ES的优点：

• 1、分布式准实时
• 2、提供REST风格的API接口，是用户可解借助任何语言使用https对ES执行请求来完成搜索任务；
• 3、提供聚合功能

1、Elasticsearch安装

docker network create elastic
docker pull docker.elastic.co/elasticsearch/elasticsearch:8.3.3
docker run --name es-node01 --net elastic -p 9200:9200 -p 9300:9300 -it docker.elastic.co/elasticsearch/elasticsearch:8.3.3

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
-> Elasticsearch security features have been automatically configured!
-> Authentication is enabled and cluster connections are encrypted.->  Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):N-sf6R*O0Ur344otTfzc->  HTTP CA certificate SHA-256 fingerprint:bfd8e24f5c41dcd170aadb0f8dbae3fe27d99633738f2d9c99dd456955523a5d->  Configure Kibana to use this cluster:
* Run Kibana and click the configuration link in the terminal when Kibana starts.
* Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):eyJ2ZXIiOiI4LjMuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiYmZkOGUyNGY1YzQxZGNkMTcwYWFkYjBmOGRiYWUzZmUyN2Q5OTYzMzczOGYyZDljOTlkZDQ1Njk1NTUyM2E1ZCIsImtleSI6InQxQUQ1SThCaWVkSFVsc3hFT3dlOnNoc1ZLVkl0UzB1R090S3EzUFotLXcifQ==-> Configure other nodes to join this cluster:
* Copy the following enrollment token and start new Elasticsearch nodes with `bin/elasticsearch --enrollment-token <token>` (valid for the next 30 minutes):eyJ2ZXIiOiI4LjMuMyIsImFkciI6WyIxNzIuMTguMC4yOjkyMDAiXSwiZmdyIjoiYmZkOGUyNGY1YzQxZGNkMTcwYWFkYjBmOGRiYWUzZmUyN2Q5OTYzMzczOGYyZDljOTlkZDQ1Njk1NTUyM2E1ZCIsImtleSI6InRWQUQ1SThCaWVkSFVsc3hELXp4OkJJSGx2YjQtU2pDWVBOVi11Y0VPVWcifQ==If you're running in Docker, copy the enrollment token and run:`docker run -e "ENROLLMENT_TOKEN=<token>" docker.elastic.co/elasticsearch/elasticsearch:8.3.3`
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

2、Kibana安装及运行

通过Kibana可以可视化的管理es数据库里的数据。

docker pull docker.elastic.co/kibana/kibana:8.3.3
docker run --name kib-01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:8.3.3

用户名：elastic
密码：N-sf6R*O0Ur344otTfzc

http://0.0.0.0:5601/app/home#/
http://localhost:5601

3、curl操作

注意证书，证书从容器中复制出来后，我存放在/Users/sunwenjun/data/elastic8/http_ca.crt
注意用户名密码最好加上双引号。
The issue with zsh: no matches found: elastic:N-sf6R*O0Ur344otTfzc in your curl command is due to the * character being interpreted as a wildcard. To resolve this, you need to ensure the password is treated as a literal string. You can achieve this by quoting the password.

docker cp es-node01:/usr/share/elasticsearch/config/certs/http_ca.crt .
curl --cacert /Users/sunwenjun/data/elastic8/http_ca.crt -u "elastic:N-sf6R*O0Ur344otTfzc" https://localhost:9200/

4、Dev Tools可视化界面操作

5、python操作

pip install elasticsearch

from datetime import datetime
from elasticsearch import Elasticsearchclient =  Elasticsearch(hosts=['https://localhost:9200'],  # 服务地址与端口basic_auth=("elastic", "N-sf6R*O0Ur344otTfzc"),  # 用户名，密码ca_certs="/Users/sunwenjun/data/elastic8/http_ca.crt"  # 证书
)doc = {'author': 'author_name','text': 'Interesting content...','timestamp': datetime.now(),
}
resp = client.index(index="test-index", id=1, document=doc)
print(resp['result']) # created

6、关闭与启动容器

docker start 容器id          # 启动容器
docker stop 容器id           # 停止当前运行的容器

参考

• Elasticsearch：关于在 Python 中使用 Elasticsearch 你需要知道的一切 - 8.x
• Elastic：使用 Docker 安装 Elastic Stack 8.x 并开始使用
• 4.ELK之Elasticsearch常用curl命令
• Elasticsearch官网
• Elasticsearch官网例子
• kibana查看es存储数据 kibana操作es数据