TKE1.20.6搭建elasticsearch on kubernetes

对你无可奈何 2023-01-02 云技术社区 488 阅读

背景:

昨天刚开通了TKE1.20.6版本,想体验下elasticsearch 环境搭建到集群上,基本参照Kuberentes 1.20.5搭建eck。当然了版本还是有区别的当时安装的时候eck版本是1.5。现在貌似是1.6了?参见官方文档:https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-deploy-eck.html

image.png

1. 在kubernete集群中部署ECK

1. 安装自定义资源定义和操作员及其RBAC规则:

  • kubectl apply -f https://download.elastic.co/downloads/eck/1.6.0/all-in-one.yaml
image.png

2. 监视操作日志:

  • kubectl -n elastic-system logs -f statefulset.apps/elastic-operator
image.png

2. 部署elasticsearch集群

1. 定制化elasticsearch 镜像

image.png

最新的版本 7.13.3了image标签 定制化一下:

  • FROM docker.elastic.co/elasticsearch/elasticsearch:7.13.3

  • ARG ACCESS_KEY=XXXXXXXXX

  • ARG SECRET_KEY=XXXXXXX

  • ARG ENDPOINT=cos.ap-shanghai.myqcloud.com

  • ARG ES_VERSION=7.13.3

  • 

  • ARG PACKAGES="net-tools lsof"

  • ENV allow_insecure_settings 'true'

  • RUN rm -rf /etc/localtime && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

  • 

  • RUN echo 'Asia/Shanghai' > /etc/timezone

  • RUN  if [ -n "${PACKAGES}" ]; then  yum install -y $PACKAGES && yum clean all && rm -rf /var/cache/yum; fi

  • RUN \\

  •      /usr/share/elasticsearch/bin/elasticsearch-plugin install --batch repository-s3 && \\

  •     /usr/share/elasticsearch/bin/elasticsearch-keystore create && \\

  • 	echo "XXXXXX"  | /usr/share/elasticsearch/bin/elasticsearch-keystore add --stdin s3.client.default.access_key  && \\

  • 	echo "XXXXXX"  | /usr/share/elasticsearch/bin/elasticsearch-keystore add --stdin s3.client.default.secret_key

2. 打包镜像并上传到腾讯云镜像仓库,也可以是其他私有仓库

  •  docker build -t ccr.ccs.tencentyun.com/xxxx/elasticsearch:7.13.3 .

  •  docker push  ccr.ccs.tencentyun.com/xxxx/elasticsearch:7.13.3
image.png

2. 创建elasticsearch部署yaml文件,部署elasticsearch集群

修改了自己打包 image tag ,使用了腾讯云cbs csi块存储。并定义了部署的namespace,创建了namespace logging.

1. 创建部署elasticsearch应用的命名空间

  • kubectl create ns logging

先下发下仓库秘钥:

image.png
  • cat <<EOF > elastic.yaml

  • apiVersion: elasticsearch.k8s.elastic.co/v1

  • kind: Elasticsearch

  • metadata:

  •   name: elastic

  •   namespace: logging

  • spec:

  •   version: 7.12.0

  •   image: ccr.ccs.tencentyun.com/XXXX/elasticsearch:7.12.0

  •   http:

  •     tls:

  •       selfSignedCertificate:

  •         disabled: true

  •   nodeSets:

  •   - name: laya

  •     count: 3

  •     podTemplate:

  •       spec:

  •         containers:

  •         - name: elasticsearch

  •           env:

  •           - name: ES_JAVA_OPTS

  •             value: -Xms2g -Xmx2g

  •           resources:

  •             requests:

  •               memory: 4Gi

  •               cpu: 0.5

  •             limits:

  •               memory: 4Gi

  •               cpu: 2

  •         imagePullSecrets:

  •         - name: qcloudregistrykey              

  •     config:

  •       node.master: true

  •       node.data: true

  •       node.ingest: true

  •       node.store.allow_mmap: false

  •     volumeClaimTemplates:

  •     - metadata:

  •         name: elasticsearch-data

  •       spec:

  •         accessModes:

  •         - ReadWriteOnce

  •         storageClassName: cbs-csi 

  •         resources:

  •           requests:

  •             storage: 200Gi

  • EOF          

展开

注意:一定记得加上仓库秘钥如果是私有仓库

  •         imagePullSecrets:

  •         - name: qcloudregistrykey

2. 部署yaml文件并查看应用部署状态

  • kubectl apply -f elastic.yaml

  • kubectl get elasticsearch -n logging

  • kubectl get elasticsearch -n logging

  • kubectl -n logging get pods --selector='elasticsearch.k8s.elastic.co/cluster-name=elastic'
image.png

3. 获取elasticsearch凭据

  • kubectl -n logging get secret elastic-es-elastic-user -o=jsonpath='{.data.elastic}' | base64 --decode; echo
image.png

4. 直接安装kibana了

修改了时区,和elasticsearch镜像一样都修改到了东八区,并将语言设置成了中文,关于selfSignedCertificate原因参照https://www.elastic.co/guide/en/cloud-on-k8s/1.4/k8s-kibana-http-configuration.html

  • cat <<EOF > kibana.yaml

  • apiVersion: kibana.k8s.elastic.co/v1

  • kind: Kibana

  • metadata:

  •   name: elastic

  •   namespace: logging

  • spec:

  •   version: 7.13.3

  •   image: docker.elastic.co/kibana/kibana:7.13.3

  •   count: 1

  •   elasticsearchRef:

  •     name: elastic

  •   http:

  •     tls:

  •       selfSignedCertificate:

  •         disabled: true

  •   podTemplate:

  •     spec:

  •       containers:

  •       - name: kibana

  •         env:

  •         - name: I18N_LOCALE

  •           value: zh-CN

  •         resources:

  •           requests:

  •             memory: 1Gi

  •           limits:

  •             memory: 2Gi

  •         volumeMounts:

  •         - name: timezone-volume

  •           mountPath: /etc/localtime

  •           readOnly: true

  •       volumes:

  •       - name: timezone-volume

  •         hostPath:

  •           path: /usr/share/zoneinfo/Asia/Shanghai

  • EOF          

展开
image.png
image.png

注意: 嗯 kibana一直没有起来 发现我打elasticsearch镜像的时候忘了改elasticsearch的基础镜像,还是用了7.12好吧 修改一下。一定强调一下版本的一致性(镜像哪里我修改了,怕小伙伴跟我重新做一次,这里就强调一下)

重新部署更是刺激 看tke后台有重新部署选项:

image.png

但是貌似没有生效还是老老实实的吧

  • imagePullPolicy: Always
image.png

5. 对外映射kibana 服务

  • cat <<EOF> kibana-ingress.yaml

  • apiVersion: networking.k8s.io/v1

  • kind: Ingress

  • metadata:

  •   name: kibana-http

  •   namespace: logging

  •   annotations:

  •     kubernetes.io/ingress.class: traefik  

  •     traefik.ingress.kubernetes.io/router.entrypoints: web

  • spec:

  •   rules:

  •   - host: kibana.layabox.com

  •     http:

  •       paths:

  •       - pathType: Prefix

  •         path: /

  •         backend:

  •           service:

  •             name: elastic-kb-http

  •             port:

  •               number: 5601

  • EOF
本站文章资源均来源自网络,除非特别声明,否则均不代表站方观点,并仅供查阅,不作为任何参考依据!
如有侵权请及时跟我们联系,本站将及时删除!
如遇版权问题,请查看 本站版权声明
THE END
分享
二维码
海报
<<上一篇
下一篇>>