Elasticsearch 9.0.1 集群部署(Docker Compose + k8s 部署方式)
本文提供的基于 docker-compose.yml +k8s 配置文件,实现 Elasticsearch 9.0.1 集群(含master、data、协调节点)及 Kibana 部署,步骤简洁可直接执行。若是多master需要修改cluster.initial_master_nodes参数为所有master地址 以及修改该所有ES的discovery.seed_hosts 参数的值为所有ES的master地址。可以便捷的伸缩ES数据(data)节点。可将docker-compose部署文件按照kubernetes格式转换然后在k8s上部署。本文主要以单master+单data+单协调节点为例(本文最后还附上了k8s部署方式)。
一、部署环境要求
-
Docker ≥ 20.10,Docker Compose ≥ 3.3
-
Linux 系统(CentOS 7+/Ubuntu 18.04+),root/sudo 权限
-
开放端口:9200/9201/9202、9300/9301/9302、5601
二、集群节点说明
| 节点名称 | 角色 | 核心功能 | 端口 |
|---|---|---|---|
| es9-master | master节点 | 集群管理,不存数据 | 9200、9300 |
| es9-data | data节点 | 存储数据,处理读写 | 9201、9301 |
| es9-coordinate | 协调节点 | 请求路由,不存数据 | 9202、9302 |
| kibana | 可视化节点 | 连接ES,提供可视化 | 5601 |
三、部署步骤
步骤1:创建部署目录
bash
mkdir -p /opt/elk/es9 && cd /opt/elk/es9
mkdir -p ./es9-master/data ./es9-data/data ./es9-coordinate/data
chown -R 1000:1000 ./es9-master/data ./es9-data/data ./es9-coordinate/data
chmod 777 -R ./es9-master/data ./es9-data/data ./es9-coordinate/data
步骤2:创建 docker-compose.yml
yaml
version: '3.3'
services:
es9-master:
image: registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1
container_name: es9-master
privileged: true
environment:
- cluster.name=es9-cluster
- node.roles=master
- node.name=es9-master
- discovery.seed_hosts=es9-master
- cluster.initial_master_nodes=es9-master
- ES_JAVA_OPTS=-Xms512m -Xmx512m
- xpack.security.enabled=false
- xpack.security.transport.ssl.enabled=false
volumes:
- ./es9-master/data:/usr/share/elasticsearch/data
ports:
- 9200:9200
- 9300:9300
networks:
- elk_network
es9-data:
image: registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1
container_name: es9-data
privileged: true
environment:
- cluster.name=es9-cluster
- node.roles=data
- node.name=es9-data
- discovery.seed_hosts=es9-master
- cluster.initial_master_nodes=es9-master
- ES_JAVA_OPTS=-Xms512m -Xmx512m
- xpack.security.enabled=false
- xpack.security.transport.ssl.enabled=false
volumes:
- ./es9-data/data:/usr/share/elasticsearch/data
ports:
- 9201:9200
- 9301:9300
networks:
- elk_network
depends_on:
- es9-master
es9-coordinate:
image: registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1
container_name: es9-coordinate
privileged: true
environment:
- cluster.name=es9-cluster
- node.roles=[]
- node.name=es9-coordinate
- discovery.seed_hosts=es9-master
- cluster.initial_master_nodes=es9-master
- ES_JAVA_OPTS=-Xms512m -Xmx512m
- xpack.security.enabled=false
- xpack.security.transport.ssl.enabled=false
volumes:
- ./es9-coordinate/data:/usr/share/elasticsearch/data
ports:
- 9202:9200
- 9302:9300
networks:
- elk_network
depends_on:
- es9-master
kibana:
image: docker.elastic.co/kibana/kibana:9.0.1
container_name: kibana
ports:
- 5601:5601
privileged: true
environment:
- I18N_LOCALE=zh-CN
- ELASTICSEARCH_HOSTS=http://es9-coordinate:9200
- xpack.security.enabled=false
networks:
- elk_network
depends_on:
- es9-coordinate
networks:
elk_network:
driver: bridge步骤3:启动集群
bash
cd /opt/elk/es9
docker-compose up -d
# 查看启动状态
docker-compose ps四、部署验证
bash
# 查看ES集群健康状态(正常为green)
curl http://localhost:9200/_cat/health?v
# 查看节点列表
curl http://localhost:9200/_cat/nodes?v
# 访问Kibana(浏览器)
http://服务器IP:5601
五、补充内容
当 ES开启账号密码登录时候,默认的官方镜像会报错,要求必须开启ssl。因此根据官方镜像制动包含ssl证书的镜像。以下是dockerfile内容:
bash
FROM registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1
USER elasticsearch
RUN bin/elasticsearch-certutil ca \
--pass "" \
--out config/elastic-stack-ca.p12
RUN bin/elasticsearch-certutil cert \
--pass "" \
--days 36500 \
--ca config/elastic-stack-ca.p12 \
--ca-pass "" \
--out config/elastic-certificates.p12
RUN cat > config/elasticsearch.yml <<EOF
cluster.name: "docker-cluster"
network.host: 0.0.0.0
xpack.security.enabled: true
xpack.security.http.ssl.enabled: false
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
EOF
USER elasticsearchdocker build -t registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1-ssl . --no-cache
六、k8s环境部署ES集群
使用三master+ 若干 data节点+ 若干协调节点。 data以及协调节点副本数可自定义。协调节点一般两个即可。data节点按照数据量和设置副本数。(注意:若 ES 没有加入data节点是没法写入数据以及数据密码的,毕竟密码是要保存在data节点;生产务必改成数据持久化)
yaml
---
# Namespace
apiVersion: v1
kind: Namespace
metadata:
name: elk-stack
---
# Headless Service for Elasticsearch discovery
apiVersion: v1
kind: Service
metadata:
name: elasticsearch-discovery
namespace: elk-stack
spec:
selector:
app: elasticsearch # 这个标签选择器会选中所有 ES 节点
clusterIP: None
ports:
- name: transport
port: 9300
---
# Master StatefulSet
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch-master
namespace: elk-stack
spec:
serviceName: elasticsearch-discovery
replicas: 3
selector:
matchLabels:
app: elasticsearch
role: master
template:
metadata:
labels:
app: elasticsearch # 必须加这个标签
role: master
spec:
containers:
- name: elasticsearch
image: registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1-ssl
env:
- name: node.roles
value: "master"
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: discovery.seed_hosts
value: "elasticsearch-discovery" # 只用这个!
- name: cluster.initial_master_nodes
value: "elasticsearch-master-0,elasticsearch-master-1,elasticsearch-master-2"
- name: ES_JAVA_OPTS
value: "-Xms512m -Xmx512m"
ports:
- containerPort: 9200
- containerPort: 9300
---
# Data StatefulSet
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch-data
namespace: elk-stack
spec:
serviceName: elasticsearch-discovery
replicas: 1
selector:
matchLabels:
app: elasticsearch
role: data
template:
metadata:
labels:
app: elasticsearch # 必须加这个标签
role: data
spec:
containers:
- name: elasticsearch
image: registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1-ssl
env:
- name: node.roles
value: "data"
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: discovery.seed_hosts
value: "elasticsearch-discovery" # 只用这个!
- name: ES_JAVA_OPTS
value: "-Xms512m -Xmx512m"
ports:
- containerPort: 9200
- containerPort: 9300
---
# Coordinate StatefulSet
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch-coordinate
namespace: elk-stack
spec:
serviceName: elasticsearch-discovery
replicas: 1
selector:
matchLabels:
app: elasticsearch
role: coordinate
template:
metadata:
labels:
app: elasticsearch # 必须加这个标签
role: coordinate
spec:
containers:
- name: elasticsearch
image: registry.cn-shenzhen.aliyuncs.com/abc_space/elasticsearch:9.0.1-ssl
env:
- name: node.roles
value: "[]"
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: discovery.seed_hosts
value: "elasticsearch-discovery" # 只用这个!
- name: ES_JAVA_OPTS
value: "-Xms512m -Xmx512m"
ports:
- containerPort: 9200
- containerPort: 9300
---
# Kibana Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: kibana
namespace: elk-stack
labels:
app: kibana
spec:
replicas: 1
selector:
matchLabels:
app: kibana
template:
metadata:
labels:
app: kibana
spec:
containers:
- name: kibana
image: docker.elastic.co/kibana/kibana:9.0.1
env:
- name: ELASTICSEARCH_USERNAME
value: "kibana_system"
- name: ELASTICSEARCH_PASSWORD
value: "elastic"
- name: ELASTICSEARCH_HOSTS
value: "http://elasticsearch-coordinate:9200"
- name: I18N_LOCALE
value: "zh-CN"
ports:
- containerPort: 5601
---
# Kibana Service
apiVersion: v1
kind: Service
metadata:
name: kibana
namespace: elk-stack
spec:
selector:
app: kibana
ports:
- port: 5601
type: NodePort
---
