Elasticsearch7.6 集群部署、集群認證及使用、數據備份
- 2020 年 9 月 1 日
- 筆記
- 【ElasticSearch】
window 環境部署集群
注意:window下載解壓elasticsearch一定需要解壓多次。例如搭建的3節點的,需要解壓3次,防止生成 cluster UUID 一致導致只能看到一個節點
1、elasticsearch.yml配置:
node.name區別:elastic_node1、 elastic_node2、 elastic_node3
cluster.name: elastic_cluster node.name: elastic_node1 node.master: true node.data: true #path.data: /usr/local/elastic_node1/data #path.logs: /usr/local/elastic_node1/logs bootstrap.memory_lock: true network.host: 0.0.0.0 network.tcp.no_delay: true network.tcp.keep_alive: true network.tcp.reuse_address: true network.tcp.send_buffer_size: 256mb network.tcp.receive_buffer_size: 256mb transport.tcp.port: 9301 transport.tcp.compress: true http.max_content_length: 200mb http.cors.enabled: true http.cors.allow-origin: "*" http.port: 9201 discovery.seed_hosts: ["127.0.0.1:9301","127.0.0.1:9302","127.0.0.1:9303"] cluster.initial_master_nodes: ["127.0.0.1:9301","127.0.0.1:9302","127.0.0.1:9303"] cluster.fault_detection.leader_check.interval: 15s discovery.cluster_formation_warning_timeout: 30s cluster.join.timeout: 30s cluster.publish.timeout: 90s cluster.routing.allocation.cluster_concurrent_rebalance: 16 cluster.routing.allocation.node_concurrent_recoveries: 16 cluster.routing.allocation.node_initial_primaries_recoveries: 16
2、依次運行生成集群
瀏覽器打開://127.0.0.1:9201/_cat/nodes?v
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name 127.0.0.1 19 64 37 dilm - elastic_node3 127.0.0.1 13 64 47 dilm - elastic_node1 127.0.0.1 22 64 50 dilm * elastic_node2
3、生成證書
es集群通過證書來安全的組成集群
- 運行
bin/elasticsearch-certutil cert
注意: 密碼後面需要單獨設置,這裡是集群安全認證,建議密碼不設置,成功後生成的證書默認在es的config目錄裡面 elastic-certificates.p12;分別copy一份到其他節點的config裡面(默認目錄)
在elasticsearch.yml配置添加
xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
4、給認證的集群創建用戶密碼
bin/elasticsearch-setup-passwords interactive
- elastic 帳號:擁有 superuser 角色,是內置的超級用戶。
- kibana 帳號:擁有 kibana_system 角色,用戶 kibana 用來連接 elasticsearch 並與之通訊。Kibana 伺服器以該用戶身份提交請求以訪問集群監視 API 和 .kibana 索引。不能訪問 index。
- logstash_system 帳號:擁有 logstash_system 角色。用戶 Logstash 在 Elasticsearch 中存儲監控資訊時使用。
- beats_system帳號:擁有 beats_system 角色。用戶 Beats 在 Elasticsearch 中存儲監控資訊時使用。
5、配置kibana認證
elasticsearch.username: "kibana" elasticsearch.password: "123456"
- 完整的elasticsearch.yml配置,注意不同節點node.name區別
cluster.name: elastic_cluster node.name: elastic_node1 node.master: true node.data: true #path.data: /usr/local/elastic_node1/data #path.logs: /usr/local/elastic_node1/logs bootstrap.memory_lock: true network.host: 0.0.0.0 network.tcp.no_delay: true network.tcp.keep_alive: true network.tcp.reuse_address: true network.tcp.send_buffer_size: 256mb network.tcp.receive_buffer_size: 256mb transport.tcp.port: 9302 transport.tcp.compress: true http.max_content_length: 200mb http.cors.enabled: true http.cors.allow-origin: "*" http.port: 9202 discovery.seed_hosts: ["127.0.0.1:9301","127.0.0.1:9302","127.0.0.1:9303"] cluster.initial_master_nodes: ["127.0.0.1:9301","127.0.0.1:9302","127.0.0.1:9303"] cluster.fault_detection.leader_check.interval: 15s discovery.cluster_formation_warning_timeout: 30s cluster.join.timeout: 30s cluster.publish.timeout: 90s cluster.routing.allocation.cluster_concurrent_rebalance: 16 cluster.routing.allocation.node_concurrent_recoveries: 16 cluster.routing.allocation.node_initial_primaries_recoveries: 16 xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
centos(docker-compose) 環境部署集群
1、docker-compose.yml配置
version: '2.2' services: es01: image: elasticsearch:7.6.0 container_name: es01 environment: - node.name=es01 - cluster.name=es-docker-cluster - discovery.seed_hosts=192.168.43.128:9300 - cluster.initial_master_nodes=es01,192.168.43.128:9300 - cluster.fault_detection.leader_check.interval=15s - bootstrap.memory_lock=true - http.cors.enabled=true - http.cors.allow-origin=* - network.host=0.0.0.0 - network.publish_host=192.168.43.129 - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - "ES_JAVA_OPTS=-Xms256m -Xmx256m" ulimits: memlock: soft: -1 hard: -1 volumes: - ./mnt/data:/usr/share/elasticsearch/data - ./mnt/logs:/usr/share/elasticsearch/logs ports: - 9200:9200 - 9300:9300 networks: - elastic cerebro: image: lmenezes/cerebro:0.8.3 container_name: cerebro ports: - "9000:9000" command: - -Dhosts.0.host=http://es01:9200 networks: - elastic volumes: mnt: driver: local networks: elastic: driver: bridge
許可權問題執行 chmod -R 777 mnt/*
2、生成證書文件創建密碼
- 進入容器 docker exec -it 5144d3b1dd56 /bin/bash
- 生成證書 bin/elasticsearch-certutil cert
- 複製證書並cp到其他節點 docker cp 09f57b6067e0:/usr/share/elasticsearch/elastic-certificates.p12 .
3、修改配置&&動態添加測試
version: '2.2' services: es01: image: elasticsearch:7.6.0 container_name: es01 environment: - node.name=es01 - cluster.name=es-docker-cluster - discovery.seed_hosts=192.168.43.128:9300 - cluster.initial_master_nodes=es01,192.168.43.128:9300 - cluster.fault_detection.leader_check.interval=15s - bootstrap.memory_lock=true - http.cors.enabled=true - http.cors.allow-origin=* - network.host=0.0.0.0 - network.publish_host=192.168.43.129 - xpack.security.enabled=true - xpack.security.transport.ssl.enabled=true - xpack.license.self_generated.type=basic - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - "ES_JAVA_OPTS=-Xms256m -Xmx256m" ulimits: memlock: soft: -1 hard: -1 volumes: - ./mnt/data:/usr/share/elasticsearch/data - ./mnt/logs:/usr/share/elasticsearch/logs - ./mnt/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 ports: - 9200:9200 - 9300:9300 networks: - elastic cerebro: image: lmenezes/cerebro:0.8.3 container_name: cerebro ports: - "9000:9000" command: - -Dhosts.0.host=http://es01:9200 networks: - elastic volumes: mnt: driver: local networks: elastic: driver: bridge
注意證書的位置,給許可權 chmod -R 777 mnt/*
- 設置密碼(建議進入主節點容器中) bin/elasticsearch-setup-passwords interactive -u ‘//es01:9200′
- 通用配置與window類似
springboot使用測試
1、引入pom
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>7.6.0</version>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>elasticsearch-rest-client</artifactId>
<version>7.6.0</version>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>elasticsearch-rest-high-level-client</artifactId>
<version>7.6.0</version>
</dependency>
2、 程式碼
- EsConfiguration.class
/** * @author hdy */ @Configuration public class EsConfiguration { /** * 集群地址 */ private static String hosts = "192.168.43.128"; private static String hosts1 = "192.168.43.129"; private static String hosts2 = "192.168.43.130"; /** * 使用的埠號 */ private static int port = 9200; /** * // 使用的協議 */ private static String schema = "http"; private static ArrayList<HttpHost> hostList = null; /** * 連接超時時間 */ private static int connectTimeOut = 1000; /** * 連接超時時間 */ private static int socketTimeOut = 30000; /** * 獲取連接的超時時間 */ private static int connectionRequestTimeOut = 500; /** * 最大連接數 */ private static int maxConnectNum = 100; /** * 最大路由連接數 */ private static int maxConnectPerRoute = 100; private RestClientBuilder builder; private final CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); static { hostList = new ArrayList<>(); hostList.add(new HttpHost(hosts, port, schema)); hostList.add(new HttpHost(hosts1, port, schema)); hostList.add(new HttpHost(hosts2, port, schema)); } @Bean("restHighLevelClient") public RestHighLevelClient client() { builder = RestClient.builder(hostList.toArray(new HttpHost[0])); setConnectTimeOutConfig(); setMutiConnectConfig(); return new RestHighLevelClient(builder); } /** * 非同步httpclient的連接延時配置 */ private void setConnectTimeOutConfig() { builder.setRequestConfigCallback(requestConfigBuilder -> { requestConfigBuilder.setConnectTimeout(connectTimeOut); requestConfigBuilder.setSocketTimeout(socketTimeOut); requestConfigBuilder.setConnectionRequestTimeout(connectionRequestTimeOut); return requestConfigBuilder; }); } /** * 非同步httpclient的連接數配置 */ private void setMutiConnectConfig() { credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic", "123456")); builder.setHttpClientConfigCallback(httpClientBuilder -> { httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider); httpClientBuilder.setMaxConnTotal(maxConnectNum); httpClientBuilder.setMaxConnPerRoute(maxConnectPerRoute); return httpClientBuilder; }); } }
View Code
- ElasticsearchApplicationTests.class
@Log4j2 @RunWith(SpringRunner.class) @SpringBootTest public class ElasticsearchApplicationTests { @Autowired RestHighLevelClient restHighLevelClient; @Test public void contextLoads() { for (int i = 1000000; i >= 0; i--) { Map<String, Object> jsonMap = new HashMap<>(); jsonMap.put("name", "測試" + i); jsonMap.put("age", "" + i); jsonMap.put("des", "啦啦啦啦啦啦啦啦啦啦啦啦啦啦啦啦啦啦啦啦拉了拉"); jsonMap.put("des1", "des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1des1"); jsonMap.put("des2", "des2des2des2des2des2des2des2des2des2des2des2des2des2des2des2des2des2des2"); jsonMap.put("des3", "des3des3des3des3des3des3des3des3des3des3des3des3des3des3des3des3des3des3"); jsonMap.put("des4", "des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4des4"); jsonMap.put("postDate", new Date()); jsonMap.put("message", "trying out Elasticsearch"); IndexRequest indexRequest = new IndexRequest("test").id("" + i).source(jsonMap); try { IndexResponse response = null; try { response = restHighLevelClient.index(indexRequest, RequestOptions.DEFAULT); } catch (IOException e) { e.printStackTrace(); } log.info(response.toString()); } catch (ElasticsearchException e) { if (e.status() == RestStatus.CONFLICT) { System.out.println("e = " + e); } } } GetRequest getRequest = new GetRequest("posts", "2"); GetResponse response = null; try { response = restHighLevelClient.get(getRequest, RequestOptions.DEFAULT); log.info(response.toString()); } catch (IOException e) { e.printStackTrace(); } } }
View Code
-
錯誤資訊,少引入elasticsearch-rest-client pom包
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'restHighLevelClient' defined in class path resource [com/dy/client/EsConfiguration.class]: Post-processing of merged bean definition failed; nested exception is java.lang.IllegalStateException: Failed to introspect Class [org.elasticsearch.client.RestHighLevelClient] from ClassLoader [sun.misc.Launcher$AppClassLoader@18b4aac2] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:570) ~[spring-beans-5.1.13.RELEASE.jar:5.1.13.RELEASE] at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242) [junit-rt.jar:na] at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70) [junit-rt.jar:na] Caused by: java.lang.IllegalStateException: Failed to introspect Class [org.elasticsearch.client.RestHighLevelClient] from ClassLoader [sun.misc.Launcher$AppClassLoader@18b4aac2] at org.springframework.util.ReflectionUtils.getDeclaredMethods(ReflectionUtils.java:507) ~[spring-core-5.1.13.RELEASE.jar:5.1.13.RELEASE] ... 38 common frames omitted Caused by: java.lang.NoClassDefFoundError: org/elasticsearch/client/Cancellable at java.lang.Class.getDeclaredMethods0(Native Method) ~[na:1.8.0_191] at org.springframework.util.ReflectionUtils.getDeclaredMethods(ReflectionUtils.java:489) ~[spring-core-5.1.13.RELEASE.jar:5.1.13.RELEASE] ... 45 common frames omitted Caused by: java.lang.ClassNotFoundException: org.elasticsearch.client.Cancellable at java.net.URLClassLoader.findClass(URLClassLoader.java:382) ~[na:1.8.0_191] at java.lang.ClassLoader.loadClass(ClassLoader.java:357) ~[na:1.8.0_191] ... 49 common frames omitted
View Code
ElasticSearch 6.x數據遷移ElasticSearch7.4
- 安裝nodejs
yum install nodejs -y --registry=https://registry.npm.taobao.org
- 安裝elasticdump
npm install elasticdump -g
- 升級nodejs
npm install -g n n latest -
mapping拷貝(建議手動拷貝)
elasticdump --input=http://127.0.0.1:9200/index(修改為真實的索引名稱) --output=//10.0.1.236:9200/index --type=mapping(修改為真實的索引名稱與需要導入的IP)
- data拷貝
# 創建認證文件 cat > authFile <<EOF user=elastic password=xxxxxx EOF # dump數據 elasticdump --input=http://192.168.0.110:9200/test-20200510 --output=//192.168.0.215:9201/test-20200510 --type=data --limit=100000 --httpAuthFile=authFile
