Docker部署ES集群-及其踩坑点

一、环境说明

• 虚拟机IP：10.0.0.94

• 系统版本：ubt2204LTS

• Docker版本：20.10.24

二、虚拟环境部署踩坑点

出现问题

• 我们在Docker中run启动es容器，遇到了启动容器过几秒就停止的情况，问题如下：

#刚启动还在up状态
root@ding:~# docker ps 
CONTAINER ID   IMAGE                                                  COMMAND                  CREATED         STATUS         PORTS                                                   NAMES
bad5427ae613   docker.elastic.co/elasticsearch/elasticsearch:8.17.3   "/bin/tini -- /usr/l…"   7 seconds ago   Up 6 seconds   9300/tcp, 0.0.0.0:19200->9200/tcp, :::19200->9200/tcp   es01


#过了几秒之后，会自动停止
root@ding:~# docker ps 
CONTAINER ID   IMAGE                    COMMAND                  CREATED         STATUS         PORTS     NAMES

root@ding:~

问题排查

1.内存问题

• 一定要确保内存足够使用，虚拟机内存建议添加为8G，我使用的4G，如下所示，已经占满，没多少使用空间了

root@elk93:~# free -h
               total        used        free      shared  buff/cache   available
Mem:           3.8Gi       2.7Gi       119Mi       0.0Ki       993Mi       854Mi
Swap:          2.0Gi       2.0Gi       0.0Ki

• 升级之后

root@ding:~# free -h
               total        used        free      shared  buff/cache   available
Mem:           7.7Gi       1.3Gi       1.8Gi       1.0Mi       4.6Gi       6.1Gi
Swap:          4.0Gi          0B       4.0Gi

2.磁盘空间问题

• 也是，要保证磁盘空间足够使用，建议虚拟机的磁盘为100G

root@ding:~# df -h 
Filesystem                         Size  Used Avail Use% Mounted on
tmpfs                              791M  1.9M  789M   1% /run
/dev/mapper/ubuntu--vg-ubuntu--lv   48G   11G   35G  24% /
tmpfs                              3.9G     0  3.9G   0% /dev/shm
tmpfs                              5.0M     0  5.0M   0% /run/lock
/dev/sda2                          2.0G  129M  1.7G   8% /boot
tmpfs                              791M  4.0K  791M   1% /run/user/0
overlay                             48G   11G   35G  24% /var/lib/docker/overlay2/2955f50bde7df568ececb96b778362cae25dec1fbbaf3e983e02c84bc9131e95/merged
overlay                             48G   11G   35G  24% /var/lib/docker/overlay2/d8c68b1f9f47e1ee723e16d3366fba6ccb409ba54ad38b57ba66563757d58b3b/merged
overlay                             48G   11G   35G  24% /var/lib/docker/overlay2/cf795a9b1dda8a7af37e182f93dd8bc610e8914dbe069fb7df23334e8459caaa/merged

3.系统资源限制

• Elasticsearch 对系统资源（如内存、文件句柄等）有较高要求。如果系统资源不足，可能会导致容器自动停止

• 检查系统资源使用情况，确保有足够的内存和文件句柄。可以通过以下命令调整系统参数

# 临时修改系统参数
sysctl -w vm.max_map_count=262144
ulimit -n 65536

# 永久修改系统参数
root@ding:~# tail -1 /etc/sysctl.conf
vm.max_map_count=262144
root@ding:~# tail -2 /etc/security/limits.conf
* hard nofile 65536
* soft nofile 65536
root@ding:~# sysctl -p
vm.max_map_count = 262144
断开xshell重新链接

如果需要永久生效，可以将上述参数写入 /etc/sysctl.conf 和 /etc/security/limits.conf 文件中

问题解决

#重新启动es容器
检查容器是否还会意外终止
root@ding:~# docker ps 
CONTAINER ID   IMAGE                                                  COMMAND                  CREATED          STATUS          PORTS                                                   NAMES
bad5427ae613   docker.elastic.co/elasticsearch/elasticsearch:8.17.3   "/bin/tini -- /usr/l…"   27 minutes ago   Up 24 minutes   9300/tcp, 0.0.0.0:19200->9200/tcp, :::19200->9200/tcp   es01

已持续运行27分钟未中断，问题得到解决

三、部署ES单点

• 参考官网：https://elastic.ac.cn/guide/en/elasticsearch/reference/current/docker.html

#创建ES集群、kibana使用的网络，使用默认网络bridge
root@ding:~# docker network create elastic

#拉取ES的镜像
root@ding:~# docker pull docker.elastic.co/elasticsearch/elasticsearch:8.17.3

#单点运行ES
root@ding:~# docker run -d --name es01 --net elastic -p 19200:9200 -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch:8.17.3

#重置ES的密码
root@ding:~# docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
WARNING: Owner of file [/usr/share/elasticsearch/config/users] used to be [root], but now is [elasticsearch]
WARNING: Owner of file [/usr/share/elasticsearch/config/users_roles] used to be [root], but now is [elasticsearch]
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y


Password for the [elastic] user successfully reset.
New value: =cnH_w989nuCFhfqjd1V
			#注意留存

#为kibana生成校验token值，注意留存
root@ding:~# docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana
eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTcyLjE4LjAuMjo5MjAwIl0sImZnciI6ImU1NjlhMDJkNjZmYmM2Y2E2MjMzMDQxMTJmMmUxZTFjM2Q0YmIyMmNlZmYyYmY5MzQwNGNkMTgyNjViZmNhN2IiLCJrZXkiOiJoRlJrdDVVQkI2M1o4Vm9rQWpqbDphdHp2MVAtUFNpcUxWazdZSWYtRmhBIn0=

#保存容器内证书到本地
root@ding:~# docker cp es01:/usr/share/elasticsearch/config/certs/http_ca.crt .

#测试单点是否启动
root@ding:~# curl --cacert http_ca.crt -u elastic:=cnH_w989nuCFhfqjd1V https://localhost:19200/_cat/nodes
172.18.0.2 38 90 0 0.16 0.10 0.04 cdfhilmrstw * bad5427ae613

四、部署kibana

#下载
root@ding:~# docker pull docker.elastic.co/kibana/kibana:8.17.3

#运行kibana
root@ding:~# docker run -d --name kibana --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:8.17.3

#访问kibana
http://10.0.0.92:5601/
使用之前es生成的token登录。

#获取kibana的校验码 
root@ding:~# docker exec  kibana /usr/share/kibana/bin/kibana-verification-code
Kibana is currently running with legacy OpenSSL providers enabled! For details and instructions on how to disable see https://www.elastic.co/guide/en/kibana/8.17/production.html#openssl-legacy-provider
Your verification code is:  616 049

#登录修改密码为123456

#修改中文支持 
root@ding:~# docker exec -it kibana bash
kibana@fd2e21c42d1b:~$ 
kibana@fd2e21c42d1b:~$ echo i18n.locale: "zh-CN" >> /usr/share/kibana/config/kibana.yml
kibana@fd2e21c42d1b:~$ 
kibana@fd2e21c42d1b:~$ exit
root@ding:~#  docker restart kibana 
kibana

五、部署ES集群

#创建es集群的token
root@ding:~# docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node
eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTcyLjE4LjAuMjo5MjAwIl0sImZnciI6ImU1NjlhMDJkNjZmYmM2Y2E2MjMzMDQxMTJmMmUxZTFjM2Q0YmIyMmNlZmYyYmY5MzQwNGNkMTgyNjViZmNhN2IiLCJrZXkiOiJxMVJ3dDVVQkI2M1o4Vm9reERqQzo4NWk4NmNNZFNMT1JRU3hYVXoxbjBBIn0=


#启动两个新的节点 
root@ding:~# docker run -d -e ENROLLMENT_TOKEN="eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTcyLjE4LjAuMjo5MjAwIl0sImZnciI6ImU1NjlhMDJkNjZmYmM2Y2E2MjMzMDQxMTJmMmUxZTFjM2Q0YmIyMmNlZmYyYmY5MzQwNGNkMTgyNjViZmNhN2IiLCJrZXkiOiJxMVJ3dDVVQkI2M1o4Vm9reERqQzo4NWk4NmNNZFNMT1JRU3hYVXoxbjBBIn0=" --name es02 --net elastic -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch:8.17.3
010f37ebbdef8ef90eb3e79924e6b9581c5c0080f9ef48d11ac9e2cb7865deab
root@ding:~# 
root@ding:~# docker run -d -e ENROLLMENT_TOKEN="eyJ2ZXIiOiI4LjE0LjAiLCJhZHIiOlsiMTcyLjE4LjAuMjo5MjAwIl0sImZnciI6ImU1NjlhMDJkNjZmYmM2Y2E2MjMzMDQxMTJmMmUxZTFjM2Q0YmIyMmNlZmYyYmY5MzQwNGNkMTgyNjViZmNhN2IiLCJrZXkiOiJxMVJ3dDVVQkI2M1o4Vm9reERqQzo4NWk4NmNNZFNMT1JRU3hYVXoxbjBBIn0=" --name es03 --net elastic -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch:8.17.3
21ecad546ac5b8ee74f7c0f0179b5dce53c5f5bc63fb8df2d7ad4a04bfdd555c

#查看集群是否部署成功
root@ding:~# curl -k -u elastic:123456 https://10.0.0.94:19200/_cat/nodes
172.18.0.5 54  95 16 0.96 0.79 0.49 cdfhilmrstw - 62f6fe8d087b
172.18.0.4 67 100 36 0.96 0.79 0.49 cdfhilmrstw - 7032a86b5401
172.18.0.2 53  89 12 0.96 0.79 0.49 cdfhilmrstw * e97309481120