转载请注明出处
参考链接
- https://hubgw.docker.com/_/elasticsearch
- https://www.elastic.co/guide/en/elasticsearch/reference/7.5/docker.html
- https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
- https://www.elastic.co/guide/en/elastic-stack-get-started/7.10/get-started-docker.html#get-started-docker-tls
- https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html
部署
系统设置
# 若要查看设置的当前值,请运行:vm.max_map_count
grep vm.max_map_count /etc/sysctl.conf
# vm.max_map_count=262144
# 临时修改
sysctl -w vm.max_map_count=262144
# 永久修改
# vim /etc/sysctl.conf
# 添加以下内容
vm.max_map_count=262144
# 生效
sysctl -p
获取镜像
# docker pull docker.io/elasticsearch:7.10.1
docker pull docker.elastic.co/elasticsearch/elasticsearch:7.10.2
单机部署单节点(bridge模式)
创建 docker-compose.yml 文件内容如下
version: "3"
services:
easticsearch:
container_name: elasticsearch-7.10.2
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
restart: on-failure:3
ports:
- 10200:9200
- 10300:9300
environment:
- TZ=Asia/Shanghai
- discovery.type=single-node
# 设置密码
- ELASTIC_PASSWORD=123456
# 不加该参数, 需要手动给持久化的目录赋权限
- TAKE_FILE_OWNERSHIP=true
# 分片数量设置
- cluster.max_shards_per_node=3000
- xpack.security.enabled=true
- path.repo=/usr/share/elasticsearch/backup
volumes:
- ./elasticsearch/logs:/usr/share/elasticsearch/logs
- ./elasticsearch/backup:/usr/share/elasticsearch/backup
- ./elasticsearch/data:/usr/share/elasticsearch/data
# - easticsearch_data:/usr/share/elasticsearch/data
healthcheck:
# test: curl --cacert $CERTS_DIR/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
test: ["CMD-SHELL", "nc -vz 127.0.0.1 9200 || exit 1"]
start_period: 20s
interval: 10s
timeout: 30s
retries: 5
# volumes:
# easticsearch_data:
# driver: local
# 部署
docker-compose up -d
# 卸载
docker-compose down
# 删除数据
# docker volume rm easticsearch_data
单机部署单节点(host模式)
创建 docker-compose.yml 文件内容如下
version: "3"
services:
easticsearch:
container_name: elasticsearch-7.10.2
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
restart: on-failure:3
environment:
- TZ=Asia/Shanghai
- discovery.type=single-node
# 设置密码
- ELASTIC_PASSWORD=123456
# 不加该参数, 需要手动给持久化的目录赋权限
- TAKE_FILE_OWNERSHIP=true
# 分片数量设置
- cluster.max_shards_per_node=3000
- xpack.security.enabled=true
- path.repo=/usr/share/elasticsearch/backup
volumes:
- ./elasticsearch/logs:/usr/share/elasticsearch/logs
- ./elasticsearch/backup:/usr/share/elasticsearch/backup
- ./elasticsearch/data:/usr/share/elasticsearch/data
# - easticsearch_data:/usr/share/elasticsearch/data
network_mode: host
# volumes:
# easticsearch_data:
# driver: local
# 部署
docker-compose up -d
# 卸载
docker-compose down
# 删除数据(如果使用了声明式的volumes, 需要删除)
# docker volume rm easticsearch_data
单机部署集群(bridge模式)
创建 docker-compose.yml 文件内容如下
以下示例中未使用相同的证书, 如果是生产环境部署, 需要生成证书, 并分发到各个节点
version: '3'
services:
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
container_name: elasticsearch_01
ports:
- 10200:9200
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es02,es03
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- elasticsearch_data_01:/usr/share/elasticsearch/data
networks:
- elastic
es02:
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
container_name: elasticsearch_02
ports:
- 20200:9200
environment:
- node.name=es02
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es01,es03
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- elasticsearch_data_02:/usr/share/elasticsearch/data
networks:
- elastic
es03:
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
container_name: elasticsearch_03
ports:
- 30200:9200
environment:
- node.name=es03
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es01,es02
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- elasticsearch_data_03:/usr/share/elasticsearch/data
networks:
- elastic
volumes:
easticsearch_data_01:
driver: local
easticsearch_data_02:
driver: local
easticsearch_data_03:
driver: local
networks:
elastic:
driver: bridge
# 部署
docker-compose up -d
# 卸载
docker-compose down
# 删除数据
# docker volume rm easticsearch_data_01
# docker volume rm easticsearch_data_02
# docker volume rm easticsearch_data_03
集群部署模版(host模式)
创建 docker-compose.yml 文件内容如下
以下文件仅为一个模版, 需要将以下文件在多个节点部署
以下示例中未使用相同的证书, 如果是生产环境部署, 需要生成证书, 并分发到各个节点
# version: "3"
services:
elasticsearch:
container_name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
restart: on-failure:3
privileged: true
environment:
- TZ=Asia/Shanghai
- node.name=10.100.10.10
- cluster.name=cluster
#- discovery.type=
- discovery.seed_hosts=10.100.10.11,10.100.10.12
- cluster.initial_master_nodes=10.100.10.10,10.100.10.11,10.100.10.12
- ELASTIC_PASSWORD=123456
- xpack.security.enabled=true
- path.repo=/usr/share/elasticsearch/backup
- TAKE_FILE_OWNERSHIP=true
#- bootstrap.memory_lock=true
#- xpack.security.transport.ssl.enabled=true
network_mode: host
volumes:
- ./elasticsearch/data:/usr/share/elasticsearch/data
- ./elasticsearch/backup:/usr/share/elasticsearch/backup
- ./elasticsearch:/usr/share/elasticsearch/logs
healthcheck:
test: ["CMD-SHELL", "nc -vz 127.0.0.1 9200 || exit 1"]
start_period: 20s
interval: 10s
timeout: 10s
retries: 5
# 部署
docker-compose up -d
# 卸载
docker-compose down
使用自签CA证书
集群部署的时候, 涉及到多个节点通讯, 因此每个节点需要使用相同的ca证书, 可以自行生成CA证书, 然后添加相关的环境变量,
参考示例如下
services:
elasticsearch:
container_name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
restart: on-failure:5
privileged: true
environment:
- TZ=Asia/Shanghai
- node.name=10.100.10.10
- cluster.namecluster-node-01
# - discovery.type=single-node
- discovery.seed_hosts=10.100.10.11,10.100.10.12
- cluster.initial_master_nodes=10.100.10.10,10.100.10.11,10.100.10.12
- cluster.max_shards_per_node=3000
- ELASTIC_PASSWORD=123456
- path.repo=/usr/share/elasticsearch/backup
- TAKE_FILE_OWNERSHIP=true
- xpack.security.enabled=true
# 自定义CA证书配置
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.keystore.type=PKCS12
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12
- xpack.security.transport.ssl.truststore.type=PKCS12
#- bootstrap.memory_lock=true
#- xpack.security.transport.ssl.keystore.password=
#- xpack.security.transport.ssl.truststore.password=
#- xpack.security.audit.enabled=true
network_mode: host
mem_limit: 16g
volumes:
- ./config/elastic-log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties
# 挂载自定义的证书
- ./config/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12
- ./elasticsearch/data:/usr/share/elasticsearch/data
- ./elasticsearch/backup:/usr/share/elasticsearch/backup
- ./elasticsearch:/usr/share/elasticsearch/logs
healthcheck:
test: ["CMD-SHELL", "nc -vz 127.0.0.1 9200 || exit 1"]
start_period: 60s
interval: 10s
timeout: 10s
retries: 30
扫一扫
1964
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
