博客

docker部署3节点Elasticsearch8.4.0集群

  • Post author:
  • Post category:其他


本文以三节点分别部署在3台Linux为例(文字说明部署到1台需要修改的点)

1.创建文件夹并修改文件所有者(3节点都操作)

(如果三节点部署在一台Linux上,需要多创建几个目录,例如es1,es2,es3) 

mkdir -p /opt/es/data /opt/es/logs /opt/es/conf

2.vim /opt/es/conf/elasticsearch.yml(3节点都操作) 

#集群名称 所有节点名称一致
cluster.name: es-clusters
#当前该节点的名称,每个节点不能重复
node.name: node-1
#设置为公开访问
network.host: 0.0.0.0
#设置其它节点和该节点交互的本机器的ip地址,三台各自为
network.publish_host: 192.168.8.84
# 设置映射端口
http.port: 9200
#支持跨域访问
http.cors.enabled: true
http.cors.allow-origin: "*"
#配置集群的主机地址
discovery.seed_hosts: ["192.168.8.83", "192.168.8.84", "192.168.8.85"]
#初始主节点,使用一组初始的符合主条件的节点引导集群
cluster.initial_master_nodes: ["192.168.8.83", "192.168.8.84","192.168.8.85"]
#配置集群最少主节点数目,通常为 (可成为主节点的主机数目 / 2) + 1
#discovery.zen.minimum_master_nodes: 2
#禁用交换内存,提升效率
bootstrap.memory_lock: false
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

3. vim /etc/security/limits.conf(3节点都操作) 

* soft nofile 65536
* hard nofile 65536
* soft nproc 4096
* hard nproc 4096

4.vim /etc/sysctl.conf(3节点都操作) 

vm.max_map_count=655360



sysctl -p

5.创建容器

(如果三节点部署在一台Linux上,要修改挂载目录成第一步创建的目录,例如es1。容器名也要修改,例如es1。端口也要修改防止冲突) 

docker run -d --name es \
-p 9200:9200 -p 9300:9300 \
-v /opt/es/conf/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro \
-v /opt/es/data:/usr/share/elasticsearch/data \
-v /opt/es/logs:/usr/share/elasticsearch/logs \
-v /etc/localtime:/etc/localtime:ro \
elasticsearch:8.4.0

6.生成证书及私钥文件(在其中一台Linux上操作)

生成证书 

bin/elasticsearch-certutil  ca

创建私钥 

bin/elasticsearch-certutil  cert --ca elastic-stack-ca.p12 -out config/elastic-certificates.p12 -pass ""

把私钥文件从容器中复制出来 

docker cp 245765d3c146:/usr/share/elasticsearch/config/ elastic-certificates.p12 ./

把私钥文件复制到其他容器 

scp elastic-certificates.p12  root@node-2:/opt/es/conf/

scp elastic-certificates.p12  root@node-3:/opt/es/conf/

docker cp elastic-certificates.p12 3a61731ff49fb91e3cdf76821d332c4fa9858c7885f263532dbfa284315511ec:/usr/share/elasticsearch/config/

docker cp elastic-certificates.p12 214381b5197f66172c3d47b5d9bba2868e670a7792ae9769ad3f61a3422f51eb:/usr/share/elasticsearch/config/

进容器修改私钥文件权限(三台都操作) 

docker exec -it `docker ps -a | grep elastic | awk '{print $1}'` /bin/bash
chmod 777 /opt/es/conf/elastic-certificates.p12 

7.重启第一台docker,启动其余两个docker容器

8.创建密码(在其中一台Linux上操作) 

bin/elasticsearch-setup-passwords interactive

创建密码后用户名为elastic

9.验证集群

浏览器访问 

http://192.168.8.83:9200/_cluster/health?pretty

返回”number_of_nodes” : 3:三个节点加入了集群 

{
  "cluster_name" : "es-clusters",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 2,
  "active_shards" : 4,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}


版权声明:本文为id_wxq原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。