k8s部署elasticsearch以及ik分词器
创建es的configmap(elasticsearch8的话需要把node.max_local_storage_nodes: 1去掉)
vim elasticsearch-cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: es
data:
elasticsearch.yml: |
cluster.name: my-cluster
node.name: node-1
node.max_local_storage_nodes: 1
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["127.0.0.1", "[::1]"]
cluster.initial_master_nodes: ["node-1"]
http.cors.enabled: true
http.cors.allow-origin: /.*/
Apply运行
kubectl apply -f elasticsearch-cm.yaml
创建pv
vim elasticsearch-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: es-pv
spec:
capacity:
storage: 2Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: managed-nfs-storage
hostPath:
path: /nfs/elasticsearch/
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: es-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 2Gi
storageClassName: managed-nfs-storage
Apply运行
kubectl apply -f elasticsearch-pv.yaml
kubectl get pvc -A
kubectl get pv -A
创建svc
vim elasticsearch-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
labels:
name: elasticsearch
spec:
type: NodePort
ports:
- name: web-9200
port: 9200
targetPort: 9200
protocol: TCP
nodePort: 30105
- name: web-9300
port: 9300
targetPort: 9300
protocol: TCP
nodePort: 30106
selector:
name: elasticsearch
Apply运行
kubectl apply -f elasticsearch-svc.yaml
kubectl get svc -A
创建elasticsearch的deployment
vim elasticsearch.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: elasticsearch
spec:
selector:
matchLabels:
name: elasticsearch
replicas: 1
template:
metadata:
labels:
name: elasticsearch
spec:
initContainers:
- name: init-sysctl
image: busybox
command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
securityContext:
privileged: true
containers:
- name: elasticsearch
image: elasticsearch:7.17.16
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 1000m
memory: 2Gi
requests:
cpu: 100m
memory: 1Gi
env:
- name: ES_JAVA_OPTS
value: -Xms512m -Xmx512m
- name: http.cors.allow-headers
value: Authorization
- name: xpack.security.enabled
value: "true"
- name: xpack.security.transport.ssl.enabled
value: "true"
- name: network.host
value: "0.0.0.0"
ports:
- containerPort: 9200
- containerPort: 9300
securityContext:
runAsUser: 1000
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data/
- name: es-config
mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
subPath: elasticsearch.yml
- name: elasticsearch-ik
mountPath: /usr/share/elasticsearch/plugins/ik
volumes:
- name: elasticsearch-ik
hostPath:
path: /root/kubernetes/elasticsearch/ik/
- name: elasticsearch-data
persistentVolumeClaim:
claimName: es-pvc
- name: es-config
configMap:
name: es
修改系统逻辑
vim /etc/sysctl.conf
vm.max_map_count=262144
sysctl --system #刷新策略
Apply运行
kubectl apply -f elasticsearch.yaml
kubectl get po -A
部署ik分词器
相关的步骤已经写进上面的yaml里了。在本地创建ik目录,并把下载的ik分词器解压缩到ik目录里,然后映射进容器里即可
这是本地创建的ik目录里面有分词器解压缩后的文件
通过这一段内容映射进pod里启动即可
我这里没有设置es的密码,因为场景里设置上es的密码,后端就连不上es,很奇怪!
这里写一下设置es密码的方法
Yaml里添加env参数开启安全认证
- name: http.cors.allow-headers
value: Authorization
- name: xpack.security.enabled
value: "true"
- name: xpack.security.transport.ssl.enabled
value: "true"
- name: network.host
value: "0.0.0.0"
进入容器生成登陆密码
./bin/elasticsearch-setup-passwords interactive
interactive 是手动输入密码
auto是自动随机生成密码
浙公网安备 33010602011771号