elasticsearch使用_使用Puppet6自动化部署Elasticsearch（离线环境）

weixin_39717443

于 2020-11-26 14:40:55 发布

阅读量170

点赞数

文章标签： elasticsearch使用 rpm 命令安装elasticsearch

准备Puppet6需要的包

登录一台能够连接互联网的centos6机器，依次执行以下命令

yum install yum-plugin-downloadonly
rpm -Uvh https://yum.puppet.com/puppet6/puppet6-release-el-6.noarch.rpm
yum install --downloadonly --downloaddir=/home/ puppetserver

2. 进入/home/下面，应该能看到puppet6安装需要的包

安装puppet-server

Puppet架构由server和client组成，下面的例子使用了2台机器，分别作server何client。

192.168.121.129

192.168.121.130

Hosts文件内容如下：

在192.168.121.129上安装puppet-server

  rpm -ivh java-1.8.0-openjdk-headless-1.8.0.191.b12-0.el6_10.x86_64.rpm
  rpm -ivh puppet-agent-6.1.0-1.el6.x86_64.rpm
  rpm -ivh puppetserver-6.1.0-1.el6.noarch.rpm

2. 启动puppet-server

service puppetserver start

安装puppet-client

在192.168.121.130上安装puppet-client

rpm -ivh puppet-agent-6.1.0-1.el6.x86_64.rpm

2. 将puppet命令添加至path，在/etc/profile中追加：

export PATH=/opt/puppetlabs/bin:$PATH

3. 配置client

puppet config set server es-node1.localdomain
puppet config set certname es-node2

管理证书签名请求

在puppet-client上执行 puppet agent -t
在puppet-server上执行puppetserver ca list，能够显示请求的证书

3. 在puppet-server上执行puppetserver ca sign --certname es-node2，显示成功签名证书：

4. 在puppet-client上再次执行puppet agent -t，显示下面的信息

至此，puppet6已经搭建完成。

安装puppet-elasticsearch

登录puppet forge网站，

下载puppet-elasticsearch模块：https://forge.puppet.com/elastic/elasticsearch/6.2.2
下载datacat模块：https://forge.puppet.com/richardc/datacat
下载java_ks模块：https://forge.puppetlabs.com/puppetlabs/java_ks

在puppet-server上执行以下命令安装模块：

puppet module install  elastic-elasticsearch-6.2.2.tar.gz  --ignore-dependencies
puppet module install  puppetlabs-java_ks-2.3.0.tar.gz  --ignore-dependencies
puppet module install  richardc-datacat-0.6.2.tar.gz  --ignore-dependencies

自动化部署elasticsearch

去elasticsearch官网下载elasticsearch-6.1.3.rpm以及x-pack-6.1.3.zip，并拷贝至puppet-server上的

/etc/puppetlabs/code/environments/production/modules/elasticsearch/files目录下。

2. 创建CA、node certificate以及private key文件，将其拷贝至上一步中的目录下

3. 在/etc/puppetlabs/code/environments/production/manifests目录，创建site.pp文件：

class { 'elasticsearch':
   package_url  => 'puppet:///modules/elasticsearch/elasticsearch-6.1.3.rpm',
   restart_config_change => true,
   security_plugin => 'x-pack'
}
file { "/path/to/ca.crt":
    mode => '777',
    owner => root,
    group => root,
    source => "puppet:///modules/elasticsearch/ca.crt",
 }
file { "/path/to/instance.crt":
    mode => '777',
    owner => root,
    group => root,
    source => "puppet:///modules/elasticsearch/instance.crt",
 }
file { "/path/to/instance.key":
    mode => '777',
    owner => root,
    group => root,
    source => "puppet:///modules/elasticsearch/instance.key",
 }
elasticsearch::instance { 'es-01':
  config => {
         'cluster.name' =>  'es-test',
         'network.host' => '0.0.0.0',
         'bootstrap.system_call_filter' => 'false',
         'discovery.zen.ping.unicast.hosts' => ["192.168.121.129:9300","192.168.121.130:9300"],
         'xpack.security.transport.ssl.verification_mode' => 'certificate',
         'xpack.security.transport.ssl.enabled' => true,
         'xpack.security.http.ssl.enabled' => false,
         'http.cors.enabled' =>  true,
         'http.cors.allow-origin' => "*",
         'http.cors.allow-credentials' => true,
         'http.cors.allow-headers' => 'Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length'
 
 },
  ssl => true,
  ca_certificate       => '/path/to/ca.crt',
  certificate          => '/path/to/instance.crt',
  private_key          => '/path/to/instance.key',
  keystore_password    => '123456'
}
elasticsearch::instance { 'es-02':
  config => {
         'cluster.name' =>  'es-test',
         'network.host' => '0.0.0.0',
         'bootstrap.system_call_filter' => 'false',
         'discovery.zen.ping.unicast.hosts' => ["192.168.121.129:9300","192.168.121.130:9300"],
         'xpack.security.transport.ssl.verification_mode' => 'certificate',
         'xpack.security.transport.ssl.enabled' => true,
         'xpack.security.http.ssl.enabled' => false

 },
  ssl => true,
  ca_certificate       => '/path/to/ca.crt',
  certificate          => '/path/to/instance.crt',
  private_key          => '/path/to/instance.key',
  keystore_password    => '123456'
}

elasticsearch::plugin { 'x-pack':
  instances  => ['es-01','es-02'],
  source => 'puppet:///modules/elasticsearch/x-pack-6.1.3.zip'
}
elasticsearch::user { 'wangqh':
  password => '123456',
  roles    => ['superuser'],
}

登录puppet-agent，执行puppet agent -t命令。
检查es是否安装并且运行。使用wangqh/123456登录es修改内置的elastic用户的密码。
注册license：

curl -XPUT -u elastic 'http://192.168.121.129:9200/_xpack/license' -H "Content-Type: application/json" -d @license.json

weixin_39717443

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
elasticsearch使用_使用Puppet6自动化部署Elasticsearch（离线环境）

准备Puppet6需要的包登录一台能够连接互联网的centos6机器，依次执行以下命令yum install yum-plugin-downloadonlyrpm -Uvh https://yum.puppet.com/puppet6/puppet6-release-el-6.noarch.rpmyum install --downloadonly --downloaddir=/home/ p...
复制链接

扫一扫