> For the complete documentation index, see [llms.txt](https://close.gitbook.io/yun-wei-bi-ji/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://close.gitbook.io/yun-wei-bi-ji/es/docker-bu-shu-3-jie-dian-es-ji-qun.md).

# Docker 部署 3 节点 ES 集群

> 参考: [Docker 部署 3 节点 ES 集群 - evescn - 博客园](https://www.cnblogs.com/evescn/p/16175547.html)

### Docker 部署 3 节点 ES 集群

* 资源清单
* 主机 IP
  * es-master 10.0.0.1
  * es-node1 10.0.0.2
  * es-node2 10.0.0.3
* 软件 版本
  * docker 20.10.12
  * docker-compose 1.23.1
  * elasticsearch 7.16.3
  * kibana 7.16.3

### 一、Docker 安装

```bash
1. 使用国内 yum 源
# yum install -y yum-utils device-mapper-persistent-data lvm2
# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

2. 卸载旧版本的 docker
## 如果主机上已经有docker存在且不是想要安装的版本，需要先进行卸载。
# yum remove -y docker \
              docker-client \
              docker-client-latest \
              docker-common \
              docker-latest \
              docker-latest-logrotate \
              docker-logrotate \
              docker-selinux \
              docker-engine-selinux \
              docker-engine \
              container*
```

**3. 安装 Docker20.10 版本**

```bash
# yum -y install docker-ce-20.10.12-3.el7 docker-ce-cli-20.10.12-3.el7
curl -L https://github.com/docker/compose/releases/download/1.27.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
```

**4. 设置镜像加速**

```bash
# mkdir /etc/docker
# vi /etc/docker/daemon.json

{
  "registry-mirrors": ["https://xxxxxxxxx.mirror.aliyuncs.com"]
}
```

**5. 启动 docker**

```bash
# systemctl start docker
# systemctl enable docker
# systemctl status docker
```

### 二、Docker-compose 安装

> github.com 可能访问超时，可以使用下面的获取下载下来后上传服务器即可

```bash
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
curl -k "https://dl.cactifans.com/zabbix_docker/docker-compose" -o /usr/bin/docker-compose
chmod a+x /usr/bin/docker-compose
docker-compose version
```

### 三、部署 ES 集群

1. 部署 es-master 节点 10.0.0.1 主机

**a | 编辑 docker-compose 文件**

```bash
version: '3'
services:
  es-master:
    image: elasticsearch:7.16.3
    container_name: es-master
    environment:
      - "ES_JAVA_OPTS=-Xms4096m -Xmx4096m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
      - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
      - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
    ports:
      - 9200:9200
      - 9300:9300
    extra_hosts:                        # 设置容器 hosts
      - "es-master:10.0.0.1"
      - "es-node1:10.0.0.2"
      - "es-node2:10.0.0.3"
  kibana:
    image: kibana:7.16.3
    container_name: kibana
    restart: always
    environment:
      - TZ="Asia/Shanghai"
    ports:
      - 5601:5601
    volumes:
      - /data/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro
    depends_on:
      - es-master
```

**b | 创建服务挂载目录**

```bash
##  创建es配置数据日志目录
mkdir /data/elasticsearch/{config,data,log} -pv

## 创建kibana配置目录
mkdir /data/kibana/config -pv

## 修改es目录权限，否则容器启动报错，es容器使用es用户启动，用户id=1000
chown 1000:1000 /data/elasticsearch/* -R
```

**c | 编辑 es.yml 配置文件**

```bash
# vim /data/elasticsearch/config/es.yml

cluster.name: es-cluster-test
node.name: es-master
node.master: true
node.data: true

#network.host: 0.0.0.0
network.bind_host: 0.0.0.0
network.publish_host: 10.0.0.1
http.port: 9200
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"

discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"]
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 5s

bootstrap.memory_lock: true
action.destructive_requires_name: true
cluster.initial_master_nodes: ["es-master"]

ingest.geoip.downloader.enabled: false
```

**d | 编辑 kibana.yml 配置文件**

```bash
# vim /data/kibana/config/kibana.yml

server.name: kibana
server.host: "0.0.0.0"
#此处为es的master地址
elasticsearch.hosts: "http://es-master:9200"
xpack.monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: "zh-CN"
```

**e | 启动服务**

```bash
docker-compose up -d

## ElasticSearch启动报错，bootstrap checks failed 
## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

echo "vm.max_map_count=655360" >> /etc/sysctl.conf
sysctl -p
```

### 2. 部署 es-node1 节点

10.0.0.2 主机

**a | 编辑 docker-compose 文件**

```bash
version: '3'
services:
  es-node1:
    image: elasticsearch:7.16.3
    container_name: es-node1
    environment:
      - "ES_JAVA_OPTS=-Xms4096m -Xmx4096m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
      - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
      - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
    ports:
      - 9200:9200
      - 9300:9300
    extra_hosts:                        # 设置容器 hosts
      - "es-master:10.0.0.1"
      - "es-node1:10.0.0.2"
      - "es-node2:10.0.0.3"
```

**b | 创建服务挂载目录**

```bash
##  创建es配置数据日志目录
mkdir /data/elasticsearch/{config,data,log} -pv

## 修改es目录权限，否则容器启动报错，es容器使用es用户启动，用户id=1000
chown 1000:1000 /data/elasticsearch/* -R


## ElasticSearch启动报错，bootstrap checks failed 
## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]


echo "vm.max_map_count=655360" /etc/sysctl.conf
sysctl -p
```

**c | 编辑 es.yml 配置文件**

```bash
# vim /data/elasticsearch/config/es.yml

cluster.name: es-cluster-test
node.name: es-node1
node.master: false
node.data: true

network.bind_host: 0.0.0.0
network.publish_host: 10.0.0.2
http.port: 9200
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"

discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"]
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 5s

bootstrap.memory_lock: true
action.destructive_requires_name: true
cluster.initial_master_nodes: ["es-master"]
```

**d | 启动服务**

```bash
# docker-compose up -d
```

### 3. 部署 es-node2 节点

10.0.0.3 主机

**a | 编辑 docker-compose 文件**

```bash
version: '3'
services:
  es-node1:
    image: elasticsearch:7.16.3
    container_name: es-node2
    environment:
      - "ES_JAVA_OPTS=-Xms4096m -Xmx4096m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
      - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
      - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
    ports:
      - 9200:9200
      - 9300:9300
    extra_hosts:                        # 设置容器 hosts
      - "es-master:10.0.0.1"
      - "es-node1:10.0.0.2"
      - "es-node2:10.0.0.3"
```

**b | 创建服务挂载目录**

```bash
##  创建es配置数据日志目录
mkdir /data/elasticsearch/{config,data,log} -pv

## 修改es目录权限，否则容器启动报错，es容器使用es用户启动，用户id=1000
chown 1000:1000 /data/elasticsearch/* -R


## ElasticSearch启动报错，bootstrap checks failed 
## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]


echo "vm.max_map_count=655360" /etc/sysctl.conf
sysctl -p
```

**c | 编辑 es.yml 配置文件**

```bash
# vim /data/elasticsearch/config/es.yml

cluster.name: es-cluster-test
node.name: es-node1
node.master: false
node.data: true

network.bind_host: 0.0.0.0
network.publish_host: 10.0.0.3
http.port: 9200
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"

discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"]
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 5s

bootstrap.memory_lock: true
action.destructive_requires_name: true
cluster.initial_master_nodes: ["es-master"]
```

**d | 启动服务**

```bash
docker-compose up -d
```

### 4. 启动 es\_xpack 认证

> 集群认证需要首先配置秘钥才行，否则在给内置用户创建秘钥的时候将会报错

**a | 生成证书**

```bash
## 登陆其中一个node节点执行命令，生成完证书传到集群其他节点即可
## 两条命令均一路回车即可，不需要给秘钥再添加密码。
## 证书创建完成之后，默认在es的数据目录，这里统一cp 到宿主机目录中

docker exec -it es-mater bash
/usr/share/elasticsearch/bin/elasticsearch-certutil ca
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
mv elastic-* /usr/share/elasticsearch/data/
exit 



## 复制 /data/elasticsearch/data/ 下证书到 config 目录
cd /data/elasticsearch/config/
cp /data/elasticsearch/data/elastic-*  ./
chmod 644 elastic-*
chown 1000:1000 elastic*


## 复制证书文件到其他节点
scp /data/elasticsearch/config/elastic-* 10.0.0.2:/data/elasticsearch/config/
scp /data/elasticsearch/config/elastic-* 10.0.0.3:/data/elasticsearch/config/
```

**b | 新增 es.yml 配置**

* 三台机器新增配置如下：

```bash
......
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/elastic-certificates.p12
```

**c | 修改 docker-compose.yml 文件**

```bash
version: '3'
services:
  es-node1:
    image: elasticsearch:7.16.3
    ......
    volumes:
      - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro

      ## 挂载 ssl 证书到容器中
      - /data/elasticsearch/config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:ro
      - /data/elasticsearch/config/elastic-stack-ca.p12:/usr/share/elasticsearch/config/elastic-stack-ca.p12:ro
      - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
      - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
    ......
```

**d | 创建账户，并为内置账号添加密码**

```bash
ES 中内置了几个管理其他集成组件的账号即：apm_system, beats_system, elastic, kibana, logstash_system, remote_monitoring_user，使用之前，首先需要添加一下密码。

# docker exec -it es-mater bash
# /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
```

**e | 配置完毕之后，可以通过如下方式访问 es 服务：**

```bash
curl -XGET -u elastic 'localhost:9200/_xpack/security/user?pretty'
```

**f | kibana 配置文件中，新增 es 账户密码**

### kibana.yml 文件

```bash
elasticsearch.username: "elastic"
elasticsearch.password: "123456"
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://close.gitbook.io/yun-wei-bi-ji/es/docker-bu-shu-3-jie-dian-es-ji-qun.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.