1 概述
一个yaml部署3节点的elasticsearch v8.14.3,修改storageclass名称后就能直接用。
2 环境准备
2.1 在华为云准备一个kubernetes集群
2.2 在华为云准备一个NAS作为PV底层存储
必须是NAS存储,不能是块存储,因为后续多个跨不同节点的pod会同时挂载到同一个PV。
2.3 创建kubernetes存储类
k8s storageclass的yaml如下,提交到k8s中即可,这个sc的名称叫做nfs,这个sc的名称叫做nfs,这个sc的名称叫做nfs,重要的事情重复三遍,这个名称会被后续的elasticsearch yaml引用。
apiVersion: storage.k8s.io/v1
allowVolumeExpansion: true
kind: StorageClass
metadata:
name: nfs
mountOptions:
- lock
parameters:
csi.storage.k8s.io/csi-driver-name: sfsturbo.csi.everest.io
csi.storage.k8s.io/fstype: nfs
everest.io/archive-on-delete: "true"
everest.io/share-access-to: fc1f5584-4423-4************ # VPC ID
everest.io/share-expand-type: bandwidth
everest.io/share-export-location: b134a******.sfsturbo.internal:/mydir # sfs turbo实例的共享路径:自定义子目录
everest.io/share-source: sfs-turbo
everest.io/share-volume-type: STANDARD
everest.io/volume-as: subpath
everest.io/volume-id: b134a****** # sfs turbo实例的ID
provisioner: everest-csi-provisioner
reclaimPolicy: Retain
volumeBindingMode: Immediate
3 部署ES
elasticsearch的yaml如下,提交到k8s中即可:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch
spec:
serviceName: elasticsearch
podManagementPolicy: Parallel
replicas: 3
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
initContainers:
- name: configure-sysctl
image: swr.cn-south-1.myhuaweicloud.com/migrator/busybox:1.36
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
containers:
- name: elasticsearch
image: swr.cn-south-1.myhuaweicloud.com/migrator/elasticsearch:8.14.3
resources:
limits:
cpu: "4"
memory: "8Gi"
requests:
cpu: "0.5"
memory: "1Gi"
ports:
- containerPort: 9200
name: http
- containerPort: 9300
name: transport
env:
- name: ES_JAVA_OPTS
value: "-Xms2g -Xmx2g"
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
- name: config
mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
subPath: elasticsearch.yml
- name: elasticsearch-logs
mountPath: /usr/share/elasticsearch/logs
livenessProbe:
httpGet:
path: /_cluster/health?local=true
port: 9200
scheme: HTTP
httpHeaders:
- name: Authorization
value: "Basic ZWxhc3RpYzpkaWZ5YWkxMjM0NTY="
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 30
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /_cluster/health?local=true
port: 9200
scheme: HTTP
httpHeaders:
- name: Authorization
value: "Basic ZWxhc3RpYzpkaWZ5YWkxMjM0NTY="
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 30
successThreshold: 1
failureThreshold: 3
volumes:
- name: config
configMap:
name: elasticsearch-config
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
labels:
app: elasticsearch
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: nfs
resources:
requests:
storage: 50Gi
- metadata:
name: elasticsearch-logs
labels:
app: elasticsearch
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: nfs
resources:
requests:
storage: 4Gi
---
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
labels:
app: elasticsearch
spec:
ports:
- port: 9200
name: http
- port: 9300
name: transport
clusterIP: None
selector:
app: elasticsearch
---
apiVersion: v1
kind: ConfigMap
metadata:
name: elasticsearch-config
data:
elasticsearch.yml: |
cluster.name: es-cluster
node.name: ${HOSTNAME}
network.host: 0.0.0.0
discovery.seed_hosts: ["elasticsearch-0.elasticsearch", "elasticsearch-1.elasticsearch", "elasticsearch-2.elasticsearch"]
cluster.initial_master_nodes: ["elasticsearch-0", "elasticsearch-1", "elasticsearch-2"]
xpack.security.enrollment.enabled: true
xpack.security.http.ssl.enabled: false
bootstrap.memory_lock: false
indices.memory.index_buffer_size: 10%
indices.queries.cache.size: 5%
action.destructive_requires_name: true
xpack.security.transport.ssl.enabled: false
xpack.security.enabled: false
node.roles: ["master", "data", "ingest"]
部署结果如下:
