jsp做新闻系统门户网站,厦门网站建设哪家比较好,网站制作网站价格,网页和网站的联系1、背景#xff1a; 因公司业务需要#xff0c;需要在测试、生产kubernetes集群中部署elasticsearch集群#xff0c;因不同环境要求#xff0c;需要部署不同模式的elasticsearch集群#xff0c; 1、测试环境因安全性要求不高#xff0c;是部署一套默认配置#xff1b; 2…1、背景 因公司业务需要需要在测试、生产kubernetes集群中部署elasticsearch集群因不同环境要求需要部署不同模式的elasticsearch集群 1、测试环境因安全性要求不高是部署一套默认配置 2、生产环境因安全性要求是部署一套带认证配置 2、开发elasticsearch集群无认证模式 在kubernetes集群中部署elasticsearch集群采用的是有状态服务组件就是StatefulSet组件。 1. 开发yaml文件内容如下 # vim elasticsearch.yaml apiVersion: apps/v1
kind: StatefulSet
metadata:name: es7-clusternamespace: sit
spec:serviceName: elasticsearchreplicas: 3selector:matchLabels:app: elasticsearchtemplate:metadata:labels:app: elasticsearchspec:containers:- name: elasticsearchimage: 192.20.67.250/public/elasticsearch:7.9.3resources:limits:cpu: 1000mrequests:cpu: 100mports:- containerPort: 9200name: restprotocol: TCP- containerPort: 9300name: inter-nodeprotocol: TCPvolumeMounts:- name: datamountPath: /usr/share/elasticsearch/dataenv:- name: cluster.namevalue: k8s-logs- name: node.namevalueFrom:fieldRef:fieldPath: metadata.name- name: discovery.zen.minimum_master_nodesvalue: 2- name: discovery.seed_hostsvalue: es7-cluster-0.elasticsearch,es7-cluster-1.elasticsearch,es7-cluster-2.elasticsearch- name: cluster.initial_master_nodesvalue: es7-cluster-0,es7-cluster-1,es7-cluster-2- name: ES_JAVA_OPTSvalue: -Xms1g -Xmx1ginitContainers:- name: fix-permissionsimage: 192.20.67.250/public/busybox:latestcommand: [sh, -c, chown -R 1000:1000 /usr/share/elasticsearch/data]securityContext:privileged: truevolumeMounts:- name: datamountPath: /usr/share/elasticsearch/data- name: increase-vm-max-mapimage: 192.20.67.250/public/busybox:latestcommand: [sysctl, -w, vm.max_map_count262144]securityContext:privileged: true- name: increase-fd-ulimitimage: 192.20.67.250/public/busybox:latestcommand: [sh, -c, ulimit -n 65536]volumeClaimTemplates:- metadata:name: dataspec:accessModes: [ ReadWriteOnce ]storageClassName: huawei-sanresources:requests:storage: 1Gi 注 1、这里使用pvc存储因kubernetes集群有部署了storageclaas组件所以这里是直接通过storageclass组件的方式创建pvc存储。 2、如果需要引起yaml文件里的内容需要根据实际情况修改镜像地址和sc组件的名称。 这里还需要部署一个service组件用于访问elasticsearch集群。 # vim elasticsearch-svc.yaml apiVersion: v1
kind: Service
metadata:name: elasticsearchnamespace: sit
spec:selector:app: elasticsearchtype: ClusterIPports:- port: 9200name: es-9200targetPort: 9200- port: 9300name: es-9300targetPort: 9300
2. 创建elasticsearch集群 执行生效yaml文件 # kubectl apply -f elasticsearch.yaml statefulset.apps/elastic-cluster created # kubectl apply -f elasticsearch-svc.yaml service/elasticsearch-svc created 3. 查看运行情况 查看sts组件运行情况 # kubectl get sts NAME READY AGE es7-cluster 3/3 5m6s 查看pod运行情况 # kubectl get pods | grep es7 es7-cluster-0 1/1 Running 0 5m54s es7-cluster-1 1/1 Running 0 4m23s es7-cluster-2 1/1 Running 0 3m30s 查看svc情况 # kubectl get svc | grep ela elasticsearch ClusterIP 172.32.151.215 none 9200/TCP,9300/TCP 22s 4. 访问elasticsearch服务 3、开发elasticsearch集群认证模式 在kubernetes集群中部署elasticsearch集群采用的是有状态服务组件就是StatefulSet组件。 1. 开发yaml文件内容如下 # vim elasticsearch.yaml apiVersion: apps/v1
kind: StatefulSet
metadata:name: elastic-clusternamespace: sitlabels:app: elastic-cluster
spec:serviceName: elastic-svcreplicas: 3selector:matchLabels:app: elastic-clusterkubernetes.io/cluster-service: truetemplate:metadata:labels:app: elastic-clusterkubernetes.io/cluster-service: truespec:initContainers:- name: fix-permissionsimage: 192.20.67.250/public/busybox:latestimagePullPolicy: IfNotPresentcommand: [sh, -c, chown -R 1000:1000 /usr/share/elasticsearch/data]securityContext:privileged: truevolumeMounts:- name: datamountPath: /usr/share/elasticsearch/data- name: localtimereadOnly: truemountPath: /etc/localtime- name: increase-vm-max-mapimage: 192.20.67.250/public/busybox:latestimagePullPolicy: IfNotPresentcommand: [sysctl, -w, vm.max_map_count262144]securityContext:privileged: true- name: increase-fd-ulimitimage: 192.20.67.250/public/busybox:latestimagePullPolicy: IfNotPresentcommand: [sh, -c, ulimit -n 65536]volumes:- name: localtimehostPath:path: /etc/localtimetype: containers:- name: elasticsearchimage: 192.20.67.250/public/elasticsearch:7.9.3-p12imagePullPolicy: IfNotPresentports:- containerPort: 9200name: rest-apiprotocol: TCP- containerPort: 9300name: inter-nodeprotocol: TCPvolumeMounts:- name: datamountPath: /usr/share/elasticsearch/data- name: localtimereadOnly: truemountPath: /etc/localtimeenv:- name: node.namevalueFrom:fieldRef:apiVersion: v1fieldPath: metadata.name- name: discovery.zen.minimum_master_nodesvalue: 2- name: discovery.seed_hostsvalue: elastic-svc- name: cluster.initial_master_nodesvalue: elastic-cluster-0,elastic-cluster-1,elastic-cluster-2- name: ES_JAVA_OPTSvalue: -Xms1024m -Xmx1024m- name: xpack.security.enabledvalue: true- name: xpack.security.transport.ssl.enabledvalue: true- name: xpack.security.transport.ssl.verification_modevalue: certificate- name: xpack.security.transport.ssl.keystore.pathvalue: elastic-certificates.p12- name: xpack.security.transport.ssl.truststore.pathvalue: elastic-certificates.p12volumeClaimTemplates: - metadata:name: dataspec:accessModes: [ ReadWriteOnce ]storageClassName: huawei-sanresources:requests:storage: 2Gi 注 1、这里使用pvc存储因kubernetes集群有部署了storageclaas组件所以这里是直接通过storageclass组件的方式创建pvc存储。 2、如果需要引起yaml文件里的内容需要根据实际情况修改镜像地址和sc组件的名称。 这里还需要部署一个service组件用于访问elasticsearch集群。 # vim elasticsearch-svc.yaml apiVersion: v1
kind: Service
metadata:name: elastic-svcnamespace: sitlabels:app: elastic-cluster
spec:selector:app: elastic-clustertype: ClusterIPports:- name: rest-apiport: 9200protocol: TCPtargetPort: 9200- name: inter-nodeport: 9300protocol: TCPtargetPort: 9300
2. 创建elasticsearch集群 # kubectl apply -f elasticsearch-svc-p12.yaml service/elastic-svc created # kubectl apply -f elasticsearch-p12.yaml statefulset.apps/elastic-cluster created 3. 查看运行情况 查看sts组件运行情况 # kubectl get sts NAME READY AGE elastic-cluster 3/3 4m42s 查看pod运行情况 # kubectl get pods | grep ela elastic-cluster-0 1/1 Running 0 5m21s elastic-cluster-1 1/1 Running 0 4m57s elastic-cluster-2 1/1 Running 0 4m23s 查看svc情况 # kubectl get svc | grep ela elastic-svc ClusterIP 172.45.199.17 none 9200/TCP,9300/TCP 5m46s 4.验证elasticsearch服务登入 注这里就提示需要密码登入了。 密码需要到 elastic-cluster-0容器中执行如下的命令 注这是自动生成密码 ./bin/elasticsearch-setup-passwords auto 注这里就能获取到密码了。 输入密码之后返回如下的内容 注到此kubernetes集群中部署elasticsearch集群的过程就结束了希望可以帮助到大家。
