实现 : 搭建elastic search 单机三节点集群(一个主节点,两个从节点) , docker
方案 : 搭建好ES后打包镜像到离线服务器, 直接导入
参考资料
1.centos7 搭建elastic search 集群 (三节点)
2.docker部署ES集群
3.华为云contos7系统部署ES集群–3个主节点
4.docker部署3节点Elasticsearch8.4.0集群
5.Docker 安装Kibana
6.docker安装的Elasticsearch集群设置密码
注意:
1.内核设置 vm.max_map_count
一.离线部署
1.找到一台联网的机器,把对应版本的镜像拉取下来
sudo docker pull elasticsearch:7.8.0
2.将镜像保存为本地文件
sudo docker save elasticsearch:7.8.0 -o /dev/esdtenv/images/es-docker-7.8.0.tar
或 sudo docker save IMAGE ID -o /dev/appadmjjkj/images/es-docker-7.8.0.tar
sudo docker save elasticsearch:7.8.0 > /dev/esdtenv/images/es-docker-7.8.0.tar
3.离线的可以将 tar镜像文件 加载成镜像
sudo docker load -i es-docker-7.8.0.tar
单机部署
1.创建挂载目录[data:存放索引数据,plugins:存放es插件]
sudo mkdir -p /data/esdtenv/elasticsearch
sudo mkdir -p /data/esdtenv/elasticsearch/config/data
sudo mkdir -p /data/esdtenv/elasticsearch/config/plugins
2.设置执行权限
sudo chmod 777 /data/esdtenv/elasticsearch/config/data
3.更改系统配置
sudo vi /etc/sysctl.conf
->>
vm.max_map_count=262145
#使配置生效
sysctl -p
4.创建es.yml
sudo vi /data/esdtenv/elasticsearch/config/es.yml
->>
cluster.name: elasticsearch-cluster #集群名(三个节点一致)
node.name: es-node #节点名(每台节点不同)
network.bind_host: 0.0.0.0
network.publish_host: 123.56.xx.xx #对外地址
http.port: 9201 #对外端口(每台机器装一个ES则不用改)
transport.tcp.port: 9301 #ES内部通信端口(每台机器装一个ES则不用改)
http.max_content_length: 1000mb
http.max_header_size: 256k
http.max_initial_line_length: 256k
http.cors.enabled: true
http.cors.allow-origin: "*"
5.启动服务
sudo docker run -it -e ES_JAVA_OPTS="-Xms256m -Xmx256m" \
-e ES_MIN_MEM=128m \
-e ES_MAX_MEM=256m \
-v /data/esdtenv/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /data/esdtenv/elasticsearch/config/data/:/usr/share/elasticsearch/data/ \
-v /data/esdtenv/elasticsearch/config/plugins/:/usr/share/elasticsearch/plugins \
-e "discovery.type=single-node" \
-p 9201:9201 -p 9301:9301 \
--restart=always \
--name ES-single-node \
elasticsearch:7.8.0
单机部署通过 - 个人阿里云服务器
一.节点集群部署
1.创建挂载目录[data:存放索引数据,plugins:存放es插件]
sudo mkdir -p /data/esdtenv/elasticsearch
sudo mkdir -p /data/esdtenv/elasticsearch/config/data1
sudo mkdir -p /data/esdtenv/elasticsearch/config/data2
sudo mkdir -p /data/esdtenv/elasticsearch/config/data3
sudo mkdir -p /data/esdtenv/elasticsearch/config/plugins1
sudo mkdir -p /data/esdtenv/elasticsearch/config/plugins2
sudo mkdir -p /data/esdtenv/elasticsearch/config/plugins3
2.创建用户设置执行权限
sudo chmod 777 /data/esdtenv/elasticsearch/config/data1
sudo chmod 777 /data/esdtenv/elasticsearch/config/data2
sudo chmod 777 /data/esdtenv/elasticsearch/config/data3
3.更改系统配置
sudo vi /etc/sysctl.conf
->>
vm.max_map_count=262145
配置改完刷新
sysctl -p
4.data1/data2/data3 分别创建es.yml [network.publish_host:填写服务器ip]
es1.yml
sudo vi /dev/esdtenv/elasticsearch/config/es1.yml
->>
cluster.name: elasticsearch-cluster #集群名(三个节点一致)
cluster.initial_master_nodes: es-node1 # 默认的主节点
node.name: es-node1 #节点名(每台节点不同)
network.bind_host: 0.0.0.0
network.publish_host: 123.56.xx.xx #对外地址
http.port: 9101 #对外端口(每台机器装一个ES则不用改)
transport.tcp.port: 9201 #ES内部通信端口(每台机器装一个ES则不用改)
discovery.zen.minimum_master_nodes: 2 #主节点数/2+1,防止脑裂
http.max_content_length: 1000mb
http.max_header_size: 256k
http.max_initial_line_length: 256k
http.cors.enabled: true
http.cors.allow-origin: "*"
node.master: true
node.data: true
discovery.zen.ping.unicast.hosts: ["123.56.xx.xx:9201","123.56.xx.xx:9202","123.56.xx.xx:9203"]
es2.yml
sudo vi /dev/esdtenv/elasticsearch/config/es2.yml
->>
cluster.name: elasticsearch-cluster
node.name: es-node2
network.bind_host: 0.0.0.0
network.publish_host: 123.56.xx.xx
http.port: 9102
transport.tcp.port: 9202
discovery.zen.minimum_master_nodes: 2 #主节点数/2+1,防止脑裂
http.max_content_length: 1000mb
http.max_header_size: 256k
http.max_initial_line_length: 256k
http.cors.enabled: true
http.cors.allow-origin: "*"
node.master: false #主节点
node.data: true
discovery.zen.ping.unicast.hosts: ["123.56.xx.xx:9201","123.56.xx.xx:9202","123.56.xx.xx:9203"]
es3.yml
sudo vi /dev/esdtenv/elasticsearch/config/es3.yml
->>
cluster.name: elasticsearch-cluster
node.name: es-node3
network.bind_host: 0.0.0.0
network.publish_host: 123.56.xx.xx
http.port: 9103
transport.tcp.port: 9203
discovery.zen.minimum_master_nodes: 2 #主节点数/2+1,防止脑裂
indices.query.bool.max_clause_count: 1000000 #请求bool条件的最大条目数量
http.max_content_length: 1000mb
http.max_header_size: 256k
http.max_initial_line_length: 256k
http.cors.enabled: true
http.cors.allow-origin: "*"
node.master: false #主节点
node.data: true
discovery.zen.ping.unicast.hosts: ["123.56.xx.xx:9201","123.56.xx.xx:9202","123.56.xx.xx:9203"]
5.启动服务
ES01
sudo docker run -itd -e ES_JAVA_OPTS="-Xms1024m -Xmx1024m" \
-p 9101:9101 -p 9201:9201 \
-e ES_MIN_MEM=1024m \
-e ES_MAX_MEM=1024m \
-v /data/esdtenv/elasticsearch/config/es1.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /data/esdtenv/elasticsearch/config/data1/:/usr/share/elasticsearch/data/ \
-v /data/esdtenv/elasticsearch/config/plugins1/:/usr/share/elasticsearch/plugins \
-v /data/esdtenv/elasticsearch/config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 \
--restart=always \
--name ES01 \
elasticsearch:7.8.0
ES02
sudo docker run -itd -e ES_JAVA_OPTS="-Xms1024m -Xmx1024m" \
-p 9102:9102 -p 9202:9202 \
-e ES_MIN_MEM=1024m \
-e ES_MAX_MEM=1024m \
-v /data/esdtenv/elasticsearch/config/es2.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /data/esdtenv/elasticsearch/config/data2/:/usr/share/elasticsearch/data/ \
-v /data/esdtenv/elasticsearch/config/plugins2/:/usr/share/elasticsearch/plugins \
-v /data/esdtenv/elasticsearch/config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 \
--restart=always \
--name ES02 \
elasticsearch:7.8.0
ES03
sudo docker run -itd -e ES_JAVA_OPTS="-Xms1024m -Xmx1024m" \
-p 9103:9103 -p 9203:9203 \
-e ES_MIN_MEM=1024m \
-e ES_MAX_MEM=1024m \
-v /data/esdtenv/elasticsearch/config/es3.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /data/esdtenv/elasticsearch/config/data3/:/usr/share/elasticsearch/data/ \
-v /data/esdtenv/elasticsearch/config/plugins3/:/usr/share/elasticsearch/plugins \
-v /data/esdtenv/elasticsearch/config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 \
--restart=always \
--name ES03 \
elasticsearch:7.8.0
测试
curl http://123.56.xx.xx:9101/
http://172.16.20.33:9101/_cat/nodes?v 查看集群状态
查看3个节点是否注册成功
安装ik/ICU分词器
进入到plugins目录中下载分词器,下载完成后然后解压,再重启es即可
unzip -d /data/esdtenv/elasticsearch/config/plugins1/analysis-icu-7.8.0 analysis-icu-7.8.0.zip
ES集群设置密码
1…生成证书
– 进入运行中的ES01节点 – 进入实例内部
sudo docker exec -it ES01 /bin/bash
生成ca: elastic-stack-ca.p12
./bin/elasticsearch-certutil ca
#直接2次回车
再生成cert: elastic-certificates.p12
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
#直接回车确认
这个生成elastic-certificates.p12 就是我们需要使用的。
先 ctrl+d退出容器内部 再复制😱
复制出证书
sudo docker cp ES01:/usr/share/elasticsearch/elastic-certificates.p12 /data/esdtenv/elasticsearch/config/
如此获取了证书。
切记:elastic-certificates.p12 要使用 sudo chmod 777 elastic-certificates.p12 授权
sudo chmod 777 elastic-certificates.p12
2.添加配置并且挂载证书启动
配置文件添加
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.keystore.type: PKCS12
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.type: PKCS12
xpack.security.audit.enabled: true
启动命令 挂载证书
-v /data/esdtenv/elasticsearch/config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 \
生成密码
首先要启动es集群,去里面生成密码。然后进入其中一台
sudo docker exec -it ES01 /bin/bash
手动配置方式:
./bin/elasticsearch-setup-passwords interactive
#默认账号是 elastic
注意事项:
1.单实例3节点需要对外端口不一样
安装Kibana
版本与ES相同 7.8.0
拉取kibana镜像
docker pull kibana:7.8.0
创建挂载配置文件 /data/kibana/config/kibana.yml
sudo mkdir -p /data/kibana/config/
添加下面内容
i18n.locale: "zh-CN"
elasticsearch.hosts: ["http://
----------
:9101","http://123.56.xx.xx:9102","http://123.56.xx.xx:9103"]
server.name: kibana
server.host: "0"
server.port: 5601
xpack.monitoring.ui.container.elasticsearch.enabled: true
elasticsearch.username: "elastic"
elasticsearch.password: "xxxxxxx"
启动Kibana
docker run -d \
--name=kibana \
--restart=always \
-p 5601:5601 \
-v /data/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml \
kibana:7.8.0
问题1
因为docker 不是正常安装, 可能导致镜像无法启动, 多节点集群无法通信
资料 : docker运行报错docker0: iptables: No chain/target/match by that name.
执行:防止启动镜像包错
iptables-save > /etc/sysconfig/iptables
重新启动docker
systemctl restart docker
设置开机自启动
systemctl enable docker
问题2
资料 : ElasticSearch 因为磁盘空间不够引起的数据插入错误
因为磁盘空间不够引起的数据插入错误。(message [ClusterBlockException[blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];]])
索引变成了 只读 index read-only / allow delete (api)];"}
经过分析,发现是因为ES所在服务器磁盘空间太低引起,具体解决方案如下:任选一, 我是使用方案二解决的! 一旦在存储超过95%的磁盘中的节点上分配了一个或多个分片的任何索引,该索引将被强制进入只读模式
方案一:
kibana开发控制台执行
PUT _settings
{
"index": {
"blocks": {
"read_only_allow_delete": "false"
}
}
}
开发控制台执行
或者
如果kibana无法执行命令,可以使用下面命令解决
curl -XPUT -H "Content-Type: application/json" http://localhost:9200/_all/_settings -d '{"index.blocks.read_only_allow_delete": null}'
方案二:
找到es的配置文件 elasticsearch.yml,把存储数据的路径改为其它空间比较大的盘符。