Aldebaran

人生最棒的感觉,就是你做到别人说你做不到的事。

0%

Elasticsearch7集群搭建

生田絵梨花 - 白石麻衣

前言

公司内部原先有一套年久失修的elasticsearch2.3的集群。

鉴于升级工程量过大(2.3 –> 5.3.x–>–>6.3.x–>6.5.x–> 6.x–>7.3.x–>7.5.x),因此评估决定重新搭建一套Elasticsearch7的集群。

这里选择的版本是 Elasticsearch 7.5.1。

相关配置

10.19.125.196  elasticsearch-node-01    8核/16G/300G  CentOS7
10.19.13.59    elasticsearch-node-02    8核/16G/300G  CentOS7
10.19.144.217  elasticsearch-node-03    8核/16G/300G  CentOS7

系统优化

修改/etc/hosts,将各个节点本地解析。

$ vim /etc/hosts

10.19.125.196 elasticsearch-node-01
10.19.13.59 elasticsearch-node-02
10.19.144.217 elasticsearch-node-03

修改limits.conf(这里的elasticsearch用户,后续安装rpm包的时候会自己创建)

$ vim /etc/security/limits.conf
# allow user 'elasticsearch' mlockall
elasticsearch soft memlock unlimited
elasticsearch hard memlock unlimited

设置swappiness(最好的话。还是禁用swap分区)

$ vim /etc/sysctl.conf
vm.swappiness = 1

安装

安装相关的ES包,这里以elasticsearch-7.5.1为例,其他版本类似(如果 版本小于elasticsearch7,则还需要JDK)

$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.5.1-x86_64.rpm

$ rpm -ivh elasticsearch-7.5.1-x86_64.rpm
$ cp -pv /etc/elasticsearch/elasticsearch.yml{,.default}

$ mkdir -pv /data/backup/elasticsearch_backup
$ mkdir -pv /data/elasticsearch/{elasticsearch_data,elasticsearch_logs}

$ chown elasticsearch:elasticsearch /data/backup/elasticsearch_backup
$ chown -R elasticsearch:elasticsearch /data/elasticsearch

elasticsearch相关文件句柄修改

$ mkdir /etc/systemd/system/elasticsearch.service.d
$ vim /etc/systemd/system/elasticsearch.service.d/override.conf
[Service]
DefaultLimitNOFILE=65536
DefaultLimitNPROC=32000
LimitMEMLOCK=infinity

开机自启动

$ systemctl daemon-reload
$ systemctl enable elasticsearch.service

配置文件

  • 参考链接:

    modules-discovery-bootstrap-cluste

    discovery-settings.html#initial_master_nodes

    modules-discovery-hosts-providers

  • 修改配置文件elasticsearch.yml

    根据自身的业务情况修改.

    $ vim /etc/elasticsearch/elasticsearch.yml
    # ---------------------------------- Cluster -----------------------------------
    cluster.name: tz_log_es
    ...
    # ------------------------------------ Node ------------------------------------
    node.name: node-1
    ...
    # ----------------------------------- Paths ------------------------------------
    path.data: /data/elasticsearch/elasticsearch_data
    path.logs: /data/elasticsearch/elasticsearch_logs
    path.repo: ["/data/backup/elasticsearch_backup"]
    ...
    # ----------------------------------- Memory -----------------------------------
    bootstrap.memory_lock: true
    ...
    # ---------------------------------- Network -----------------------------------
    network.host: 10.19.86.70
    http.port: 9200
    transport.tcp.port: 9300
    ...
    # ---------------------------------- Gateway -----------------------------------
    gateway.recover_after_nodes: 2
    ...
    # --------------------------------- Discovery ----------------------------------
    cluster.initial_master_nodes: ["elasticsearch-node-01", "elasticsearch-node-02", "elasticsearch-node-03"]
    discovery.seed_hosts: ["elasticsearch-node-01"]
    discovery.seed_providers: file
    
    cluster.no_master_block: write
    ...
    # ---------------------------------- Various -----------------------------------
    action.destructive_requires_name: true
    
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    
    # index.refresh_interval: 1s
    
    # The default is 10% which is often plenty: for example, if you give the JVM 10GB of memory, it will give 1GB to the index buffer, which is enough to host two shards that are heavily indexing.
    #indices.memory.index_buffer_size: 10%
  • 添加unicast_hosts.txt文件

    需要现在elasticsearch.yml里面配置 discovery.seed_providers: file

    每当对unicast_hosts.txt文件进行更改时,Elasticsearch都会自动加载新的主机列表。

    $ vim /etc/elasticsearch/unicast_hosts.txt
    # The unicast_hosts.txt file contains the list of unicast hosts to connect to
    # for pinging during the discovery process, when using the file-based discovery
    # mechanism.  This file should contain one entry per line, where an entry is a
    # host/port combination.  The host and port should be separated by a `:`.  If
    # the port is left off, a default port of 9300 is assumed.  For example, if the
    # cluster has three nodes that participate in the discovery process:
    # (1) 66.77.88.99 running on port 9300 (2) 66.77.88.100 running on port 9305
    # and (3) 66.77.88.99 running on port 10005, then this file should contain the
    # following text:
    #
    #10.10.10.5
    #10.10.10.6:9305
    #10.10.10.5:10005
    #
    # For IPv6 addresses, make sure to put a bracket around the host part of the address,
    # for example: [2001:cdba:0000:0000:0000:0000:3257:9652]:9301 (where 9301 is the port).
    #
    # NOTE: all lines starting with a `#` are comments, and comments must exist
    # on lines of their own (i.e. comments cannot begin in the middle of a line)
    #
    
    elasticsearch-node-01
    elasticsearch-node-02
    elasticsearch-node-03
  • 修改jvm.options.

    按照官方建议可以分配系统内存的一半给JVM,比如系统16G分配8G。

    $ vim /etc/elasticsearch/jvm.options
    -Xms8g
    -Xmx8g

安装插件

可视化插件

  • cerebro

    相关下载链接:

    https://github.com/lmenezes/cerebro/releases
    https://github.com/lmenezes/cerebro/releases/download/v0.8.5/cerebro-0.8.5-1.noarch.rpm
    https://github.com/lmenezes/cerebro/releases/download/v0.8.5/cerebro-0.8.5.tgz

    以RPM包为例(需要事先安装好JDK)

    $ rpm -ivh cerebro-0.8.5-1.noarch.rpm
    $ vim /etc/systemd/system/multi-user.target.wants/cerebro.service
    [Unit]
    Description=Elasticsearch web admin tool
    Requires=network.target
    
    [Service]
    Type=simple
    WorkingDirectory=/usr/share/cerebro
    EnvironmentFile=/etc/default/cerebro
    ExecStart=/usr/share/cerebro/bin/cerebro -Dhttp.port=9000 -Dhttp.address=0.0.0.0
    ExecReload=/bin/kill -HUP $MAINPID
    Restart=always
    RestartSec=60
    SuccessExitStatus=143
    TimeoutStopSec=5
    User=cerebro
    
    $ systemctl daemon-reload
    $ systemctl start cerebro
  • elasticsearch-head

    相关下载链接:

    https://github.com/mobz/elasticsearch-head

    需要事先安装好nodejs,并且nodejs版本号要高于6.0

    $ git clone git://github.com/mobz/elasticsearch-head.git
    $ cd elasticsearch-head
    $ npm install
    $ npm run start

SQL插件(可选)

目前主要的sql插件/SQL API

  • elasticsearch-sql

    PS: elasticsearch7原生支持SQL API(elasticsearch-sql插件后面将不再维护。)

    下面是elasticsearch-sql的安装方法

    $ ./bin/elasticsearch-plugin install https://github.com/NLPchina/elasticsearch-sql/releases/download/7.5.1.0/elasticsearch-sql-7.5.1.0.zip
    
    安装完需要重启elasticsearch集群。

    安装SQL Web(elasticsearch-sql-web在elasticsearch7环境下有问题)(可选)

    $ wget https://github.com/NLPchina/elasticsearch-sql/releases/download/5.4.1.0/es-sql-site-standalone.zip
    $ unzip es-sql-site-standalone.zip
    $ cd site-server
    $ npm install express --save
    $ node node-server.js
  • OpenDistro for Elasticsearch SQL

    AWS维护的Elasticsearch SQL插件,相关的文档可查看:

    github

    for-elasticsearch-docs

    for-elasticsearch-docs/docs/sql

  • x-pack-sql

    x-pack-sql为elasticsearch官方提供的SQL API推荐。