K8S-ELK日志系统 之一：elasticseatch集群

生产环境中，我们应当把监控系统和日志系统部署在生产环境之外的自主环境或者Kubernetes集群之上，此处仅为练习。

k8s: v1.21.5

Docker :20.10.5

elasticsearch:  7.16.0（也可以选择自带jdk的版本）

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.16.0-no-jdk-amd64.deb 

基础镜像：本地仓库：harbor.myland.com/baseimages/openjdk:11

1、创建NFS共享存储

mkdir /data/elasticsearch

echo "/data/elasticsearch *(rw,sync,no_root_squash,no_subtree_check)" >> /etc/exports

exportfs -arv 

NFS地址：10.0.8.131:/data/elasticsearch

2、创建namespace

apiVersion: v1
kind: Namespace
metadata:
   name: es
   labels:
     name: es

3、创建账号和角色，并绑定

apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-provisioner
  namespace: neo4j
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
   name: nfs-provisioner-runner
rules:
   -  apiGroups: [""]
      resources: ["persistentvolumes"]
      verbs: ["get", "list", "watch", "create", "delete"]
   -  apiGroups: [""]
      resources: ["persistentvolumeclaims"]
      verbs: ["get", "list", "watch", "update"]
   -  apiGroups: ["storage.k8s.io"]
      resources: ["storageclasses"]
      verbs: ["get", "list", "watch"]
   -  apiGroups: [""]
      resources: ["events"]
      verbs: ["list", "watch", "create", "update", "patch"]
   -  apiGroups: [""]
      resources: ["services", "endpoints"]
      verbs: ["get","create","list", "watch","update"]
   -  apiGroups: ["extensions"]
      resources: ["podsecuritypolicies"]
      resourceNames: ["nfs-provisioner"]
      verbs: ["use"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: neo4j
roleRef:
  kind: ClusterRole
  name: nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io

4、创建nfs-provisioner

参考：https://blog.csdn.net/weixin_41004350/article/details/90168631

使用镜像：image: easzlab/nfs-subdir-external-provisioner:v4.0.1代替 quay.io/external_storage/nfs-client-provisioner:latest，该镜像会报selfLink empty，，导致无法创建pv

kind: Deployment
apiVersion: apps/v1
metadata:
  name: nfs-client-provisioner
  namespace: es
  labels:
    app: nfs-client-provisioner
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: nfs-client-provisioner
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccount: nfs-provisioner
      containers:
        - name: nfs-client-provisioner
          #image: quay.io/external_storage/nfs-client-provisioner:latest
          image: easzlab/nfs-subdir-external-provisioner:v4.0.1
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: nfs-provisioner
            - name: NFS_SERVER
              value: 10.0.8.131
            - name: NFS_PATH
              value: /data/elasticsearch
      volumes:
        - name: nfs-client-root
          nfs:
            server: 10.0.8.131
            path: /data/elasticsearch

 

3、创建storageclass

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: managed-nfs-storage
provisioner: nfs-provisioner
parameters:
  archiveOnDelete: "true"   

       绑定上一步创建的：nfs-provisioner

4、创建Dockerfile

FROM harbor.myland.com/baseimages/openjdk:11
COPY entrypoint.sh /
COPY elasticsearch-7.16.0-no-jdk-amd64.deb /
RUN cd / && dpkg -i elasticsearch-7.16.0-no-jdk-amd64.deb && \
    chown -R  elasticsearch /usr/share/elasticsearch  && \
    chown -R elasticsearch /etc/elasticsearch  && \
    chown -R elasticsearch /etc/default/elasticsearch && \
    chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD ["/bin/bash","-c","while true;do sleep 5;done"]

#! /bin/bash
chown -R elasticsearch /data/
echo "cluster.name: ${CLUSTER_NAME}" > /etc/elasticsearch/elasticsearch.yml
echo "node.name: node-`hostname |awk -F'-' '{print $2}'`" >> /etc/elasticsearch/elasticsearch.yml
echo "network.host: `hostname -i`" >> /etc/elasticsearch/elasticsearch.yml
echo "http.port: ${HTTP_PORT}" >> /etc/elasticsearch/elasticsearch.yml
echo "discovery.seed_hosts: ${SEED_HOSTS}" >> /etc/elasticsearch/elasticsearch.yml
echo "cluster.initial_master_nodes: ${MASTER_NODES} " >> /etc/elasticsearch/elasticsearch.yml
echo "path.data: /data/lib/elasticsearch" >> /etc/elasticsearch/elasticsearch.yml
echo "path.logs: /data/log/elasticsearch" >> /etc/elasticsearch/elasticsearch.yml
/etc/init.d/elasticsearch start

exec "$@"

变量通过创建容器时传入

5、elasticsearch_statefulset.yaml

创建service，集群通过传入的变量，生成elasticsearch配置文件

apiVersion: v1
kind: Service
metadata:
  name: es
  namespace: es
  labels:
    app: es
spec:
  type: NodePort
#  clusterIP: None
  ports:
  - name: es
    port: 9200
    targetPort: 9200
    nodePort: 30010
    protocol: TCP
  selector:
    app: es
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: es
  namespace: es
spec:
  selector:
    matchLabels:
      app: es
  serviceName: es
  replicas: 3
  template:
    metadata:
      labels:
        app: es
        ctrl: pod-antiaffinity-required
    spec:
      initContainers:
        - name: sysctl
          image: busybox
          imagePullPolicy: Always
          securityContext:
            privileged: true
          command: ['sh', '-c', 'sysctl -w vm.max_map_count=262144']
      containers:
      - name: es
        image: harbor.myland.com/baseimages/es:v7.16.0
        imagePullPolicy: Always
        env:
        - name: CLUSTER_NAME
          value: "es"
        - name: HTTP_PORT
          value: "9200"
        - name: RECOVER_NODES
          value: "2"
        - name: ACTION_DESTRUCTIVE
          value: "TRUE"
        - name: SEED_HOSTS
          value: "['es-0.es','es-1.es','es-2.es']"
        - name: MASTER_NODES
          value: "['node-0','node-1','node-2']"

        ports:
        - name: es
          containerPort: 9200
        volumeMounts:
          - name: data
            mountPath: /data
        resources:
          limits:
            cpu: 400m
            memory: 1500Mi
          requests:
            cpu: 300m
            memory: 1000Mi
        livenessProbe:
          exec:
            command: ["netstat", "-ant","grep","9200"]
          initialDelaySeconds: 60
          periodSeconds: 10
          timeoutSeconds: 5
        readinessProbe:
          httpGet:
            port: 9200
            path: /_cat
          initialDelaySeconds: 1
          periodSeconds: 3
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - {key: app ,operator: In, values: ["es"]}
#              - key: ctrl
#                operator: In
#                values: ["pod-antiaffinity-required"]
            topologyKey: kubernetes.io/hostname   


  volumeClaimTemplates:
  - metadata:
      name: data
      annotations:
        volume.beta.kubernetes.io/storage-class: "managed-nfs-storage"
      namespace: es
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: managed-nfs-storage
      resources:
        requests:
          storage: 5Gi

在nfs服务器目录下，可以看到自动创建的卷

6、验证

  进入es-0查看es集群状态

  外部访问：

      通过elasticsearch head插件查看：