1、背景:
2、开发elasticsearch集群,无认证模式:
1. 开发yaml文件内容如下:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: es7-cluster
namespace: sit
spec:
serviceName: elasticsearch
replicas: 3
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
containers:
- name: elasticsearch
image: 192.20.67.250/public/elasticsearch:7.9.3
resources:
limits:
cpu: 1000m
requests:
cpu: 100m
ports:
- containerPort: 9200
name: rest
protocol: TCP
- containerPort: 9300
name: inter-node
protocol: TCP
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
env:
- name: cluster.name
value: k8s-logs
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: discovery.zen.minimum_master_nodes
value: "2"
- name: discovery.seed_hosts
value: "es7-cluster-0.elasticsearch,es7-cluster-1.elasticsearch,es7-cluster-2.elasticsearch"
- name: cluster.initial_master_nodes
value: "es7-cluster-0,es7-cluster-1,es7-cluster-2"
- name: ES_JAVA_OPTS
value: "-Xms1g -Xmx1g"
initContainers:
- name: fix-permissions
image: 192.20.67.250/public/busybox:latest
command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
securityContext:
privileged: true
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
- name: increase-vm-max-map
image: 192.20.67.250/public/busybox:latest
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
- name: increase-fd-ulimit
image: 192.20.67.250/public/busybox:latest
command: ["sh", "-c", "ulimit -n 65536"]
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: "huawei-san"
resources:
requests:
storage: 1GiapiVersion: v1
kind: Service
metadata:
name: elasticsearch
namespace: sit
spec:
selector:
app: elasticsearch
type: ClusterIP
ports:
- port: 9200
name: es-9200
targetPort: 9200
- port: 9300
name: es-9300
targetPort: 93002. 创建elasticsearch集群:
3. 查看运行情况:
3、开发elasticsearch集群,认证模式:
1. 开发yaml文件内容如下:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elastic-cluster
namespace: sit
labels:
app: elastic-cluster
spec:
serviceName: elastic-svc
replicas: 3
selector:
matchLabels:
app: elastic-cluster
kubernetes.io/cluster-service: "true"
template:
metadata:
labels:
app: elastic-cluster
kubernetes.io/cluster-service: "true"
spec:
initContainers:
- name: fix-permissions
image: 192.20.67.250/public/busybox:latest
imagePullPolicy: IfNotPresent
command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
securityContext:
privileged: true
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
- name: localtime
readOnly: true
mountPath: /etc/localtime
- name: increase-vm-max-map
image: 192.20.67.250/public/busybox:latest
imagePullPolicy: IfNotPresent
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
- name: increase-fd-ulimit
image: 192.20.67.250/public/busybox:latest
imagePullPolicy: IfNotPresent
command: ["sh", "-c", "ulimit -n 65536"]
volumes:
- name: localtime
hostPath:
path: /etc/localtime
type: ''
containers:
- name: elasticsearch
image: 192.20.67.250/public/elasticsearch:7.9.3-p12
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9200
name: rest-api
protocol: TCP
- containerPort: 9300
name: inter-node
protocol: TCP
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
- name: localtime
readOnly: true
mountPath: /etc/localtime
env:
- name: node.name
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: discovery.zen.minimum_master_nodes
value: "2"
- name: discovery.seed_hosts
value: "elastic-svc"
- name: cluster.initial_master_nodes
value: "elastic-cluster-0,elastic-cluster-1,elastic-cluster-2"
- name: ES_JAVA_OPTS
value: "-Xms1024m -Xmx1024m"
- name: xpack.security.enabled
value: "true"
- name: xpack.security.transport.ssl.enabled
value: "true"
- name: xpack.security.transport.ssl.verification_mode
value: "certificate"
- name: xpack.security.transport.ssl.keystore.path
value: "elastic-certificates.p12"
- name: xpack.security.transport.ssl.truststore.path
value: "elastic-certificates.p12"
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: "huawei-san"
resources:
requests:
storage: 2GiapiVersion: v1
kind: Service
metadata:
name: elastic-svc
namespace: sit
labels:
app: elastic-cluster
spec:
selector:
app: elastic-cluster
type: ClusterIP
ports:
- name: rest-api
port: 9200
protocol: TCP
targetPort: 9200
- name: inter-node
port: 9300
protocol: TCP
targetPort: 93002. 创建elasticsearch集群:
3. 查看运行情况:
4.验证elasticsearch服务登入:
输入密码之后返回如下的内容:
