1 确保 JumpServer 容器环境正常
bash
docker ps
2 编写文件
进入 JumpServer 的 /opt/jumpserver-xxx/compose 目录,备份 es.yml 文件并编辑 es.yml文件
bash
services:
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.25
container_name: jms_es01
hostname: es01
restart: always
ports:
- 9200:9200
volumes:
- ${VOLUME_DIR}/elasticsearch/es01/data:/usr/share/elasticsearch/data
- ${VOLUME_DIR}/elasticsearch/es01/logs:/usr/share/elasticsearch/logs
environment:
TZ: ${TZ:-Asia/Shanghai}
cluster.name: jms-es-cluster
node.name: es01
node.roles: master,data,ingest
discovery.seed_hosts: es01,es02,es03
cluster.initial_master_nodes: es01,es02,es03
network.host: 0.0.0.0
bootstrap.memory_lock: "false"
xpack.security.enabled: "false"
TAKE_FILE_OWNERSHIP: "true"
ES_JAVA_OPTS: "-Xms512m -Xmx512m"
ulimits:
memlock:
soft: '-1'
hard: '-1'
healthcheck:
test: "curl -sL http://localhost:9200 > /dev/null"
interval: 10s
timeout: 5s
retries: 3
start_period: 60s
networks:
- net
es02:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.25
container_name: jms_es02
hostname: es02
restart: always
ports:
- 9201:9200
volumes:
- ${VOLUME_DIR}/elasticsearch/es02/data:/usr/share/elasticsearch/data
- ${VOLUME_DIR}/elasticsearch/es02/logs:/usr/share/elasticsearch/logs
environment:
TZ: ${TZ:-Asia/Shanghai}
cluster.name: jms-es-cluster
node.name: es02
node.roles: master,data,ingest
discovery.seed_hosts: es01,es02,es03
cluster.initial_master_nodes: es01,es02,es03
network.host: 0.0.0.0
bootstrap.memory_lock: "false"
xpack.security.enabled: "false"
TAKE_FILE_OWNERSHIP: "true"
ES_JAVA_OPTS: "-Xms512m -Xmx512m"
ulimits:
memlock:
soft: '-1'
hard: '-1'
healthcheck:
test: "curl -sL http://localhost:9200 > /dev/null"
interval: 10s
timeout: 5s
retries: 3
start_period: 60s
networks:
- net
es03:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.25
container_name: jms_es03
hostname: es03
restart: always
ports:
- 9202:9200
volumes:
- ${VOLUME_DIR}/elasticsearch/es03/data:/usr/share/elasticsearch/data
- ${VOLUME_DIR}/elasticsearch/es03/logs:/usr/share/elasticsearch/logs
environment:
TZ: ${TZ:-Asia/Shanghai}
cluster.name: jms-es-cluster
node.name: es03
node.roles: master,data,ingest
discovery.seed_hosts: es01,es02,es03
cluster.initial_master_nodes: es01,es02,es03
network.host: 0.0.0.0
bootstrap.memory_lock: "false"
xpack.security.enabled: "false"
TAKE_FILE_OWNERSHIP: "true"
ES_JAVA_OPTS: "-Xms512m -Xmx512m"
ulimits:
memlock:
soft: '-1'
hard: '-1'
healthcheck:
test: "curl -sL http://localhost:9200 > /dev/null"
interval: 10s
timeout: 5s
retries: 3
start_period: 60s
networks:
- net
networks:
net:
external: true
name: jms_net3 启动 ES 容器
bash
# 调整 vm.max_map_count 太小
echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
sysctl -p
# 启动 es 容器
docker compose -f es.yml up -d
# 查看容器运行状态
docker ps | grep jms_es
4 检查 ES 容器状态
bash
# 检查节点状态
curl -X GET "http://localhost:9200/_cat/nodes?v&pretty"
# 检查集群健康
curl -X GET "http://localhost:9200/_cluster/health?pretty"
# 检查索引
curl -X GET "http://localhost:9200/_cat/indices?v&pretty"localhost:9200是 ES01 节点,其他端口(9201、9202)也可以分别查询。- 命令会显示每个节点的名称、角色、内存、CPU、主节点状态等。
status=green→ 集群健康,所有主分片和副本分片正常。status=yellow→ 主分片正常,但副本分片未分配(通常是单节点集群才会出现)。status=red→ 出现数据丢失或节点未启动,需要检查日志。- 可以看到所有索引状态是否为
open。 - 如果有
closed或red状态,需要进一步排查。
5 将 ES 各个节点添加至 JumpServer 命令存储
1.依次点击 系统设置 -- 存储设置 -- 命令存储 -- 创建
2.设置为默认存储
3.依次点击 系统设置 -- 组件设置 -- 组件列表 -- 全选 -- 更多操作 -- 命令存储 -- ES3 -- 确认
6 验证 ES 节点是否正常存储命令
1.去 web cli 命令行输入命令验证 es 存储
2.依次点击 审计台 -- 会话命令 -- 命令存储 -- ES3
