参考文档

https://www.elastic.co/cn/downloads/elastic-cloud-kubernetes
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-deploy-elasticsearch.html
https://zhuanlan.zhihu.com/p/105453664
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-orchestrating-elastic-stack-applications.html

本例用test做演示空间

安装CRDoperator

[root@master01 ~]# kubectl apply -f https://download.elastic.co/downloads/eck/1.1.0/all-in-one.yaml
customresourcedefinition.apiextensions.k8s.io/apmservers.apm.k8s.elastic.co created
customresourcedefinition.apiextensions.k8s.io/elasticsearches.elasticsearch.k8s.elastic.co created
customresourcedefinition.apiextensions.k8s.io/kibanas.kibana.k8s.elastic.co created
clusterrole.rbac.authorization.k8s.io/elastic-operator created
clusterrolebinding.rbac.authorization.k8s.io/elastic-operator created
namespace/elastic-system created
statefulset.apps/elastic-operator created
clusterrole.rbac.authorization.k8s.io/elastic-operator-view created
clusterrole.rbac.authorization.k8s.io/elastic-operator-edit created
serviceaccount/elastic-operator created
validatingwebhookconfiguration.admissionregistration.k8s.io/elastic-webhook.k8s.elastic.co created
service/elastic-webhook-server created
secret/elastic-webhook-server-cert created

查看日志:

kubectl -n elastic-system logs -f statefulset.apps/elastic-operator

查看CRD

[root@master01 ~]# kubectl get crd |grep elastic
apmservers.apm.k8s.elastic.co                  2020-05-14T05:31:08Z
elasticsearches.elasticsearch.k8s.elastic.co   2020-05-14T05:31:08Z
kibanas.kibana.k8s.elastic.co                  2020-05-14T05:31:08Z

查看命名空间

[root@master01 ~]# kubectl -n elastic-system get all
NAME                     READY   STATUS    RESTARTS   AGE
pod/elastic-operator-0   1/1     Running   1          5m28s

NAME                             TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
service/elastic-webhook-server   ClusterIP   10.96.139.109   <none>        443/TCP   5m29s

NAME                                READY   AGE
statefulset.apps/elastic-operator   1/1     5m29s

安装elasticsearch集群

先制作elasticsearch插件的镜像

#hub.my.com/myharbor/elasticsearch-ready:6.8.0
FROM docker.elastic.co/elasticsearch/elasticsearch:6.8.0
RUN sh -c '/bin/echo -e "y" | ./bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v6.8.0/elasticsearch-analysis-ik-6.8.0.zip'

build:

docker build -t hub.my.com/myharbor/elasticsearch-ready:6.8.0 .
docker push   hub.my.com/myharbor/elasticsearch-ready:6.8.0

Elasticsearch集群实例自定义配置yaml

apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: elasticsearch
  namespace: test
spec:
  version: 6.8.0
  image: hub.my.com/myharbor/elasticsearch-ready:6.8.0
  updateStrategy:
    changeBudget:
      maxSurge: 3
      maxUnavailable: 1
  http:
    tls:
      selfSignedCertificate:
        #去掉https
        disabled: true
  nodeSets:
  - name: default
    count: 3
    podTemplate:
      spec:
        initContainers:
        - name: sysctl
          securityContext:
            privileged: true
          command: ['sh', '-c', 'sysctl -w vm.max_map_count=262144']

        containers:
        - name: elasticsearch
          env:
          #jvm性能,起止堆大小必须一致,否则报错
          - name: ES_JAVA_OPTS
            value: -Xms4g -Xmx4g
          resources:
            requests:
              memory: 4Gi
              cpu: 0.5
            limits:
              #内存要略大于jvm配置,否则造成OOMKill
              memory: 5Gi
              cpu: 4

    config:
      node.master: true
      node.data: true
      node.ingest: true

    volumeClaimTemplates:
    - metadata:
        name: elasticsearch-data
      spec:
        accessModes:
        - ReadWriteOnce
        resources:
          requests:
            storage: 1500Gi
        storageClassName: nfs

查看对象:

[root@master01 ~]# kubectl -n test get elasticsearch
NAME            HEALTH   NODES   VERSION   PHASE   AGE
elasticsearch   green    3       6.8.0     Ready   3m58s
[root@master01 ~]# kubectl -n test get all
NAME                             READY   STATUS    RESTARTS   AGE
pod/elasticsearch-es-default-0   1/1     Running   0          4m2s
pod/elasticsearch-es-default-1   1/1     Running   0          4m2s
pod/elasticsearch-es-default-2   1/1     Running   0          4m2s

NAME                                 TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
service/elasticsearch-es-default     ClusterIP   None          <none>        <none>     4m2s
service/elasticsearch-es-http        ClusterIP   10.96.37.91   <none>        9200/TCP   4m3s
service/elasticsearch-es-transport   ClusterIP   None          <none>        9300/TCP   4m3s

NAME                                        READY   AGE
statefulset.apps/elasticsearch-es-default   3/3     4m2s

稍等,直到HEALTH的状态为green

访问nodePort

增加NodePort的service:

apiVersion: v1
kind: Service
metadata:
  labels:
    common.k8s.elastic.co/type: elasticsearch
    elasticsearch.k8s.elastic.co/cluster-name: test
  name: elasticsearch-es-http-nodeport
  namespace: test
spec:
  ports:
  - name: http
    port: 9200
    protocol: TCP
    targetPort: 9200
    nodePort: 30059
  selector:
    common.k8s.elastic.co/type: elasticsearch
    elasticsearch.k8s.elastic.co/cluster-name: elasticsearch
  sessionAffinity: None
  type: NodePort

获取用户名和密码

用户名默认为elastic

[root@master01 ~]# kubectl -n test get secret elasticsearch-es-elastic-user -o=jsonpath='{.data.elastic}' | base64 --decode
6vWk8sBBd81u3C062nRh15ck 

访问服务:

[root@master01 ~]# curl -k http://elastic:6vWk8sBBd81u3C062nRh15ck@172.16.0.21:30059
{
  "name" : "elasticsearch-es-default-2",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "zAAKVeHrTHSZsNcpyIYoDg",
  "version" : {
    "number" : "6.8.0",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "65b6179",
    "build_date" : "2019-05-15T20:06:13.172855Z",
    "build_snapshot" : false,
    "lucene_version" : "7.7.0",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}

chrome插件访问

chrome安装Elasticsearch Head插件
222222222222222.png

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注

Captcha Code