# Docker 部署 3 节点 ES 集群 > 参考: [Docker 部署 3 节点 ES 集群 - evescn - 博客园](https://www.cnblogs.com/evescn/p/16175547.html) ### Docker 部署 3 节点 ES 集群 * 资源清单 * 主机 IP * es-master 10.0.0.1 * es-node1 10.0.0.2 * es-node2 10.0.0.3 * 软件 版本 * docker 20.10.12 * docker-compose 1.23.1 * elasticsearch 7.16.3 * kibana 7.16.3 ### 一、Docker 安装 ```bash 1. 使用国内 yum 源 # yum install -y yum-utils device-mapper-persistent-data lvm2 # yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 2. 卸载旧版本的 docker ## 如果主机上已经有docker存在且不是想要安装的版本,需要先进行卸载。 # yum remove -y docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-selinux \ docker-engine-selinux \ docker-engine \ container* ``` **3. 安装 Docker20.10 版本** ```bash # yum -y install docker-ce-20.10.12-3.el7 docker-ce-cli-20.10.12-3.el7 curl -L https://github.com/docker/compose/releases/download/1.27.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose ``` **4. 设置镜像加速** ```bash # mkdir /etc/docker # vi /etc/docker/daemon.json { "registry-mirrors": ["https://xxxxxxxxx.mirror.aliyuncs.com"] } ``` **5. 启动 docker** ```bash # systemctl start docker # systemctl enable docker # systemctl status docker ``` ### 二、Docker-compose 安装 > github.com 可能访问超时,可以使用下面的获取下载下来后上传服务器即可 ```bash curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose curl -k "https://dl.cactifans.com/zabbix_docker/docker-compose" -o /usr/bin/docker-compose chmod a+x /usr/bin/docker-compose docker-compose version ``` ### 三、部署 ES 集群 1. 部署 es-master 节点 10.0.0.1 主机 **a | 编辑 docker-compose 文件** ```bash version: '3' services: es-master: image: elasticsearch:7.16.3 container_name: es-master environment: - "ES_JAVA_OPTS=-Xms4096m -Xmx4096m" ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 volumes: - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw ports: - 9200:9200 - 9300:9300 extra_hosts: # 设置容器 hosts - "es-master:10.0.0.1" - "es-node1:10.0.0.2" - "es-node2:10.0.0.3" kibana: image: kibana:7.16.3 container_name: kibana restart: always environment: - TZ="Asia/Shanghai" ports: - 5601:5601 volumes: - /data/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro depends_on: - es-master ``` **b | 创建服务挂载目录** ```bash ## 创建es配置数据日志目录 mkdir /data/elasticsearch/{config,data,log} -pv ## 创建kibana配置目录 mkdir /data/kibana/config -pv ## 修改es目录权限,否则容器启动报错,es容器使用es用户启动,用户id=1000 chown 1000:1000 /data/elasticsearch/* -R ``` **c | 编辑 es.yml 配置文件** ```bash # vim /data/elasticsearch/config/es.yml cluster.name: es-cluster-test node.name: es-master node.master: true node.data: true #network.host: 0.0.0.0 network.bind_host: 0.0.0.0 network.publish_host: 10.0.0.1 http.port: 9200 transport.tcp.port: 9300 http.cors.enabled: true http.cors.allow-origin: "*" discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"] discovery.zen.minimum_master_nodes: 2 discovery.zen.ping_timeout: 5s bootstrap.memory_lock: true action.destructive_requires_name: true cluster.initial_master_nodes: ["es-master"] ingest.geoip.downloader.enabled: false ``` **d | 编辑 kibana.yml 配置文件** ```bash # vim /data/kibana/config/kibana.yml server.name: kibana server.host: "0.0.0.0" #此处为es的master地址 elasticsearch.hosts: "http://es-master:9200" xpack.monitoring.ui.container.elasticsearch.enabled: true i18n.locale: "zh-CN" ``` **e | 启动服务** ```bash docker-compose up -d ## ElasticSearch启动报错,bootstrap checks failed ## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144] echo "vm.max_map_count=655360" >> /etc/sysctl.conf sysctl -p ``` ### 2. 部署 es-node1 节点 10.0.0.2 主机 **a | 编辑 docker-compose 文件** ```bash version: '3' services: es-node1: image: elasticsearch:7.16.3 container_name: es-node1 environment: - "ES_JAVA_OPTS=-Xms4096m -Xmx4096m" ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 volumes: - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw ports: - 9200:9200 - 9300:9300 extra_hosts: # 设置容器 hosts - "es-master:10.0.0.1" - "es-node1:10.0.0.2" - "es-node2:10.0.0.3" ``` **b | 创建服务挂载目录** ```bash ## 创建es配置数据日志目录 mkdir /data/elasticsearch/{config,data,log} -pv ## 修改es目录权限,否则容器启动报错,es容器使用es用户启动,用户id=1000 chown 1000:1000 /data/elasticsearch/* -R ## ElasticSearch启动报错,bootstrap checks failed ## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144] echo "vm.max_map_count=655360" /etc/sysctl.conf sysctl -p ``` **c | 编辑 es.yml 配置文件** ```bash # vim /data/elasticsearch/config/es.yml cluster.name: es-cluster-test node.name: es-node1 node.master: false node.data: true network.bind_host: 0.0.0.0 network.publish_host: 10.0.0.2 http.port: 9200 transport.tcp.port: 9300 http.cors.enabled: true http.cors.allow-origin: "*" discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"] discovery.zen.minimum_master_nodes: 2 discovery.zen.ping_timeout: 5s bootstrap.memory_lock: true action.destructive_requires_name: true cluster.initial_master_nodes: ["es-master"] ``` **d | 启动服务** ```bash # docker-compose up -d ``` ### 3. 部署 es-node2 节点 10.0.0.3 主机 **a | 编辑 docker-compose 文件** ```bash version: '3' services: es-node1: image: elasticsearch:7.16.3 container_name: es-node2 environment: - "ES_JAVA_OPTS=-Xms4096m -Xmx4096m" ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 volumes: - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw ports: - 9200:9200 - 9300:9300 extra_hosts: # 设置容器 hosts - "es-master:10.0.0.1" - "es-node1:10.0.0.2" - "es-node2:10.0.0.3" ``` **b | 创建服务挂载目录** ```bash ## 创建es配置数据日志目录 mkdir /data/elasticsearch/{config,data,log} -pv ## 修改es目录权限,否则容器启动报错,es容器使用es用户启动,用户id=1000 chown 1000:1000 /data/elasticsearch/* -R ## ElasticSearch启动报错,bootstrap checks failed ## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144] echo "vm.max_map_count=655360" /etc/sysctl.conf sysctl -p ``` **c | 编辑 es.yml 配置文件** ```bash # vim /data/elasticsearch/config/es.yml cluster.name: es-cluster-test node.name: es-node1 node.master: false node.data: true network.bind_host: 0.0.0.0 network.publish_host: 10.0.0.3 http.port: 9200 transport.tcp.port: 9300 http.cors.enabled: true http.cors.allow-origin: "*" discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"] discovery.zen.minimum_master_nodes: 2 discovery.zen.ping_timeout: 5s bootstrap.memory_lock: true action.destructive_requires_name: true cluster.initial_master_nodes: ["es-master"] ``` **d | 启动服务** ```bash docker-compose up -d ``` ### 4. 启动 es\_xpack 认证 > 集群认证需要首先配置秘钥才行,否则在给内置用户创建秘钥的时候将会报错 **a | 生成证书** ```bash ## 登陆其中一个node节点执行命令,生成完证书传到集群其他节点即可 ## 两条命令均一路回车即可,不需要给秘钥再添加密码。 ## 证书创建完成之后,默认在es的数据目录,这里统一cp 到宿主机目录中 docker exec -it es-mater bash /usr/share/elasticsearch/bin/elasticsearch-certutil ca /usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 mv elastic-* /usr/share/elasticsearch/data/ exit ## 复制 /data/elasticsearch/data/ 下证书到 config 目录 cd /data/elasticsearch/config/ cp /data/elasticsearch/data/elastic-* ./ chmod 644 elastic-* chown 1000:1000 elastic* ## 复制证书文件到其他节点 scp /data/elasticsearch/config/elastic-* 10.0.0.2:/data/elasticsearch/config/ scp /data/elasticsearch/config/elastic-* 10.0.0.3:/data/elasticsearch/config/ ``` **b | 新增 es.yml 配置** * 三台机器新增配置如下: ```bash ...... xpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/elastic-certificates.p12 ``` **c | 修改 docker-compose.yml 文件** ```bash version: '3' services: es-node1: image: elasticsearch:7.16.3 ...... volumes: - /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro ## 挂载 ssl 证书到容器中 - /data/elasticsearch/config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:ro - /data/elasticsearch/config/elastic-stack-ca.p12:/usr/share/elasticsearch/config/elastic-stack-ca.p12:ro - /data/elasticsearch/data:/usr/share/elasticsearch/data:rw - /data/elasticsearch/log:/usr/share/elasticsearch/log:rw ...... ``` **d | 创建账户,并为内置账号添加密码** ```bash ES 中内置了几个管理其他集成组件的账号即:apm_system, beats_system, elastic, kibana, logstash_system, remote_monitoring_user,使用之前,首先需要添加一下密码。 # docker exec -it es-mater bash # /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: Reenter password for [elastic]: Enter password for [apm_system]: Reenter password for [apm_system]: Enter password for [kibana]: Reenter password for [kibana]: Enter password for [logstash_system]: Reenter password for [logstash_system]: Enter password for [beats_system]: Reenter password for [beats_system]: Enter password for [remote_monitoring_user]: Reenter password for [remote_monitoring_user]: Changed password for user [apm_system] Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [remote_monitoring_user] Changed password for user [elastic] ``` **e | 配置完毕之后,可以通过如下方式访问 es 服务:** ```bash curl -XGET -u elastic 'localhost:9200/_xpack/security/user?pretty' ``` **f | kibana 配置文件中,新增 es 账户密码** ### kibana.yml 文件 ```bash elasticsearch.username: "elastic" elasticsearch.password: "123456" ```