选择节点创建目录
我们的方案是选择单独 1 个 Node 部署 ES 集群的全部节点,这里选择的 Node 是 iz2zeiaaq1cifk1tfxu7z9z,使用 SSH 登入这个 Node 进行操作。
创建 3 个目录用来做 K8S 的本地卷:
mkdir -p /mnt/localpv/es7-0 /mnt/localpv/es7-1 /mnt/localpv/es7-2目录授权:
chmod -R 777 /mnt/localpv/创建 LocalVolume 资源
回到 K8S 集群的 master 上或使用容器 Paas 平台进行下一步操作。
创建命名空间文件 logging-ns.yml:
apiVersion: v1
kind: Namespace
metadata:
name: logging执行文件:
kubectl create -f logging-ns.yml创建 StorageClass 文件 localstorage-storageclass.yml:
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: local-storage
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer执行文件:
kubectl create -f localstorage-storageclass.yml创建三组 PersistentVolume、PersistentVolumeClaim 资源文件 localstorage-pv0.yml:
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-pv-0
labels:
name: local-storage-pv-0
spec:
capacity:
storage: 60Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /mnt/localpv/es7-0
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- iz2zeiaaq1cifk1tfxu7z9z # 此处需替换为文档开始选定的Node名
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: local-storage-pv-es7-cluster-0
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-storage
selector:
matchLabels:
name: local-storage-pv-0
resources:
requests:
storage: 60Gilocalstorage-pv1.yml:
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-pv-1
labels:
name: local-storage-pv-1
spec:
capacity:
storage: 60Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /mnt/localpv/es7-1
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- iz2zeiaaq1cifk1tfxu7z9z # 此处需替换为文档开始选定的Node名
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: local-storage-pv-es7-cluster-1
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-storage
selector:
matchLabels:
name: local-storage-pv-1
resources:
requests:
storage: 60Gilocalstorage-pv2.yml:
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-pv-2
labels:
name: local-storage-pv-2
spec:
capacity:
storage: 60Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /mnt/localpv/es7-2
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- iz2zeiaaq1cifk1tfxu7z9z # 此处需替换为文档开始选定的Node名
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: local-storage-pv-es7-cluster-2
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-storage
selector:
matchLabels:
name: local-storage-pv-2
resources:
requests:
storage: 60Gi执行文件:
kubectl create -f localstorage-pv0.yml
kubectl create -f localstorage-pv1.yml
kubectl create -f localstorage-pv2.yml创建 Elasticsearch7 集群
创建无头 Service 文件 elasticsearch7-svc.yml:
kind: Service
apiVersion: v1
metadata:
name: elasticsearch7
namespace: logging
labels:
app: elasticsearch7
spec:
selector:
app: elasticsearch7
clusterIP: None
ports:
- port: 9200
name: rest
- port: 9300
name: inter-node执行文件:
kubectl create -f elasticsearch7-svc.yml创建 StatefulSet 文件 elasticsearch7-statefulset.yml:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: es7-cluster
namespace: logging
spec:
serviceName: elasticsearch7
replicas: 3
selector:
matchLabels:
app: elasticsearch7
template:
metadata:
labels:
app: elasticsearch7
spec:
containers:
- name: elasticsearch7
image: docker.elastic.co/elasticsearch/elasticsearch:7.6.1
resources:
limits:
cpu: 1000m
requests:
cpu: 100m
ports:
- containerPort: 9200
name: rest
protocol: TCP
- containerPort: 9300
name: inter-node
protocol: TCP
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
env:
- name: cluster.name
value: k8s-logs
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: discovery.zen.minimum_master_nodes # 含义请参阅官方 Elasticsearch 文档
value: "2"
- name: discovery.seed_hosts # 含义请参阅官方 Elasticsearch 文档
value: "es7-cluster-0.elasticsearch7,es7-cluster-1.elasticsearch7,es7-cluster-2.elasticsearch7"
- name: cluster.initial_master_nodes # 初始化的 master 节点,旧版本相关配置 discovery.zen.minimum_master_nodes
value: "es7-cluster-0,es7-cluster-1,es7-cluster-2" # 含义请参阅官方 Elasticsearch 文档
- name: ES_JAVA_OPTS
value: "-Xms2g -Xmx4g" # 根据具体资源及需求调整
initContainers:
- name: fix-permissions
image: busybox
command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
securityContext:
privileged: true
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
- name: increase-vm-max-map
image: busybox
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
- name: increase-fd-ulimit
image: busybox
command: ["sh", "-c", "ulimit -n 65536"]
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: "local-storage"
resources:
requests:
storage: 60Gi4.执行文件:
kubectl create -f elasticsearch7-statefulset.yml验证是否安装成功
执行请求测试:
curl http://<POD_IP>:9200/_cluster/health?pretty返回结果:
{
"cluster_name" : "k8s-logs",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 3,
"number_of_data_nodes" : 3,
"active_primary_shards" : 0,
"active_shards" : 0,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}
WEB架构
安全监控体系
集群架构
