Elasticsearch集群部署-docker
服务器
服务器需要三台
ES版本:7.16.3
ES配置文件:/data/elasticsearch/config/elasticsearch.yml
1、三台服务器需创建目录
mkdir -p /data/elasticsearch/{config,logs,data}
chmod 777 -R /data/elasticsearch/2、编辑elasticsearch配置文件
三台服务器都需要创建配置文件
vim /data/elasticsearch/config/elasticsearch.ymlnode1
cluster.name: "es-cluster"
network.host: 0.0.0.0
network.publish_host: 【server IP】 #主机IP
node.name: elasticsearch-node1 # 节点名
bootstrap.memory_lock: true
cluster.initial_master_nodes:
- elasticsearch-node1 # 可以设置为master的节点(本次设置node1为master)
xpack.security.transport.ssl.enabled: true
xpack.security.enabled: truenode2,node3与node2类似,需要修改一下node.name
cluster.name: "es-cluster"
network.host: 0.0.0.0
network.publish_host: 【seerver IP】# 服务器IP
node.name: elasticsearch-node2
bootstrap.memory_lock: true
discovery.seed_hosts:
- master server ip # master 主机的IP
xpack.security.transport.ssl.enabled: true
xpack.security.enabled: true3、启动容器
三台服务器docker启动方式相同,需要修改 --name 和 --hostname(不修改也没什么影响)
注意:ELASTIC_PASSWORD 需要设置密码;-e "ES_JAVA_OPTS=-Xms10240m -Xmx10240m" 内存需要根据服务器情况进行修改
docker run -d --restart=always --name elasticsearch-node1 --hostname elasticsearch-node1 --ulimit nofile=65535:65535 --ulimit memlock=-1:-1 -e "ELASTIC_PASSWORD=123456" -e "xpack.license.self_generated.type=basic" -e "ES_JAVA_OPTS=-Xms10240m -Xmx10240m" -v /etc/localtime:/etc/localtime:ro -v /data/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml -v /data/elasticsearch/data:/usr/share/elasticsearch/data:rw -v /data/elasticsearch/logs:/usr/share/elasticsearch/logs:rw -p 9200:9200 -p 9300:9300 elasticsearch:7.16.34、生成证书,用于各个节点之间通信
# 进入master的es容器内
docker exec -it [容器ID] bash
bin/elasticsearch-certutil ca
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
# 将证书cp到config目录(容器内)
cp elastic-certificates.p12 config/
cp elastic-stack-ca.p12 config/
chmod 777 config/elastic-*
# 操作完成后退出容器
exit# 将证书在容器内倒出,并传给其他两个从节点服务器
docker cp [容器id]:/usr/share/elasticsearch/elastic-certificates.p12 .
docker cp [容器id]:/usr/share/elasticsearch/elastic-stack-ca.p12 .
# 传给其他两台服务器
scp elastic-* [server ip]:/root/
scp elastic-* [server ip]:/root/从节点配置刚刚传过来的证书
docker cp elastic-certificates.p12 [容器ID]:/usr/share/elasticsearch/config/
docker cp elastic-stack-ca.p12 [容器ID]:/usr/share/elasticsearch/config/
docker exec [容器ID] chmod 777 /usr/share/elasticsearch/config/elastic-certificates.p12
docker exec [容器ID] chmod 777 /usr/share/elasticsearch/config/elastic-stack-ca.p125、更新elasticsearch配置文件
三台服务器配置文件新增以下内容
vim /data/elasticsearch/config/elasticsearch.yml
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12配置文件更新后重启ES容器
docker restart [容器id]
查看节点状态是否正常,正常会显示集群的主节点IP
http://server ip:9200/_cat/master
正文到此结束
- 本文标签: Linux elk elasticsearch Docker
- 版权声明: 本站原创文章,于2023年03月03日由 PGaZn发布,转载请注明出处
.jpg)
评论
登录后才能发表评论 登录/注册
0评论