Docker 部署 3 节点 ES 集群
Docker 部署 3 节点 ES 集群
资源清单
主机 IP
es-master 10.0.0.1
es-node1 10.0.0.2
es-node2 10.0.0.3
软件 版本
docker 20.10.12
docker-compose 1.23.1
elasticsearch 7.16.3
kibana 7.16.3
一、Docker 安装
1. 使用国内 yum 源
# yum install -y yum-utils device-mapper-persistent-data lvm2
# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2. 卸载旧版本的 docker
## 如果主机上已经有docker存在且不是想要安装的版本,需要先进行卸载。
# yum remove -y docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine \
container*3. 安装 Docker20.10 版本
# yum -y install docker-ce-20.10.12-3.el7 docker-ce-cli-20.10.12-3.el7
curl -L https://github.com/docker/compose/releases/download/1.27.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose4. 设置镜像加速
# mkdir /etc/docker
# vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://xxxxxxxxx.mirror.aliyuncs.com"]
}5. 启动 docker
# systemctl start docker
# systemctl enable docker
# systemctl status docker二、Docker-compose 安装
github.com 可能访问超时,可以使用下面的获取下载下来后上传服务器即可
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
curl -k "https://dl.cactifans.com/zabbix_docker/docker-compose" -o /usr/bin/docker-compose
chmod a+x /usr/bin/docker-compose
docker-compose version三、部署 ES 集群
部署 es-master 节点 10.0.0.1 主机
a | 编辑 docker-compose 文件
version: '3'
services:
es-master:
image: elasticsearch:7.16.3
container_name: es-master
environment:
- "ES_JAVA_OPTS=-Xms4096m -Xmx4096m"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
volumes:
- /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
- /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
- /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
ports:
- 9200:9200
- 9300:9300
extra_hosts: # 设置容器 hosts
- "es-master:10.0.0.1"
- "es-node1:10.0.0.2"
- "es-node2:10.0.0.3"
kibana:
image: kibana:7.16.3
container_name: kibana
restart: always
environment:
- TZ="Asia/Shanghai"
ports:
- 5601:5601
volumes:
- /data/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro
depends_on:
- es-masterb | 创建服务挂载目录
## 创建es配置数据日志目录
mkdir /data/elasticsearch/{config,data,log} -pv
## 创建kibana配置目录
mkdir /data/kibana/config -pv
## 修改es目录权限,否则容器启动报错,es容器使用es用户启动,用户id=1000
chown 1000:1000 /data/elasticsearch/* -Rc | 编辑 es.yml 配置文件
# vim /data/elasticsearch/config/es.yml
cluster.name: es-cluster-test
node.name: es-master
node.master: true
node.data: true
#network.host: 0.0.0.0
network.bind_host: 0.0.0.0
network.publish_host: 10.0.0.1
http.port: 9200
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"]
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 5s
bootstrap.memory_lock: true
action.destructive_requires_name: true
cluster.initial_master_nodes: ["es-master"]
ingest.geoip.downloader.enabled: falsed | 编辑 kibana.yml 配置文件
# vim /data/kibana/config/kibana.yml
server.name: kibana
server.host: "0.0.0.0"
#此处为es的master地址
elasticsearch.hosts: "http://es-master:9200"
xpack.monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: "zh-CN"e | 启动服务
docker-compose up -d
## ElasticSearch启动报错,bootstrap checks failed
## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
echo "vm.max_map_count=655360" >> /etc/sysctl.conf
sysctl -p2. 部署 es-node1 节点
10.0.0.2 主机
a | 编辑 docker-compose 文件
version: '3'
services:
es-node1:
image: elasticsearch:7.16.3
container_name: es-node1
environment:
- "ES_JAVA_OPTS=-Xms4096m -Xmx4096m"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
volumes:
- /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
- /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
- /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
ports:
- 9200:9200
- 9300:9300
extra_hosts: # 设置容器 hosts
- "es-master:10.0.0.1"
- "es-node1:10.0.0.2"
- "es-node2:10.0.0.3"b | 创建服务挂载目录
## 创建es配置数据日志目录
mkdir /data/elasticsearch/{config,data,log} -pv
## 修改es目录权限,否则容器启动报错,es容器使用es用户启动,用户id=1000
chown 1000:1000 /data/elasticsearch/* -R
## ElasticSearch启动报错,bootstrap checks failed
## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
echo "vm.max_map_count=655360" /etc/sysctl.conf
sysctl -pc | 编辑 es.yml 配置文件
# vim /data/elasticsearch/config/es.yml
cluster.name: es-cluster-test
node.name: es-node1
node.master: false
node.data: true
network.bind_host: 0.0.0.0
network.publish_host: 10.0.0.2
http.port: 9200
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"]
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 5s
bootstrap.memory_lock: true
action.destructive_requires_name: true
cluster.initial_master_nodes: ["es-master"]d | 启动服务
# docker-compose up -d3. 部署 es-node2 节点
10.0.0.3 主机
a | 编辑 docker-compose 文件
version: '3'
services:
es-node1:
image: elasticsearch:7.16.3
container_name: es-node2
environment:
- "ES_JAVA_OPTS=-Xms4096m -Xmx4096m"
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
volumes:
- /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
- /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
- /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
ports:
- 9200:9200
- 9300:9300
extra_hosts: # 设置容器 hosts
- "es-master:10.0.0.1"
- "es-node1:10.0.0.2"
- "es-node2:10.0.0.3"b | 创建服务挂载目录
## 创建es配置数据日志目录
mkdir /data/elasticsearch/{config,data,log} -pv
## 修改es目录权限,否则容器启动报错,es容器使用es用户启动,用户id=1000
chown 1000:1000 /data/elasticsearch/* -R
## ElasticSearch启动报错,bootstrap checks failed
## max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
echo "vm.max_map_count=655360" /etc/sysctl.conf
sysctl -pc | 编辑 es.yml 配置文件
# vim /data/elasticsearch/config/es.yml
cluster.name: es-cluster-test
node.name: es-node1
node.master: false
node.data: true
network.bind_host: 0.0.0.0
network.publish_host: 10.0.0.3
http.port: 9200
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.zen.ping.unicast.hosts: ["es-master:9300", "es-node1:9300", "es-node2:9300"]
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping_timeout: 5s
bootstrap.memory_lock: true
action.destructive_requires_name: true
cluster.initial_master_nodes: ["es-master"]d | 启动服务
docker-compose up -d4. 启动 es_xpack 认证
集群认证需要首先配置秘钥才行,否则在给内置用户创建秘钥的时候将会报错
a | 生成证书
## 登陆其中一个node节点执行命令,生成完证书传到集群其他节点即可
## 两条命令均一路回车即可,不需要给秘钥再添加密码。
## 证书创建完成之后,默认在es的数据目录,这里统一cp 到宿主机目录中
docker exec -it es-mater bash
/usr/share/elasticsearch/bin/elasticsearch-certutil ca
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
mv elastic-* /usr/share/elasticsearch/data/
exit
## 复制 /data/elasticsearch/data/ 下证书到 config 目录
cd /data/elasticsearch/config/
cp /data/elasticsearch/data/elastic-* ./
chmod 644 elastic-*
chown 1000:1000 elastic*
## 复制证书文件到其他节点
scp /data/elasticsearch/config/elastic-* 10.0.0.2:/data/elasticsearch/config/
scp /data/elasticsearch/config/elastic-* 10.0.0.3:/data/elasticsearch/config/b | 新增 es.yml 配置
三台机器新增配置如下:
......
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/elastic-certificates.p12c | 修改 docker-compose.yml 文件
version: '3'
services:
es-node1:
image: elasticsearch:7.16.3
......
volumes:
- /data/elasticsearch/config/es.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
## 挂载 ssl 证书到容器中
- /data/elasticsearch/config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12:ro
- /data/elasticsearch/config/elastic-stack-ca.p12:/usr/share/elasticsearch/config/elastic-stack-ca.p12:ro
- /data/elasticsearch/data:/usr/share/elasticsearch/data:rw
- /data/elasticsearch/log:/usr/share/elasticsearch/log:rw
......d | 创建账户,并为内置账号添加密码
ES 中内置了几个管理其他集成组件的账号即:apm_system, beats_system, elastic, kibana, logstash_system, remote_monitoring_user,使用之前,首先需要添加一下密码。
# docker exec -it es-mater bash
# /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]e | 配置完毕之后,可以通过如下方式访问 es 服务:
curl -XGET -u elastic 'localhost:9200/_xpack/security/user?pretty'f | kibana 配置文件中,新增 es 账户密码
kibana.yml 文件
elasticsearch.username: "elastic"
elasticsearch.password: "123456"Last updated