必应网站管理员工具软件定制开发税率是多少

必应网站管理员工具,软件定制开发税率是多少,湖北省建设厅网站首页,有帮忙做幻灯片的网站么文章目录openEuler 上部署 Elasticsearch#xff1a;单节点与集群方式环境准备#xff08;所有部署方式都需要#xff09;1. 系统检查2. 安装 Java 11#xff08;Elasticsearch 7.x 需要#xff09;3. 系统参数配置#xff08;重要#xff01;#xff09;4. 下载 Elast…文章目录openEuler 上部署 Elasticsearch单节点与集群方式环境准备所有部署方式都需要1. 系统检查2. 安装 Java 11Elasticsearch 7.x 需要3. 系统参数配置重要4. 下载 Elasticsearch 7.17.10官方推荐版本5. 解压安装包单节点部署1. 配置 Elasticsearch2. 设置环境变量3. 启动 Elasticsearch4. 验证单节点运行集群部署3节点示例1. 准备3个节点2. 配置每个节点的 elasticsearch.yml节点 1 (192.168.100.160)节点 2 (192.168.100.161)节点 3 (192.168.100.162)3. 启动集群节点4. 验证集群状态安全配置推荐步骤 1生成SSL证书使用elasticsearch-certutil步骤 2配置elasticsearch.yml步骤 3设置权限步骤 4重启Elasticsearch步骤 5设置管理员密码验证SSL配置证书配置常见问题1. 证书过期问题2. 证书IP地址不匹配3. 证书路径错误额外建议创建 systemd 服务推荐1. 创建服务文件2. 添加以下内容3. 启动并启用服务**4. 验证服务状态**常见问题解决1. 内存不足问题2. 端口冲突3. 集群发现失败4. GeoIP 数据库下载失败集群管理命令1. 查看集群状态2. 查看节点信息3. 创建索引集群环境注意事项总结openEuler 上部署 Elasticsearch单节点与集群方式环境准备所有部署方式都需要1. 系统检查# 确认 openEuler 版本cat/etc/os-release# 确认系统架构uname-m# 创建用户Elasticsearch 不允许root启动不创建家目录不设置 shellsudouseradd-r-s/bin/false elasticsearch# 确认用户已创建idelasticsearch# 预期输出uid1001(elasticsearch) gid1001(elasticsearch) groups1001(elasticsearch)2. 安装 Java 11Elasticsearch 7.x 需要# 安装 OpenJDK 11sudodnfinstall-yjava-11-openjdk-devel# 验证 Java 版本java-version3. 系统参数配置重要# 临时设置立即生效sudosysctl-wvm.max_map_count262144# 永久设置echovm.max_map_count262144|sudotee-a/etc/sysctl.confsudosysctl-p# 限制文件描述符echo* soft nofile 65536|sudotee-a/etc/security/limits.confecho* hard nofile 65536|sudotee-a/etc/security/limits.confecho* soft memlock unlimited|sudotee-a/etc/security/limits.confecho* hard memlock unlimited|sudotee-a/etc/security/limits.conf# 重启系统使配置生效sudoreboot4. 下载 Elasticsearch 7.17.10官方推荐版本# 创建工作目录mkdir-p/data/elasticsearchcd/data/elasticsearch# 下载官方安装包确保下载完整wgethttps://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.10-linux-x86_64.tar.gz5. 解压安装包tar-xzfelasticsearch-7.17.10-linux-x86_64.tar.gzmvelasticsearch-7.17.10 elasticsearch单节点部署1. 配置 Elasticsearch# 编辑配置文件sudovim/data/elasticsearch/elasticsearch/config/elasticsearch.yml添加/修改以下配置# 设置节点名称node.name:single-node# 设置集群名称单节点不需要集群名但需与集群模式一致cluster.name:elasticsearch# 设置绑定地址仅本地访问network.host:0.0.0.0# 设置 HTTP 端口http.port:9200# 设置集群发现单节点不需要discovery.seed_hosts:[]cluster.initial_master_nodes:[]2. 设置环境变量# 创建环境变量文件sudovim/etc/profile.d/elasticsearch.sh# 添加以下内容exportES_HOME/data/elasticsearch/elasticsearchexportPATH$PATH:$ES_HOME/bin3. 启动 Elasticsearch# 使环境变量生效source/etc/profile.d/elasticsearch.sh# 确保 Elasticsearch 安装目录的权限正确chown-Relasticsearch:elasticsearch /data/elasticsearch# 以非守护进程方式启动便于调试sudo-uelasticsearch /usr/local/bin/elasticsearch/bin/elasticsearch# 或以守护进程方式启动推荐生产环境nohupsudo-uelasticsearch /usr/local/bin/elasticsearch/bin/elasticsearch4. 验证单节点运行curl-XGETlocalhost:9200/?pretty预期输出{name:single-node,cluster_name:elasticsearch,cluster_uuid:3jXZJ4h2R6qJ3g8QJ4J6gA,version:{number:7.17.10,build_flavor:default,build_type:tar,build_hash:3c09e4a55b2c5d6d0c3d4b8c2d1d2c3d4b8c2d1d,build_date:2023-09-11T15:23:59.446814Z,build_snapshot:false,lucene_version:8.11.1,minimum_wire_compatibility_version:6.8.0,minimum_index_compatibility_version:6.0.0-beta1},tagline:You Know, for Search}集群部署3节点示例1. 准备3个节点IP主机名192.168.100.160node-1192.168.100.161node-1192.168.100.162node-3在每个节点上执行以下步骤假设使用相同安装路径# 在所有节点上执行sudomkdir-p/data/elasticsearchcd/data/elasticsearchsudowgethttps://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.10-linux-x86_64.tar.gzsudotar-xzfelasticsearch-7.17.10-linux-x86_64.tar.gzsudomvelasticsearch-7.17.10 elasticsearch2. 配置每个节点的 elasticsearch.yml节点 1 (192.168.100.160)# vim /data/elasticsearch/elasticsearch/config/elasticsearch.ymlnode.name:node-1cluster.name:elasticsearch-clusternetwork.host:192.168.100.160http.port:9200discovery.seed_hosts:[192.168.100.160,192.168.100.161,192.168.100.162]cluster.initial_master_nodes:[node-1,node-2,node-3]# 仅在首次启动时需要 cluster.initial_master_nodes# 后续启动必须删除此配置或者注释掉cluster.initial_master_nodes节点 2 (192.168.100.161)# vim /data/elasticsearch/elasticsearch/config/elasticsearch.ymlnode.name:node-2cluster.name:elasticsearch-clusternetwork.host:192.168.100.161http.port:9200discovery.seed_hosts:[192.168.100.160,192.168.100.161,192.168.100.162]cluster.initial_master_nodes:[node-1,node-2,node-3]# 仅在首次启动时需要 cluster.initial_master_nodes# 后续启动必须删除此配置或者注释掉cluster.initial_master_nodes节点 3 (192.168.100.162)# vim /data/elasticsearch/elasticsearch/config/elasticsearch.ymlnode.name:node-3cluster.name:elasticsearch-clusternetwork.host:192.168.100.162http.port:9200discovery.seed_hosts:[192.168.100.160,192.168.100.161,192.168.100.162]cluster.initial_master_nodes:[node-1,node-2,node-3]# 仅在首次启动时需要 cluster.initial_master_nodes# 后续启动必须删除此配置或者注释掉cluster.initial_master_nodes3. 启动集群节点在每个节点上启动 Elasticsearch# 在每个节点上执行source/etc/profile.d/elasticsearch.shchown-Relasticsearch:elasticsearch /data/elasticsearchsudo-uelasticsearch /usr/local/bin/elasticsearch/bin/elasticsearch4. 验证集群状态在任意一个节点上执行curl-XGEThttp://192.168.100.160:9200/_cluster/health?pretty预期输出{cluster_name:elasticsearch-cluster,status:green,timed_out:false,number_of_nodes:3,number_of_data_nodes:3,active_primary_shards:0,active_shards:0,recovered_shards:0,active_shards_percent_as_number:100.0}安全配置推荐步骤 1生成SSL证书使用elasticsearch-certutil# 1. 生成CA证书[rootnode-1 ~]# cd /usr/local/bin/elasticsearch/[rootnode-1 elasticsearch]# ./bin/elasticsearch-certutil ca...省略N Please enter the desired outputfile[elastic-stack-ca.p12]: elastic-stack-ca.p12 Enter passwordforelastic-stack-ca.p12:# 设置密码1qazXSW3edc# 2. 生成节点证书使用之前生成的CA[rootnode-1 elasticsearch]# ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12...省略N Enter passwordforCA(elastic-stack-ca.p12):# 设置密码1qazXSW3edcPlease enter the desired outputfile[elastic-certificates.p12]: elastic-certificates.p12 Enter passwordforelastic-certificates.p12:# 设置密码1qazXSW3edcCertificates written to /usr/local/bin/elasticsearch/elastic-certificates.p12 Thisfileshould be properly secured as it contains the private keyforyour instance. Thisfileis a self containedfileand can be copied and usedas isFor each Elastic product that you wish to configure, you should copy this.p12fileto the relevant configuration directory andthenfollow the SSL configuration instructionsinthe product guide. For client applications, you may only need to copy the CA certificate and configure the client to trust this certificate.[rootnode-1 elasticsearch]#生成的证书文件将保存在config/certs/目录下默认位置包括elastic-certificates.p12PKCS#12格式包含证书、私钥和CAelastic-stack-ca.p12CA证书[rootnode-1 elasticsearch]# pwd/usr/local/bin/elasticsearch[rootnode-1 elasticsearch]# mkdir -p config/certs[rootnode-1 elasticsearch]# cp elastic-certificates.p12 elastic-stack-ca.p12 config/certs/注意生成的证书默认包含localhost和127.0.0.1您可能需要根据实际IP地址修改。如果使用自定义IP可在生成证书时指定。步骤 2配置elasticsearch.yml在/usr/local/bin/elasticsearch/config/elasticsearch.yml中添加以下配置# 启用安全功能xpack.security.enabled:true# 配置HTTP层SSL客户端连接xpack.security.http.ssl.enabled:truexpack.security.http.ssl.keystore.path:certs/elastic-certificates.p12xpack.security.http.ssl.keystore.password:1qazXSW3edc# 替换为实际密码# 配置传输层SSL节点间通信xpack.security.transport.ssl.enabled:truexpack.security.transport.ssl.keystore.path:certs/elastic-certificates.p12xpack.security.transport.ssl.keystore.password:1qazXSW3edc# 与HTTP层相同xpack.security.transport.ssl.verification_mode:certificatexpack.security.transport.ssl.client_authentication:required✅ 重要提示certs/elastic-certificates.p12是相对路径相对于Elasticsearch的配置目录/usr/local/bin/elasticsearch/config如果使用绝对路径应为/usr/local/bin/elasticsearch/config/certs/elastic-certificates.p12verification_mode: certificate表示验证节点证书client_authentication: required要求客户端必须提供有效证书步骤 3设置权限# 确保证书文件权限正确sudochmod640/usr/local/bin/elasticsearch/config/certs/elastic-certificates.p12sudochownelasticsearch:elasticsearch /usr/local/bin/elasticsearch/config/certs/elastic-certificates.p12步骤 4重启Elasticsearchsystemctl restart elasticsearch步骤 5设置管理员密码sudo/usr/local/bin/elasticsearch/bin/elasticsearch-setup-passwords auto--urlhttps://127.0.0.1:9200验证SSL配置# 使用curl验证HTTPS连接-k忽略证书验证仅用于测试curl-k-uelastic:1qazXSW3edc https://localhost:9200预期输出应包含Elasticsearch信息且不显示SSL错误。证书配置常见问题1. 证书过期问题症状节点间通信失败、集群分裂解决方案定期更新证书使用elasticsearch-certutil重新生成2. 证书IP地址不匹配症状连接时出现certificate is not trusted错误解决方案生成证书时指定正确的IP地址在证书生成过程中使用 -ip 参数指定IP例如./bin/elasticsearch-certutil cert--caelastic-stack-ca.p12--ip192.168.100.1603. 证书路径错误症状启动时显示Unable to load certificate解决方案1.确认证书路径是否正确2.使用绝对路径如/usr/local/bin/elasticsearch/config/certs/elastic-certificates.p123.检查文件权限额外建议创建 systemd 服务推荐为更规范地管理 Elasticsearch创建 systemd 服务1. 创建服务文件sudovi/etc/systemd/system/elasticsearch.service2. 添加以下内容[Unit]DescriptionElasticsearchAfternetwork.target[Service]UserelasticsearchGroupelasticsearchWorkingDirectory/data/elasticsearch/elasticsearchExecStart/data/elasticsearch/elasticsearch/bin/elasticsearchExecStopps-ef|grep-vgrep|grep-vawk|grepelasticsearch|awk$31 {print $2}|xargskill-9Restarton-failure[Install]WantedBymulti-user.target3. 启动并启用服务sudosystemctl daemon-reloadsudosystemctlenableelasticsearchsudosystemctl start elasticsearch4. 验证服务状态sudosystemctl status elasticsearch常见问题解决1. 内存不足问题# 编辑 jvm.dataionssudovim/data/elasticsearch/elasticsearch/config/jvm.dataions# 修改以下行根据系统内存调整-Xms2g-Xmx2g2. 端口冲突# 检查端口占用sudonetstat-tuln|grep9200# 停止占用端口的进程sudokill-9PID3. 集群发现失败确保所有节点的discovery.seed_hosts配置正确确保节点间网络互通ping和telnet测试检查防火墙设置开放 9200、9300 端口权限问题chown -R elasticsearch:elasticsearch /data/elasticsearch4. GeoIP 数据库下载失败[ERROR][o.e.i.g.GeoIpDownloader] error updating geoip database [GeoLite2-City.mmdb] java.net.SocketTimeoutException: Connect timed out解决方案# 手动下载 GeoIP 数据库wgethttps://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.10-linux-x86_64.tar.gztar-xzfelasticsearch-7.17.10-linux-x86_64.tar.gzcdelasticsearch-7.17.10# 复制 GeoIP 数据库到 Elasticsearch 目录,也就是程序的目录find/-nameingest-geoip2/dev/null# 这是查找出来的路径/usr/local/bin/elasticsearch/modules/ingest-geoipls/usr/local/bin/elasticsearch/modules/ingest-geoipsudocpconfig/ingest-geoip/*.mmdb /usr/local/bin/elasticsearch/config/ingest-geoip/# 重启 Elasticsearchsudosystemctl restart elasticsearch集群管理命令1. 查看集群状态curl-XGEThttp://localhost:9200/_cluster/health?pretty2. 查看节点信息curl-XGEThttp://localhost:9200/_nodes?pretty3. 创建索引curl-XPUThttp://localhost:9200/my-index?pretty集群环境注意事项所有节点都需要创建相同用户# 在 master-1, node-1, master-3 上都执行sudouseradd-r-s/bin/false elasticsearch所有节点的目录权限都需要正确设置# 在每个节点上执行sudochown-Relasticsearch:elasticsearch /data/elasticsearch启动命令必须使用sudo -u elasticsearch# 在每个节点上启动sudo-uelasticsearch /data/elasticsearch/elasticsearch/bin/elasticsearch总结部署方式配置关键点适用场景单节点node.name,cluster.name,network.host开发测试、小型应用集群cluster.name,discovery.seed_hosts,cluster.initial_master_nodes生产环境、高可用需求重要提示在生产环境中必须配置安全功能xpack.security.enabled: true集群节点数量建议为奇数3、5、7避免脑裂问题每个节点应有独立的node.name和配置文件确保所有节点的cluster.name相同