,458][INFO ][o.e.n.Node ] JVM arguments [-Xms1g, -Xmx1g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.io.tmpdir=/var/folders/yf/m8nhcn4x1vd1snmnykt7n89h0000gn/T/elasticsearch.c7Lp6Ain, -XX:+HeapDumpOnOutOfMemoryError, -XX:+PrintGCDetails, -XX:+PrintGCDateStamps, -XX:+PrintTenuringDistribution, -XX:+PrintGCApplicationStoppedTime, -Xloggc:logs/gc.log, -XX:+UseGCLogFileRotation, -XX:NumberOfGCLogFiles=32, -XX:GCLogFileSize=64m, -Des.path.home=/Users/jockie/install_programs/elasticsearch-6.2.2, -Des.path.conf=/Users/jockie/install_programs/elasticsearch-6.2.2/config] [2018-02-26T13:23:32,950][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [aggs-matrix-stats] [2018-02-26T13:23:32,950][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [analysis-common] [2018-02-26T13:23:32,950][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [ingest-common] [2018-02-26T13:23:32,950][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [lang-expression] [2018-02-26T13:23:32,950][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [lang-mustache] [2018-02-26T13:23:32,950][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [lang-painless] [2018-02-26T13:23:32,950][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [mapper-extras] [2018-02-26T13:23:32,951][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [parent-join] [2018-02-26T13:23:32,951][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [percolator] [2018-02-26T13:23:32,951][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [rank-eval] [2018-02-26T13:23:32,951][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [reindex] [2018-02-26T13:23:32,951][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [repository-url] [2018-02-26T13:23:32,951][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [transport-netty4] [2018-02-26T13:23:32,951][INFO ][o.e.p.PluginsService ] [Ftxy5_l] loaded module [tribe] [2018-02-26T13:23:32,952][INFO ][o.e.p.PluginsService ] [Ftxy5_l] no plugins loaded [2018-02-26T13:23:34,693][INFO ][o.e.d.DiscoveryModule ] [Ftxy5_l] using discovery type [zen] [2018-02-26T13:23:35,115][INFO ][o.e.n.Node ] initialized [2018-02-26T13:23:35,115][INFO ][o.e.n.Node ] [Ftxy5_l] starting ... [2018-02-26T13:23:35,226][INFO ][o.e.t.TransportService ] [Ftxy5_l] publish_address {127.0.0.1:9300}, bound_addresses {[::1]:9300}, {127.0.0.1:9300} [2018-02-26T13:23:38,273][INFO ][o.e.c.s.MasterService ] [Ftxy5_l] zen-disco-elected-as-master ([0] nodes joined), reason: new_master {Ftxy5_l}{Ftxy5_lYRBa67IuaMyOOBw}{wcDZCO9STL-OfnTbGDNI_g}{127.0.0.1}{127.0.0.1:9300} [2018-02-26T13:23:38,277][INFO ][o.e.c.s.ClusterApplierService] [Ftxy5_l] new_master {Ftxy5_l}{Ftxy5_lYRBa67IuaMyOOBw}{wcDZCO9STL-OfnTbGDNI_g}{127.0.0.1}{127.0.0.1:9300}, reason: apply cluster state (from master [master {Ftxy5_l}{Ftxy5_lYRBa67IuaMyOOBw}{wcDZCO9STL-OfnTbGDNI_g}{127.0.0.1}{127.0.0.1:9300} committed version [1] source [zen-disco-elected-as-master ([0] nodes joined)]]) [2018-02-26T13:23:38,290][INFO ][o.e.h.n.Netty4HttpServerTransport] [Ftxy5_l] publish_address {127.0.0.1:9200}, bound_addresses {[::1]:9200}, {127.0.0.1:9200} [2018-02-26T13:23:38,290][INFO ][o.e.n.Node ] [Ftxy5_l] started [2018-02-26T13:23:38,295][INFO ][o.e.g.GatewayService ] [Ftxy5_l] recovered [0] indices into cluster_state打开另一个terminal,运行以下命令,查看说明信息
$ http http://127.0.0.1:9200 HTTP/1.1 200 OK content-encoding: gzip content-length: 280 content-type: application/json; charset=UTF-8 { "cluster_name": "elasticsearch", "cluster_uuid": "IkkdQBGTSIGucxbOrB2OiA", "name": "Ftxy5_l", "tagline": "You Know, for Search", "version": { "build_date": "2018-02-16T19:01:30.685723Z", "build_hash": "10b1edd", "build_snapshot": false, "lucene_version": "7.2.1", "minimum_index_compatibility_version": "5.0.0", "minimum_wire_compatibility_version": "5.6.0", "number": "6.2.2" } }http http://127.0.0.1:9200命令请求9200端口,elastic返回一个JSON对象,包含当前集群、节点、版本等信息。停止elastic服务
终端按下Ctrl+C,terminal打印信息如下 或者使用命令`kill pid’^C[2018-02-26T13:31:31,983][INFO ][o.e.n.Node ] [Ftxy5_l] stopping ... [2018-02-26T13:31:32,001][INFO ][o.e.n.Node ] [Ftxy5_l] stopped [2018-02-26T13:31:32,001][INFO ][o.e.n.Node ] [Ftxy5_l] closing ... [2018-02-26T13:31:32,008][INFO ][o.e.n.Node ] [Ftxy5_l] closed允许其他机器访问
默认情况下,Elastic 只允许本机访问,如果需要远程访问,可以修改 Elastic 安装目录的config/elasticsearch.yml文件,去掉network.host的注释,将它的值改成0.0.0.0,然后重新启动 Elastic。$ vi config/elasticsearch.yml 55 #network.host: 192.168.0.1 56 network.host: 0.0.0.0
安装kibana
kibana安装方法和elastic类似
- 下载解压包并解压
$ wget https://artifacts.elastic.co/downloads/kibana/kibana-6.2.2-darwin-x86_64.tar.gz $ tar -xvf kibana-6.2.2-darwin-x86_64.tar.gz $ mv kibana-6.2.2-darwin-x86_64.tar.gz kibana-6.2.2 $ cd kibana-6.2.2 - 修改配置文件
$ vi config/kibana.yml - 运行服务
$ ./bin/kibana - 使用kibana
打开浏览器,输入http://localhost:5601
基本概念
- Near Realtime (NRT)
Elasticsearch是一个几乎实时的搜索平台。 - Cluster & Node
Elastic本质上是一个分布式数据库,可以运行在多台服务器上,每台服务器可以运行多个Elastic实例。一个Elastic实例称为一个节点(node),多个节点则组成一个集群(cluster) - Index
和关系型数据库的数据库的概念一样,多条Document构成一个Index - Type
按照规划 Elastic6.x版本已经不推荐使用,后面版本将会彻底移除 - Document
Index里面的单条记录 - Shards & Replicas
分片和副本
Exploring Your Cluster
Elasticsearch通过REST API接口来操作
- Check your cluster, node, and index health, status, and statistics
- Administer your cluster, node, and index data and metadata
- Perform CRUD (Create, Read, Update, and Delete) and search operations against your indexes
- Execute advanced search operations such as paging, sorting, filtering, scripting, aggregations, and many others
查看集群的健康状况
$ curl -XGET 'localhost:9200/_cat/health?v&pretty'
epoch timestamp cluster status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent
1519625839 14:17:19 elasticsearch green 1 1 0 0 0 0 0 0 - 100.0%通过以上可以看出,名为’elasticsearch’的集群正常运行,且状态为green
elasticsearch的健康状态分为:green,yellow,red
- Green - everything is good (cluster is fully functional)
- Yellow - all data is available but some replicas are not yet allocated (cluster is fully functional)
- Red - some data is not available for whatever reason (cluster is partially functional)
获取所有的节点信息
$ curl -XGET 'localhost:9200/_cat/nodes?v&pretty'
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
192.168.0.101 28 74 5 1.77 mdi * Ftxy5_l列出所有的index
$ curl -XGET 'localhost:9200/_cat/indices?v&pretty'
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size以上说明,集群中目前还没有index
新建Index
以上操作,是在terminal下操作,接下来使用kibana console操作
PUT /customer?pretty
console展示如下:
Index and Query a Document
Index
请求:
PUT /customer/_doc/1?pretty
{
"name":"John Doe"
}
响应:
{
"_index": "customer",
"_type": "_doc",
"_id": "1",
"_version": 1,
"result": "created",
"_shards": {
"total": 2,
"successful": 1,
"failed": 0
},
"_seq_no": 0,
"_primary_term": 1
}Query
请求:
GET /customer/_doc/1?pretty
响应:
{
"_index": "customer",
"_type": "_doc",
"_id": "1",
"_version": 1,
"found": true,
"_source": {
"name": "John Doe"
}
}删除一个Index
请求:
DELETE /customer?pretty
响应:{
"acknowledged": true
}RESTAPI格式: <REST Verb> /<Index>/<Type>/<ID>
- PUT /customer
- PUT /customer/_doc/1
{
“name”: “Jone Doe”
} - GET /customer/_doc/1
- DELETE /customer
修改数据
Indexing/Replacing Documents
PUT /customer/_doc/1?pretty
{
"name": "John Doe"
}
PUT /customer/_doc/1?pretty
{
"name": "Jane Doe"
}
PUT /customer/_doc/2?pretty
{
"name": "Jane Doe"
}
POST /customer/_doc?pretty
{
"name": "Jane Doe"
}
Updating Documents
POST /customer/_doc/1/_update?pretty
{
"doc": { "name": "Jane Doe" }
}
POST /customer/_doc/1/_update?pretty
{
"doc": { "name": "Jane Doe", "age": 20 }
}
POST /customer/_doc/1/_update?pretty
{
"script" : "ctx._source.age += 5"
}Deleting Documents
DELETE /customer/_doc/2?prettyBatch Processing
POST /customer/_doc/_bulk?pretty
{"index":{"_id":"1"}}
{"name": "John Doe" }
{"index":{"_id":"2"}}
{"name": "Jane Doe" }POST /customer/_doc/_bulk?pretty
{"update":{"_id":"1"}}
{"doc": { "name": "John Doe becomes Jane Doe" } }
{"delete":{"_id":"2"}}Exploring Your Data
Sample Dataset
Loading the Sample Dataset
$ curl -H "Content-Type: application/json" -XPOST "localhost:9200/customer/_doc/_bulk?pretty&refresh" --data-binary "@accounts.json"
$ curl "localhost:9200/_cat/indices?v"
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
yellow open customer ReKMezdYSWGfIvOUdMrBuQ 5 1 1000 0 478.2kb 478.2kb
The Search API
Introducing the Query Language
Executing Searches
Executing Filters
Executing Aggregations
总结
Elasticsearch是一个既简单有复杂的产品,通过REST APIs操作数据,返回json格式的数据。
