echo 'vm.overcommit\_memory=1' >> /tmp/sysctl.conf;
echo 'vm.zone\_reclaim\_mode=0' >> /tmp/sysctl.conf;
echo 'net.ipv4.tcp\_retries2=5' >> /tmp/sysctl.conf;
sysctl -p;
echo ''${POD\_IP}' es01.es.ndcto.com' >> /etc/hosts;
echo ''${POD\_IP}' es-01-svc' >> /etc/hosts;
su - elasticsearch -c "/usr/share/elasticsearch/bin/elasticsearch -p /elasticsearch/elasticsearch.pid";
sleep 3600;
env: #环境变量配置
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
volumeMounts:
- name: es-volume #挂载部署目录
mountPath: /elasticsearch/data
subPathExpr: $(POD\_NAME)/elasticsearch/data
- name: es-volume #挂载部署目录
mountPath: /elasticsearch/logs
subPathExpr: $(POD\_NAME)/elasticsearch/logs
- name: es-volume #挂载部署目录
mountPath: /usr/share/elasticsearch/.cache
subPathExpr: $(POD\_NAME)/elasticsearch/cache
- name: es-volume #挂载部署目录
mountPath: /usr/share/elasticsearch/plugins
subPathExpr: $(POD\_NAME)/elasticsearch/plugins
- name: es-010-cert-file #挂载存储目录
mountPath: /usr/share/elasticsearch/config/local-certs
- name: es-010-config #挂载配置文件
mountPath: /config
- name: host-time #挂载本地时区
mountPath: /etc/localtime
readOnly: true
volumes:
- name: es-volume #使用pvc
persistentVolumeClaim:
claimName: es-010-pvc
- name: es-010-config #使用pvc
configMap: #使用configMap
name: es-010-config
defaultMode: 420 #420-644 493-755
- name: es-010-cert-file
hostPath: #挂载主机的目录
path: /data/deploy/k8s/elasticsearch/certs
type: ""
- name: host-time
hostPath: #挂载本地时区
path: /etc/localtime
type: ""
**configmap配置**
要点
apiVersion: v1
kind: ConfigMap #配置信息
metadata:
name: es-010-config #es-010配置
namespace: es
data:
elasticsearch.yml: |
#首次启动会失败,需要重新生成证书并复制到所有节点上(xpack.security配置中的证书位置)
cluster.name: “es-01”
node:
name: “es-010”
#指定节点角色
#roles: [ data, master]
# 为HTTP 和传输流量设置此节点的地址。 elastic将监听该地址的所有请求,0.0.0.0 代表监听本机所有网络地址的请求,指定地址则仅监听该地址的请求(接受IP、主机名或特殊值)。
network.host: 10.244.220.10
# 默认不开启
# 开启是为了能够在内网与其他节点通讯,使得新节点可以加入集群,0.0.0.0 代表监听本机所有网络地址的请求,指定地址则仅监听该地址的请求(接受IP、主机名或特殊值)。
transport.host: 10.244.220.10
# 用于节点发现
# 首次启动时不开启
#discovery.seed\_hosts: ["10.244.220.10:9300","10.244.220.11:9300"]
# 初始主节点配置,集群形成后,从每个节点的配置中删除此设置。
# 单点首次启动
cluster.initial_master_nodes: ["10.244.220.10"]
# 初始集群配置至少3台,集群形成后,从每个节点的配置中删除此设置,需要按顺序启动
#cluster.initial\_master\_nodes: ["10.244.220.10","10.244.220.11","10.244.220.12"]
#配置存储路径
path.data: /elasticsearch/data
path.logs: /elasticsearch/logs
# 开启es跨域与head插件
http.cors.allow-origin: "\*"
http.cors.enabled: true
http.cors.allow-headers: Authorization
http.max_content_length: 200mb
#linux在使用内存锁时仍会交换堆外内存。要防止堆外内存交换,请禁用所有交换文件。
bootstrap.memory_lock: true
#限制高成本查询
search.default_search_timeout: "50s"
#必须set为true,否则kibana报错
search.allow_expensive_queries: true
#禁用通配符模糊匹配删除索引
action.destructive_requires_name: true
# 设置自动创建索引(可选)
# 一些商业功能会