生产环境elasticsearch5.0.1和6.3.2集群的部署配置详解
线上环境elasticsearch5.0.1集群的配置部署
es集群的规划:
硬件:
7台8核、64G内存、2T ssd硬盘加1台8核16G的阿里云服务器
其中一台作为kibana+kafka连接查询的服务器
其他6台都作为node和master两种角色
操作系统:centos7.2 x86_64
为方便磁盘扩容建议将磁盘进行lvm逻辑卷配置,可以参考:
aliyun添加数据盘后的物理分区和lvm逻辑卷两种挂载方式
http://blog.csdn.net/reblue520/article/details/54174178
1.安装jdk1.8和elasticsearch5.0.1
rpm -ivh jdk-8u111-linux-x64.rpm
tar -zxvf elasticsearch-5.0.1.tar.gz
2.添加yunva这个运行elasticsearch的用户(es必须使用非root用户启动)
useradd yunva -d /home/yunva
echo 'pass'|passwd --stdin yunva
chown -R yunva.yunva /data
修改默认端口
sed -i 's/#Port 22/Port 2222/' /etc/ssh/sshd_config
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
service sshd restart
3.针对es做的一些系统的优化配置
swapoff -a
echo "fs.file-max = 1000000" >> /etc/sysctl.conf
echo "vm.max_map_count=262144" >> /etc/sysctl.conf
echo "vm.swappiness = 1" >> /etc/sysctl.conf
sysctl -p
sed -i 's/* soft nofile 65535/* soft nofile 655350/g' /etc/security/limits.conf
sed -i 's/* hard nofile 65535/* hard nofile 655350/g' /etc/security/limits.conf
将java_home加入环境变量
cat >> /etc/profile <<EOF
export JAVA_HOME=/usr/java/jdk1.8.0_111
export PATH=\$JAVA_HOME/bin:\$PATH
EOF
source /etc/profile
4.es内存调整配置文件(建议配置为物理内存的一半或者更多最好不要超过32G,超过了也可能不会增强性能):
/data/elasticsearch-5.0.1/config/jvm.options
sed -i 's/-Xms2g/-Xms32g/' /data/elasticsearch-5.0.1/config/jvm.options
sed -i 's/-Xmx2g/-Xmx32g/' /data/elasticsearch-5.0.1/config/jvm.options
echo "-Xss256k" >>/data/elasticsearch-5.0.1/config/jvm.options
sed -i 's/-XX:+UseConcMarkSweepGC/-XX:+UseG1GC/' /data/elasticsearch-5.0.1/config/jvm.options
5.集群的主要配置文件
修改elasticsearch的参数
vim /etc/elasticsearch/elasticsearch.yml(rpm安装方式的配置文件位置)
vim /data/elasticsearch-5.0.1/config/elasticsearch.yml
es节点的配置:
# 节点名
cluster.name: yunva-es
# 集群的名称,可以不写
discovery.zen.ping.unicast.hosts: ["node-1","yunva_etl_es2", "yunva_etl_es3","yunva_etl_es4","yunva_etl_es5","yunva_etl_es6","yunva_etl_es7"]
node.name: yunva_etl_es6
node.master: true
node.data: true
path.data: /data/es/data
path.logs: /data/es/logs
action.auto_create_index: false
indices.fielddata.cache.size: 12g
bootstrap.memory_lock: false
# 内网地址,可以加快速度
network.host: 192.168.1.10
http.port: 9200
# 增加新的参数head插件可以访问es
http.cors.enabled: true
http.cors.allow-origin: "*"
gateway.recover_after_time: 8m
gateway.expected_nodes: 3
cluster.routing.allocation.node_initial_primaries_recoveries: 8
# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 180s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 120s
针对kibana的es配置(非node和master节点)
# cat /etc/elasticsearch/elasticsearch.yml
cluster.name: yunva-es
node.name: yunva_etl_es1
node.master: false
node.data: false
node.ingest: false
action.auto_create_index: false
path.data: /data/es/data
path.logs: /data/es/logs
bootstrap.memory_lock: false
network.host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "*"
# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费
discovery.zen.fd.ping_timeout: 180s
discovery.zen.fd.ping_retries: 8
discovery.zen.fd.ping_interval: 30s
discovery.zen.ping_timeout: 120s
注意修改配置文件vim /etc/hosts 列出集群节点名称和对应ip地址的对应关系(有内网dns并且配置的就不需要再次配置了)
echo "10.28.50.131 node-1" >> /etc/hosts
echo "10.26.241.239 yunva_etl_es3" >> /etc/hosts
echo "10.25.135.215 yunva_etl_es2" >> /etc/hosts
echo "10.26.241.237 yunva_etl_es4" >> /etc/hosts
echo "10.27.78.228 yunva_etl_es5" >> /etc/hosts
echo "10.27.65.121 yunva_etl_es6" >> /etc/hosts
echo "10.27.35.94 yunva_etl_es7" >> /etc/hosts
6.创建日志和数据存放目录
mkdir -p /data/es/data
mkdir /data/es/logs
chown -R yunva.yunva /data
7.启动es服务:
# su - yunva
[yunva]$ cd /data/elasticsearch-5.0.1/bin/
./elasticsearch &
8.检查单台服务是否正常:
$ curl http://ip:9200/
{
"name" : "yunva_etl_es5",
"cluster_name" : "yunva-es",
"cluster_uuid" : "2shAg8u3SjCRNJ4mEUBzBQ",
"version" : {
"number" : "5.0.1",
"build_hash" : "080bb47",
"build_date" : "2016-11-11T22:08:49.812Z",
"build_snapshot" : false,
"lucene_version" : "6.2.1"
},
"tagline" : "You Know, for Search"
}
# 查看集群状态
$ curl http://ip:9200/_cluster/health/?pretty
{
"cluster_name" : "yunva-es",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 5,
"number_of_data_nodes" : 4,
"active_primary_shards" : 66,
"active_shards" : 132,
"relocating_shards" : 2,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}
然后将配置好的es程序拷贝到其他服务器中,注意修改以下内容(network.host为内网地址,速度更快,节省互相复制、分片的时候处理带宽):
1.elasticsearch.yml文件的配置修改
node.name: 节点名称
network.host: es节点的内网IP地址
2./etc/hosts文件中内网ip和node.name的对应关系
后续添加对集群服务的监控,可以参考:
elasticsearch6.0的安装
一、确定服务器配置,新建硬件资源需要配置es集群作为热数据,数据量不大,两台8核16G,200G磁盘的服务器做es集群即可二、初始化系统1、关闭firewall,并安装iptables服务 systemctl stop firewalld.service #停止firewallsystemctl disable firewalld.service #禁止firewall开机启动yum install iptables-services -y# 添加防火墙规则 vim /usr/local/worksh/FireWall.sh#!/bin/bash iptables -A INPUT -p udp --dport 1701 -j ACCEPT ################################################################ ### Required modules /sbin/modprobe ip_tables /sbin/modprobe ip_conntrack /sbin/modprobe iptable_mangle /sbin/modprobe iptable_nat /sbin/modprobe ipt_LOG /sbin/modprobe ipt_limit /sbin/modprobe ipt_state /sbin/modprobe ip_conntrack_ftp /sbin/modprobe ip_nat_ftp /sbin/modprobe ipt_owner /sbin/modprobe ipt_REJECT### Clean Rules iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -t nat -P OUTPUT ACCEPT iptables -t mangle -P PREROUTING ACCEPT iptables -t mangle -P OUTPUT ACCEPT iptables -F iptables -t nat -F #iptables -t mangle -F iptables -X iptables -t nat -X #iptables -t mangle -X### Drop all pocket,first iptables -P INPUT DROP #iptables -P OUTPUT DROP iptables -P FORWARD DROP### Create New chains iptables -N bad_tcp_packets #iptables -N allowed iptables -N icmp_packets### Bad_tcp_packets chain /sbin/iptables -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags ALL ALL -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags ALL NONE -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags SYN,RST SYN,RST -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags FIN,RST FIN,RST -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags ACK,FIN FIN -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags ACK,PSH PSH -j DROP /sbin/iptables -A bad_tcp_packets -p tcp --tcp-flags ACK,URG URG -j DROP### ICMP Rules iptables -A icmp_packets -p icmp --icmp-type 8 -j ACCEPT iptables -A icmp_packets -p icmp --icmp-type 11 -j ACCEPT #iptables -A icmp_packets -p icmp -j DROP##keepalived iptables -A INPUT -i eth1 -p vrrp -s 63.159.217.139 -j ACCEPT### LookBack and Private interface iptables -A INPUT -p ALL -i lo -j ACCEPT iptables -A INPUT -p ALL -i eth0 -j ACCEPT### INPUT chain iptables -A INPUT -p tcp -j bad_tcp_packets iptables -A INPUT -p icmp -j icmp_packets iptables -A INPUT -p ALL -m state --state ESTABLISHED,RELATED -j ACCEPT### 5666 EOP iptables -A INPUT -p tcp -i eth1 --dport 5666 -s 47.91.75.80 -j ACCEPT##rep iptables -A INPUT -p tcp -i eth1 --dport 3306 -s 47.91.90.28 -j ACCEPT# Count Limit #iptables -A INPUT -m limit --limit 3/minute --limit-burst 3 -j LOG --log-level INFO --log-prefix "IPT INPUT PACKET DIED:" ############################################################ iptables -I INPUT -p udp --dport 1701 -j ACCEPT### Open Ports Public_access="80 443 8080" Server_access="20 21 873 3306 2008 8899 9200 9300" Company_access="20 21 873 9200 9300 9100" aliyun_access="3306" ### Allow IpsServers_ip="192.168.254.0/24" Company_ip="1.1.1.1" aliyun_ip="2.2.2.2" Eus_server_ip="3.3.3.3"### Public access Rules for port in $Public_access doiptables -A INPUT -p tcp -i eth1 --dport $port -j ACCEPT done### Servers access Rules for port in $Server_access dofor ip in $Servers_ipdoiptables -A INPUT -p tcp -i eth1 --dport $port -s $ip -j ACCEPTdone done### Eus_server access Rules for port in $Server_access dofor ip in $Eus_server_ipdoiptables -A INPUT -p tcp -i eth1 --dport $port -s $ip -j ACCEPTdone done### Company access Rules for port in $Company_access dofor ip in $Company_ipdoiptables -A INPUT -p tcp -i eth1 --dport $port -s $ip -j ACCEPTdone done# chmod +x /usr/local/worksh/FireWall.sh # sh -x /usr/local/worksh/FireWall.sh# 开机运行防火墙规则 [root@cms_elasticsearch01 elasticsearch-head]# tail -n 1 /etc/rc.local /usr/local/worksh/FireWall.sh*********************# centos7设置洛杉矶时间timedatectl set-timezone America/Los_Angeles# 修改文件句柄 sed -i 's#root soft nofile 65535#root soft nofile 655350#g' /etc/security/limits.conf sed -i 's#root hard nofile 65535#root hard nofile 655350#g' /etc/security/limits.conf sed -i 's#* soft nofile 65535#* soft nofile 655350#g' /etc/security/limits.conf sed -i 's#* hard nofile 65535#* hard nofile 655350#g' /etc/security/limits.conf sed -i 's#* soft nproc 4096##g' /etc/security/limits.d/20-nproc.conf# 最终效果 root soft nofile 655350 root hard nofile 655350 * soft nofile 655350 * hard nofile 655350# 安装依赖 yum install -y gcc gcc-c++ htop telnet iotop iptraf iftop make logrotate xinetd ntsysv sysstat perl autoconf libjpeg libjpeg-devel libpng libpng-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel libxml2 libxml2-devel libxslt-devel libevent-devel libtool libtool-ltdl bison ntpdate patch vim wget openssh-clients bind-utils# 系统升级到最新 yum update -y# 安装jdk1.8_181rpm -ivh jdk-8u181-linux-x64.rpm # vim /etc/profile export JAVA_HOME=/usr/java/jdk1.8.0_181-amd64 export PATH=$JAVA_HOME/bin:$PATH4.添加运行elasticsearch的普通用户 ##### 安装elasticsearchelasticsearch wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.3.2.tar.gz tar -zxf elasticsearch-6.3.2.tar.gz#### 创建elasticsearch的普通账号 groupadd elasticsearch useradd elasticsearch -g elasticsearch chown -R elasticsearch.elasticsearch /data chown -R elasticsearch.elasticsearch /usr/local/elasticsearch-6.3.2/# 一些优化配置 swapoff -aecho "fs.file-max = 1000000" >> /etc/sysctl.conf echo "vm.max_map_count=262144" >> /etc/sysctl.conf echo "vm.swappiness = 1" >> /etc/sysctl.conf # 让配置生效 sysctl -p# 创建数据和日志目录 mkdir -p /data/es/data mkdir -p /data/es/logses节点的配置:主节点 master 配置: [root@cms_elasticsearch01 config]# cat elasticsearch.yml # 节点名 cluster.name: cms-uat-es # 集群的名称,可以不写 discovery.zen.ping.unicast.hosts: ["cms_elasticsearch01","cms_elasticsearch02"] node.name: cms_elasticsearch01 node.master: true node.data: true path.data: /data/es/data path.logs: /data/es/logs #action.auto_create_index: false indices.fielddata.cache.size: 1g # 内网地址,可以加快速度 #network.host: 192.168.254.36 network.host: 0.0.0.0 http.port: 9200 # 增加新的参数head插件可以访问es http.cors.enabled: true http.cors.allow-origin: "*"gateway.recover_after_time: 8m# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费 discovery.zen.fd.ping_timeout: 300s discovery.zen.fd.ping_retries: 8 discovery.zen.fd.ping_interval: 30s discovery.zen.ping_timeout: 180s数据节点配置 [root@cms_elasticsearch02 ~]# cat /usr/local/elasticsearch-6.3.2/config/elasticsearch.yml # 节点名 cluster.name: cms-uat-es # 集群的名称,可以不写 discovery.zen.ping.unicast.hosts: ["cms_elasticsearch01","cms_elasticsearch02"] node.name: cms_elasticsearch02 node.master: false node.data: true path.data: /data/es/data path.logs: /data/es/logs #action.auto_create_index: false indices.fielddata.cache.size: 1g bootstrap.memory_lock: false # 内网地址,可以加快速度 #network.host: 192.168.254.37 network.host: 0.0.0.0 http.port: 9200 # 增加新的参数head插件可以访问es http.cors.enabled: true http.cors.allow-origin: "*"gateway.recover_after_time: 8m# 以下配置可以减少当es节点短时间宕机或重启时shards重新分布带来的磁盘io读写浪费 discovery.zen.fd.ping_timeout: 300s discovery.zen.fd.ping_retries: 8 discovery.zen.fd.ping_interval: 30s discovery.zen.ping_timeout: 180s# 修改hosts文件 echo "192.168.254.36 cms_elasticsearch01" >> /etc/hosts echo "192.168.254.37 cms_elasticsearch02" >> /etc/hosts# 启动程序 su elasticsearch -c "cd /usr/local/elasticsearch-6.3.2 && bin/elasticsearch -d"三、添加zabbix监控 硬件资源的监控 es的监控# 集群状态监控脚本 UserParameter=es_status,curl -sXGET http://192.168.254.37:9200/_cluster/health/?pretty | grep "status"|awk -F '[ "]+' '{print $4}'|grep -c 'green' # 如果出现错误的监控 UserParameter=es_debug,sudo /bin/find /usr/local/elasticsearch-6.3.2 -name hs_err_pid*.log -o -name java_pid*.hprof|wc -l# 监控触发自动启动elasticsearch脚本:# vim /usr/local/zabbix_agents_3.2.0/scripts/start_es.sh#!/bin/bash # if elasticsearch process exists kill it source /etc/profilecount_es=`ps -ef|grep elasticsearch|grep -v grep|wc -l` if [ $count_es -ge 1 ];then ps -ef|grep elasticsearch|grep -v grep|/bin/kill `awk '{print $2}'` fi rm -f /usr/local/elasticsearch-6.3.2/bin/java_pid*.hprof # start it su elasticsearch -c "cd /usr/local/elasticsearch-6.3.2 && bin/elasticsearch -d"# chmod +x /usr/local/zabbix_agents_3.2.0/scripts/start_es.sh########################################## 安装head插件 # yum install -y epel-release # yum install -y nodejs[root@cms_elasticsearch01 elasticsearch-head]# npm install -g cnpm --registry=https://registry.npm.taobao.org npm WARN deprecated socks@1.1.10: If using 2.x branch, please upgrade to at least 2.1.6 to avoid a serious bug with socket data flow and an import issue introduced in 2.1.0 /usr/bin/cnpm -> /usr/lib/node_modules/cnpm/bin/cnpm /usr/lib └─┬ cnpm@6.0.0 ├── auto-correct@1.0.0 ├── bagpipe@0.3.5 [root@cms_elasticsearch01 elasticsearch-head]# npm install -g grunt /usr/bin/grunt -> /usr/lib/node_modules/grunt/bin/grunt /usr/lib └─┬ grunt@1.0.3 [root@cms_elasticsearch01 elasticsearch-head]# npm install -g grunt-cli --registry=https://registry.npm.taobao.org --no-proxy /usr/bin/grunt -> /usr/lib/node_modules/grunt-cli/bin/grunt /usr/lib └─┬ grunt-cli@1.3.1[root@cms_elasticsearch01 elasticsearch-head]# grunt -version grunt-cli v1.3.1(6)下载依赖 进入elasticsearch-head-master目录,执行下面命令 [root@cms_elasticsearch01 elasticsearch-head]# npm install(7)修改配置,当有外网和内网IP的时候需要修改配置elasticsearch-head/Gruntfile.js 文件connect: {server: {options: {hostname: '*',port: 9100,base: '.',keepalive: true# 修改 elasticsearch-head/_site/app.js 将localhost修改为本机外网ip地址 this.base_uri = this.config.base_uri || this.prefs.get("app-base_uri") || "http://70.39.189.23:9200";# 防火墙要互相放行 # 启动head插件 su elasticsearch -c "cd /usr/local/elasticsearch-head && nohup npm run start >> /usr/local/elasticsearch-head/logs/npm-start.log 2>&1 &"# chown -R elasticsearch.elasticsearch /usr/local/elasticsearch-head/# 启动head插件脚本#!/bin/sh # stop elasticsearch master function function stopelkmaster() {count=`ps -ef | grep -v grep |grep grunt | wc -l`if [ $count -gt 0 ];thenfor i in `ps -ef | grep -v grep |grep grunt|awk '{print $2}'`do#echo "is exists:"kill -9 $idonefi }# start elasticsearch master function function startelkmaster() {count=`ps -ef | grep -v grep |grep grunt | wc -l`if [ $count -gt 0 ];thenfor i in `ps -ef | grep -v grep |grep grunt|awk '{print $2}'`dokill -9 $idonesleep 1cd /opt/elasticsearch-headsu elasticsearch -c "cd /usr/local/elasticsearch-head && nohup npm run start >> /usr/local/elasticsearch-head/logs/npm-start.log 2>&1 &"elsecd /opt/elasticsearch-headsu elasticsearch -c "cd /usr/local/elasticsearch-head && nohup npm run start >> /usr/local/elasticsearch-head/logs/npm-start.log 2>&1 &"fi } isExistsElk=`ps -ef | grep -v grep |grep grunt | wc -l` if [ $isExistsElk -eq 0 ] then#echo "start process....."startelkmaster elif [ $isExistsElk -gt 0 ] thenstopelkmastersleep 1startelkmaster elseecho "error!" fi
转载于:https://www.cnblogs.com/reblue520/p/6284395.html
总结
以上是生活随笔为你收集整理的生产环境elasticsearch5.0.1和6.3.2集群的部署配置详解的全部内容,希望文章能够帮你解决所遇到的问题。
- 上一篇: Flow - JS静态类型检查工具
- 下一篇: Mac下一台电脑管理多个SSH KEY(