Aldebaran

人生最棒的感觉,就是你做到别人说你做不到的事。

0%

Elasticsearch7集群搭建

Posted on Edited on

生田絵梨花 - 白石麻衣

前言

公司内部原先有一套年久失修的elasticsearch2.3的集群。

鉴于升级工程量过大(2.3 –> 5.3.x–>–>6.3.x–>6.5.x–> 6.x–>7.3.x–>7.5.x),因此评估决定重新搭建一套Elasticsearch7的集群。

这里选择的版本是 Elasticsearch 7.5.1。

相关配置

10.19.125.196  elasticsearch-node-01    8核/16G/300G  CentOS7
10.19.13.59    elasticsearch-node-02    8核/16G/300G  CentOS7
10.19.144.217  elasticsearch-node-03    8核/16G/300G  CentOS7

系统优化

修改/etc/hosts,将各个节点本地解析。

$ vim /etc/hosts

10.19.125.196 elasticsearch-node-01
10.19.13.59 elasticsearch-node-02
10.19.144.217 elasticsearch-node-03

修改limits.conf(这里的elasticsearch用户,后续安装rpm包的时候会自己创建)

$ vim /etc/security/limits.conf
# allow user 'elasticsearch' mlockall
elasticsearch soft memlock unlimited
elasticsearch hard memlock unlimited

设置swappiness(最好的话。还是禁用swap分区)

$ vim /etc/sysctl.conf
vm.swappiness = 1

安装

安装相关的ES包,这里以elasticsearch-7.5.1为例,其他版本类似(如果 版本小于elasticsearch7,则还需要JDK)

$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.1-x86_64.rpm

$ rpm -ivh elasticsearch-7.5.1-x86_64.rpm
$ cp -pv /etc/elasticsearch/elasticsearch.yml{,.default}

$ mkdir -pv /data/backup/elasticsearch_backup
$ mkdir -pv /data/elasticsearch/{elasticsearch_data,elasticsearch_logs}

$ chown elasticsearch:elasticsearch /data/backup/elasticsearch_backup
$ chown -R elasticsearch:elasticsearch /data/elasticsearch

elasticsearch相关文件句柄修改

$ mkdir /etc/systemd/system/elasticsearch.service.d
$ vim /etc/systemd/system/elasticsearch.service.d/override.conf
[Service]
DefaultLimitNOFILE=65536
DefaultLimitNPROC=32000
LimitMEMLOCK=infinity

开机自启动

$ systemctl daemon-reload
$ systemctl enable elasticsearch.service

配置文件

  • 参考链接:

    modules-discovery-bootstrap-cluste

    discovery-settings.html#initial_master_nodes

    modules-discovery-hosts-providers

  • 修改配置文件elasticsearch.yml

    根据自身的业务情况修改.

      $ vim /etc/elasticsearch/elasticsearch.yml
  # ---------------------------------- Cluster -----------------------------------
  cluster.name: tz_log_es
  ...
  # ------------------------------------ Node ------------------------------------
  node.name: node-1
  ...
  # ----------------------------------- Paths ------------------------------------
  path.data: /data/elasticsearch/elasticsearch_data
  path.logs: /data/elasticsearch/elasticsearch_logs
  path.repo: ["/data/backup/elasticsearch_backup"]
  ...
  # ----------------------------------- Memory -----------------------------------
  bootstrap.memory_lock: true
  ...
  # ---------------------------------- Network -----------------------------------
  network.host: 10.19.86.70
  http.port: 9200
  transport.tcp.port: 9300
  ...
  # ---------------------------------- Gateway -----------------------------------
  gateway.recover_after_nodes: 2
  ...
  # --------------------------------- Discovery ----------------------------------
  cluster.initial_master_nodes: ["elasticsearch-node-01", "elasticsearch-node-02", "elasticsearch-node-03"]
  discovery.seed_hosts: ["elasticsearch-node-01"]
  discovery.seed_providers: file

  cluster.no_master_block: write
  ...
  # ---------------------------------- Various -----------------------------------
  action.destructive_requires_name: true

  http.cors.enabled: true
  http.cors.allow-origin: "*"

  # index.refresh_interval: 1s

  # The default is 10% which is often plenty: for example, if you give the JVM 10GB of memory, it will give 1GB to the index buffer, which is enough to host two shards that are heavily indexing.
  #indices.memory.index_buffer_size: 10%

  • 添加unicast_hosts.txt文件

    需要现在elasticsearch.yml里面配置 discovery.seed_providers: file

    每当对unicast_hosts.txt文件进行更改时,Elasticsearch都会自动加载新的主机列表。

      $ vim /etc/elasticsearch/unicast_hosts.txt
  # The unicast_hosts.txt file contains the list of unicast hosts to connect to
  # for pinging during the discovery process, when using the file-based discovery
  # mechanism.  This file should contain one entry per line, where an entry is a
  # host/port combination.  The host and port should be separated by a `:`.  If
  # the port is left off, a default port of 9300 is assumed.  For example, if the
  # cluster has three nodes that participate in the discovery process:
  # (1) 66.77.88.99 running on port 9300 (2) 66.77.88.100 running on port 9305
  # and (3) 66.77.88.99 running on port 10005, then this file should contain the
  # following text:
  #
  #10.10.10.5
  #10.10.10.6:9305
  #10.10.10.5:10005
  #
  # For IPv6 addresses, make sure to put a bracket around the host part of the address,
  # for example: [2001:cdba:0000:0000:0000:0000:3257:9652]:9301 (where 9301 is the port).
  #
  # NOTE: all lines starting with a `#` are comments, and comments must exist
  # on lines of their own (i.e. comments cannot begin in the middle of a line)
  #

  elasticsearch-node-01
  elasticsearch-node-02
  elasticsearch-node-03

  • 修改jvm.options.

    按照官方建议可以分配系统内存的一半给JVM,比如系统16G分配8G。

      $ vim /etc/elasticsearch/jvm.options
  -Xms8g
  -Xmx8g

安装插件

可视化插件

  • cerebro

    相关下载链接:

      https://github.com/lmenezes/cerebro/releases
  https://github.com/lmenezes/cerebro/releases/download/v0.8.5/cerebro-0.8.5-1.noarch.rpm
  https://github.com/lmenezes/cerebro/releases/download/v0.8.5/cerebro-0.8.5.tgz

    以RPM包为例(需要事先安装好JDK)

      $ rpm -ivh cerebro-0.8.5-1.noarch.rpm
  $ vim /etc/systemd/system/multi-user.target.wants/cerebro.service
  [Unit]
  Description=Elasticsearch web admin tool
  Requires=network.target

  [Service]
  Type=simple
  WorkingDirectory=/usr/share/cerebro
  EnvironmentFile=/etc/default/cerebro
  ExecStart=/usr/share/cerebro/bin/cerebro -Dhttp.port=9000 -Dhttp.address=0.0.0.0
  ExecReload=/bin/kill -HUP $MAINPID
  Restart=always
  RestartSec=60
  SuccessExitStatus=143
  TimeoutStopSec=5
  User=cerebro

  $ systemctl daemon-reload
  $ systemctl start cerebro

  • elasticsearch-head

    相关下载链接:

    https://github.com/mobz/elasticsearch-head

    需要事先安装好nodejs,并且nodejs版本号要高于6.0

      $ git clone git://github.com/mobz/elasticsearch-head.git
  $ cd elasticsearch-head
  $ npm install
  $ npm run start

SQL插件(可选)

目前主要的sql插件/SQL API

  • elasticsearch-sql

    PS: elasticsearch7原生支持SQL API(elasticsearch-sql插件后面将不再维护。)

    下面是elasticsearch-sql的安装方法

      $ ./bin/elasticsearch-plugin install https://github.com/NLPchina/elasticsearch-sql/releases/download/7.5.1.0/elasticsearch-sql-7.5.1.0.zip

  安装完需要重启elasticsearch集群。

    安装SQL Web(elasticsearch-sql-web在elasticsearch7环境下有问题)(可选)

      $ wget https://github.com/NLPchina/elasticsearch-sql/releases/download/5.4.1.0/es-sql-site-standalone.zip
  $ unzip es-sql-site-standalone.zip
  $ cd site-server
  $ npm install express --save
  $ node node-server.js

  • OpenDistro for Elasticsearch SQL

    AWS维护的Elasticsearch SQL插件,相关的文档可查看:

    github

    for-elasticsearch-docs

    for-elasticsearch-docs/docs/sql

  • x-pack-sql

    x-pack-sql为elasticsearch官方提供的SQL API推荐。