用elasticsearch operator部署elasticsearch集群
参考文档
https://www.elastic.co/cn/downloads/elastic-cloud-kubernetes
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-deploy-elasticsearch.html
https://zhuanlan.zhihu.com/p/105453664
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-orchestrating-elastic-stack-applications.html
本例用test做演示空间
安装CRD
和operator
[root@master01 ~]# kubectl apply -f https://download.elastic.co/downloads/eck/1.1.0/all-in-one.yaml
customresourcedefinition.apiextensions.k8s.io/apmservers.apm.k8s.elastic.co created
customresourcedefinition.apiextensions.k8s.io/elasticsearches.elasticsearch.k8s.elastic.co created
customresourcedefinition.apiextensions.k8s.io/kibanas.kibana.k8s.elastic.co created
clusterrole.rbac.authorization.k8s.io/elastic-operator created
clusterrolebinding.rbac.authorization.k8s.io/elastic-operator created
namespace/elastic-system created
statefulset.apps/elastic-operator created
clusterrole.rbac.authorization.k8s.io/elastic-operator-view created
clusterrole.rbac.authorization.k8s.io/elastic-operator-edit created
serviceaccount/elastic-operator created
validatingwebhookconfiguration.admissionregistration.k8s.io/elastic-webhook.k8s.elastic.co created
service/elastic-webhook-server created
secret/elastic-webhook-server-cert created
查看日志:
kubectl -n elastic-system logs -f statefulset.apps/elastic-operator
查看CRD
[root@master01 ~]# kubectl get crd |grep elastic
apmservers.apm.k8s.elastic.co 2020-05-14T05:31:08Z
elasticsearches.elasticsearch.k8s.elastic.co 2020-05-14T05:31:08Z
kibanas.kibana.k8s.elastic.co 2020-05-14T05:31:08Z
查看命名空间
[root@master01 ~]# kubectl -n elastic-system get all
NAME READY STATUS RESTARTS AGE
pod/elastic-operator-0 1/1 Running 1 5m28s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/elastic-webhook-server ClusterIP 10.96.139.109 <none> 443/TCP 5m29s
NAME READY AGE
statefulset.apps/elastic-operator 1/1 5m29s
安装elasticsearch集群
先制作elasticsearch插件的镜像
#hub.my.com/myharbor/elasticsearch-ready:6.8.0
FROM docker.elastic.co/elasticsearch/elasticsearch:6.8.0
RUN sh -c '/bin/echo -e "y" | ./bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v6.8.0/elasticsearch-analysis-ik-6.8.0.zip'
build:
docker build -t hub.my.com/myharbor/elasticsearch-ready:6.8.0 .
docker push hub.my.com/myharbor/elasticsearch-ready:6.8.0
Elasticsearch集群实例自定义配置yaml
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: elasticsearch
namespace: test
spec:
version: 6.8.0
image: hub.my.com/myharbor/elasticsearch-ready:6.8.0
updateStrategy:
changeBudget:
maxSurge: 3
maxUnavailable: 1
http:
tls:
selfSignedCertificate:
#去掉https
disabled: true
nodeSets:
- name: default
count: 3
podTemplate:
spec:
initContainers:
- name: sysctl
securityContext:
privileged: true
command: ['sh', '-c', 'sysctl -w vm.max_map_count=262144']
containers:
- name: elasticsearch
env:
#jvm性能,起止堆大小必须一致,否则报错
- name: ES_JAVA_OPTS
value: -Xms4g -Xmx4g
resources:
requests:
memory: 4Gi
cpu: 0.5
limits:
#内存要略大于jvm配置,否则造成OOMKill
memory: 5Gi
cpu: 4
config:
node.master: true
node.data: true
node.ingest: true
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1500Gi
storageClassName: nfs
查看对象:
[root@master01 ~]# kubectl -n test get elasticsearch
NAME HEALTH NODES VERSION PHASE AGE
elasticsearch green 3 6.8.0 Ready 3m58s
[root@master01 ~]# kubectl -n test get all
NAME READY STATUS RESTARTS AGE
pod/elasticsearch-es-default-0 1/1 Running 0 4m2s
pod/elasticsearch-es-default-1 1/1 Running 0 4m2s
pod/elasticsearch-es-default-2 1/1 Running 0 4m2s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/elasticsearch-es-default ClusterIP None <none> <none> 4m2s
service/elasticsearch-es-http ClusterIP 10.96.37.91 <none> 9200/TCP 4m3s
service/elasticsearch-es-transport ClusterIP None <none> 9300/TCP 4m3s
NAME READY AGE
statefulset.apps/elasticsearch-es-default 3/3 4m2s
稍等,直到HEALTH
的状态为green
访问nodePort
增加NodePort的service:
apiVersion: v1
kind: Service
metadata:
labels:
common.k8s.elastic.co/type: elasticsearch
elasticsearch.k8s.elastic.co/cluster-name: test
name: elasticsearch-es-http-nodeport
namespace: test
spec:
ports:
- name: http
port: 9200
protocol: TCP
targetPort: 9200
nodePort: 30059
selector:
common.k8s.elastic.co/type: elasticsearch
elasticsearch.k8s.elastic.co/cluster-name: elasticsearch
sessionAffinity: None
type: NodePort
获取用户名和密码
用户名默认为elastic
[root@master01 ~]# kubectl -n test get secret elasticsearch-es-elastic-user -o=jsonpath='{.data.elastic}' | base64 --decode
6vWk8sBBd81u3C062nRh15ck
访问服务:
[root@master01 ~]# curl -k http://elastic:6vWk8sBBd81u3C062nRh15ck@172.16.0.21:30059
{
"name" : "elasticsearch-es-default-2",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "zAAKVeHrTHSZsNcpyIYoDg",
"version" : {
"number" : "6.8.0",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "65b6179",
"build_date" : "2019-05-15T20:06:13.172855Z",
"build_snapshot" : false,
"lucene_version" : "7.7.0",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
chrome插件访问
chrome安装Elasticsearch Head插件