文章目录

  • 前言
  • 一、制定自定义的ElasticSearch镜像
    • 1.Dockerfile文件内容如下:
    • 2.执行构建镜像
    • 3.推送镜像
  • 二、docker-compose等配置文件
    • 1.docker-compose.yml
    • 2.elasticsearch.yml
    • 3.kibana.yml
    • 4.文件目录和授权
  • 三、启动容器
  • 四、配置密码
  • 五、访问ElasticSearch
  • 六、访问Kibana
  • 七、访问Cerebro
  • 八、总结

前言

这篇文章主要采用Dockerfile+elasticsearch7.12.1(配置密码及证书)+kibana7.12.1+cerebro0.83搭建集群

提示:以下是本篇文章正文内容,下面案例可供参考

一、制定自定义的ElasticSearch镜像

1.Dockerfile文件内容如下:

#官方镜像
FROM elasticsearch:7.12.1USER root#生成证书,密码可自己配置
RUN bin/elasticsearch-certutil ca --out config/elastic-stack-ca.p12 --pass 12345678#生成证书,密码可自己配置
RUN bin/elasticsearch-certutil cert --ca config/elastic-stack-ca.p12 --ca-pass 12345678 --out config/elastic-certificates.p12 --pass 12345678#创建keystore
RUN bin/elasticsearch-keystore create#将密码添加至keystore
RUN sh -c '/bin/echo -e "12345678" | sh bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password'
RUN sh -c '/bin/echo -e "12345678" | sh bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password'#文件赋权限
RUN chmod 777 /usr/share/elasticsearch/config/elastic-certificates.p12
RUN chmod 777 /usr/share/elasticsearch/config/elastic-stack-ca.p12

2.执行构建镜像

  • janson11/elasticsearch是我在dockerHub建立的镜像仓库
 docker build -t janson11/elasticsearch:7.12.1 . -f DockerFile

通过命令docker images |grep '7.12.1’查看构建的镜像。

janson11/elasticsearch                          7.12.1    6f25ad543f45   24 hours ago   894MB

3.推送镜像

docker push janson11/elasticsearch:7.12.1

在我自己的dockerHub可以看到推送的镜像。

二、docker-compose等配置文件

1.docker-compose.yml

version: '2.1'
services:cerebro:image: lmenezes/cerebro:0.8.3container_name: cerebroports:- "9000:9000"command:- -Dhosts.0.host=http://elasticsearch:9200networks:- es7netkibana:image: docker.elastic.co/kibana/kibana:7.12.1container_name: kibana7environment:- I18N_LOCALE=zh-CN- XPACK_GRAPH_ENABLED=true- TIMELION_ENABLED=true- TZ=Asia/Shanghaivolumes:- ./kibana.yml:/usr/share/kibana/config/kibana.ymlports:- "5601:5601"networks:- es7netelasticsearch:image: janson11/elasticsearch:7.12.1container_name: es7_01environment:- cluster.name=janson-es-cluster- node.name=es7_01- bootstrap.memory_lock=true- "ES_JAVA_OPTS=-Xms512m -Xmx512m"- discovery.seed_hosts=es7_02,es7_03- cluster.initial_master_nodes=es7_01,es7_02,es7_03- TZ=Asia/Shanghai- http.cors.enabled=true- http.cors.allow-origin=*- http.cors.allow-headers=Authorization,X-Requested-With,Content-Length,Content-Type- xpack.security.enabled=true  - xpack.security.authc.accept_default_password=true - xpack.security.transport.ssl.enabled=true- xpack.security.audit.enabled=true- xpack.license.self_generated.type=basic- xpack.monitoring.collection.enabled=trueulimits:memlock:soft: -1hard: -1volumes:- ./es7_01/data:/usr/share/elasticsearch/data- ./es7_01/log:/usr/share/elasticsearch/logs- ./elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.ymlports:- "9200:9200"- "9300:9300"networks:- es7netelasticsearch2:image: janson11/elasticsearch:7.12.1container_name: es7_02environment:- cluster.name=janson-es-cluster- node.name=es7_02- bootstrap.memory_lock=true- "ES_JAVA_OPTS=-Xms512m -Xmx512m"- discovery.seed_hosts=es7_01,es7_03- cluster.initial_master_nodes=es7_01,es7_02,es7_03- TZ=Asia/Shanghai- http.cors.enabled=true- http.cors.allow-origin=*- http.cors.allow-headers=Authorization,X-Requested-With,Content-Length,Content-Type- xpack.security.enabled=true  - xpack.security.authc.accept_default_password=true - xpack.security.transport.ssl.enabled=true- xpack.security.audit.enabled=true- xpack.license.self_generated.type=basic- xpack.monitoring.collection.enabled=trueulimits:memlock:soft: -1hard: -1volumes:- ./es7_02/data:/usr/share/elasticsearch/data- ./es7_02/log:/usr/share/elasticsearch/logs- ./elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.ymlnetworks:- es7netelasticsearch3:image: janson11/elasticsearch:7.12.1container_name: es7_03environment:- cluster.name=janson-es-cluster- node.name=es7_03- bootstrap.memory_lock=true- "ES_JAVA_OPTS=-Xms512m -Xmx512m"- discovery.seed_hosts=es7_01,es7_02- cluster.initial_master_nodes=es7_01,es7_02,es7_03- TZ=Asia/Shanghai- http.cors.enabled=true- http.cors.allow-origin=*- http.cors.allow-headers=Authorization,X-Requested-With,Content-Length,Content-Type- xpack.security.enabled=true  - xpack.security.authc.accept_default_password=true - xpack.security.transport.ssl.enabled=true- xpack.security.audit.enabled=true- xpack.license.self_generated.type=basic- xpack.monitoring.collection.enabled=trueulimits:memlock:soft: -1hard: -1volumes:- ./es7_03/data:/usr/share/elasticsearch/data- ./es7_03/log:/usr/share/elasticsearch/logs- ./elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.ymlnetworks:- es7netvolumes:es7data1:driver: locales7data2:driver: locales7data3:driver: localnetworks:es7net:driver: bridge

2.elasticsearch.yml

network.host: 0.0.0.0
#master节点es7_01
cluster.initial_master_nodes: ["es7_01"]
discovery.seed_hosts: ["es7_01","es7_03","es7_03"]
cluster.name: "janson-es-cluster"
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
#开启kibana监控配置,如果不开启,也可以在kibana监控界面开启
xpack.monitoring.collection.enabled: true
#开启安全认证相关配置
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.audit.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.keystore.type: PKCS12
xpack.security.transport.ssl.verification_mode: certificate
#名字要和自定义镜像中的名字一致
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.type: PKCS12

3.kibana.yml

server.name: kibana
server.host: "0"
kibana.index: ".kibana"
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
xpack.monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: zh-CN
elasticsearch.username: 'elastic'
elasticsearch.password: '12345678'

4.文件目录和授权

mkdir -p es7_01/data es7_01/logs es7_02/data es7_02/logs es7_03/data es7_03/logschmod -Rf  777 es7_*

查看目录和文件

-rw-r--r--  1  Dockerfile
-rw-r--r--  1  docker-compose.yml
-rwxrwxrwx  1  elasticsearch.yml
drwxrwxrwx  5  es7_01
drwxrwxrwx  5  es7_02
drwxrwxrwx  5  es7_03
-rwxrwxrwx  1  kibana.yml

三、启动容器

docker-compose -f docker-compose.yml up -ddocker psCONTAINER ID   IMAGE                                    COMMAND                  CREATED        STATUS        PORTS                                                                                  NAMES
3e55de90149f   janson11/elasticsearch:7.12.1            "/bin/tini -- /usr/l…"   20 hours ago   Up 20 hours   9200/tcp, 9300/tcp                                                                     es7_03
34d7c5abada1   janson11/elasticsearch:7.12.1            "/bin/tini -- /usr/l…"   20 hours ago   Up 20 hours   9200/tcp, 9300/tcp                                                                     es7_02
6d60ec471596   janson11/elasticsearch:7.12.1            "/bin/tini -- /usr/l…"   20 hours ago   Up 20 hours   0.0.0.0:9200->9200/tcp, :::9200->9200/tcp, 0.0.0.0:9300->9300/tcp, :::9300->9300/tcp   es7_01
84b4e20e6b14   docker.elastic.co/kibana/kibana:7.12.1   "/bin/tini -- /usr/l…"   20 hours ago   Up 20 hours   0.0.0.0:5601->5601/tcp, :::5601->5601/tcp                                              kibana7
c17475367b0f   lmenezes/cerebro:0.8.3                   "/opt/cerebro/bin/ce…"   20 hours ago   Up 20 hours   0.0.0.0:9000->9000/tcp, :::9000->9000/tcp                                              cerebro

四、配置密码

进入master节点容器配置密码

docker exec -it es7_01 /bin/bash[root@6d60ec471596 elasticsearch]# ./bin/elasticsearch-setup-passwords interactive --verbose
Running with configuration path: /usr/share/elasticsearch/configTesting if bootstrap password is valid for http://172.24.0.5:9200/_security/_authenticate?pretty
{"username" : "elastic","roles" : ["superuser"],"full_name" : null,"email" : null,"metadata" : {"_reserved" : true},"enabled" : true,"authentication_realm" : {"name" : "reserved","type" : "reserved"},"lookup_realm" : {"name" : "reserved","type" : "reserved"},"authentication_type" : "realm"
}Checking cluster health: http://172.24.0.5:9200/_cluster/health?pretty
{"cluster_name" : "janson-es-cluster","status" : "green","timed_out" : false,"number_of_nodes" : 3,"number_of_data_nodes" : 3,"active_primary_shards" : 1,"active_shards" : 2,"relocating_shards" : 0,"initializing_shards" : 0,"unassigned_shards" : 0,"delayed_unassigned_shards" : 0,"number_of_pending_tasks" : 0,"number_of_in_flight_fetch" : 0,"task_max_waiting_in_queue_millis" : 0,"active_shards_percent_as_number" : 100.0
}Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]yEnter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:Trying user password change call http://172.24.0.5:9200/_security/user/apm_system/_password?pretty
{ }Changed password for user [apm_system]Trying user password change call http://172.24.0.5:9200/_security/user/kibana_system/_password?pretty
{ }Changed password for user [kibana_system]Trying user password change call http://172.24.0.5:9200/_security/user/kibana/_password?pretty
{ }Changed password for user [kibana]Trying user password change call http://172.24.0.5:9200/_security/user/logstash_system/_password?pretty
{ }Changed password for user [logstash_system]Trying user password change call http://172.24.0.5:9200/_security/user/beats_system/_password?pretty
{ }Changed password for user [beats_system]Trying user password change call http://172.24.0.5:9200/_security/user/remote_monitoring_user/_password?pretty
{ }Changed password for user [remote_monitoring_user]Trying user password change call http://172.24.0.5:9200/_security/user/elastic/_password?pretty
{ }Changed password for user [elastic]

五、访问ElasticSearch

谷歌浏览器输入localhost:9200,输入用户名elastic和密码12345678可以看到集群信息。

cluster_name : janson-es-cluster

{"name" : "es7_01","cluster_name" : "janson-es-cluster","cluster_uuid" : "IHIDAJllSuK9WLn46nsIbw","version" : {"number" : "7.12.1","build_flavor" : "default","build_type" : "docker","build_hash" : "3186837139b9c6b6d23c3200870651f10d3343b7","build_date" : "2021-04-20T20:56:39.040728659Z","build_snapshot" : false,"lucene_version" : "8.8.0","minimum_wire_compatibility_version" : "6.8.0","minimum_index_compatibility_version" : "6.0.0-beta1"},"tagline" : "You Know, for Search"
}

六、访问Kibana

谷歌浏览器输入localhost:5601,输入用户名elastic和密码12345678可以看到kibana的首页。

七、访问Cerebro

谷歌浏览器输入localhost:9000,输入用户名elastic和密码12345678可以看到cerebro的首页。

八、总结

本篇文章从Elasticsearch镜像的自定义制作和操作docker,构建可视化kibana界面及cerebro集群管理界面,可以很方便监控Elasticsearch的健康状态,下篇文章介绍如何使用springBoot操作Elasticsearch。如果觉得本篇文章有用,欢迎评论、点赞、收藏和转发,谢谢。

Dockerfile+elasticsearch7.12.1(配置密码及证书)+kibana7.12.1+cerebro0.83搭建集群相关推荐

  1. 金仓数据库KingbaseES Clusterware配置手册(搭建集群 )

    目前支持两种方式搭建集群: 使用cluster_manager.sh或是手工搭建,推荐使用cluster_manager.sh搭建集群: 目录 4.1. 使用cluster_manager.sh搭建集 ...

  2. 在Docker中使用Dockerfile实现ISO文件转化为完整版Centos镜像,并搭建集群数据仓库

    在Docker中使用Dockerfile实现ISO文件转化为完整版Centos镜像,并搭建集群数据仓库 在上一篇文章中,我们提到了如何使用Docker官方版本的centos7搭建容器集群并实现同一ip ...

  3. Redis数据库搭建集群(集群概念、redis集群、搭建集群(配置机器1、2、创建集群、数据操作验证)、Python与redis集群交互)

    1. 集群的概念 集群是一组相互独立的.通过高速网络互联的计算机,它们构成了一个组,并以单一系统的模式加以管理.一个客户与集群相互作用时,集群像是一个独立的服务器.集群配置是用于提高可用性和可缩放性. ...

  4. redis 主从配置_应用 | Redis实现 主从,单例,集群,哨兵,配置应用

    小小经过一天的休整 公众号更新规则:每周六将会停更一次,进行短期的休整,其余时间继续每天一更. 思维导图如下 Redis 主从配置 这里配置Redis主从 什么是主从 主从复制,是指把一台Redis服 ...

  5. cdh sqoop 配置_相比于手动搭建集群,使用Ambari或者CDH的必要性

    1. Ambari简介 Apache Ambari是一种基于Web的工具,支持Apache Hadoop集群的供应.管理和监控.Ambari已支持大多数Hadoop组件,包括HDFS.MapReduc ...

  6. 配置phoenix连接hbase_使用 Phoenix-4.11.0连接 Hbase 集群 ,并使用 JDBC 查询测试

    什么是 Phoenix ? Apache Phoenix 是运行在Hbase之上的高性能关系型数据库,通过Phoenix可以像使用jdbc访问关系型数据库一样访问hbase. Phoenix,操作的表 ...

  7. nginx反向代理模块配置详解_Nginx(三):反向代理负载均衡集群配置详解

    概述: 本篇主要总结Nginx实现反向代理和负载均衡功能相关模块的配置说明.主要使用到的模块如下:ngx_http_proxy_moduleNginx实现反向代理功能 ngx_http_upstrea ...

  8. Elasticsearch学习(十九)Elasticsearch8 搭建集群自动生成https证书

    目录 前言 一.初始化节点 二.新节点加入 三.第三个节点 四.问题 前言 安装elasticsearch之后,启动es节点,让es自动生成安全证书. 一.初始化节点 1.重新创建节点 删除之前的es ...

  9. nginx工作笔记005---nginx配置负载均衡_在微服务中实现网关集群_实现TCP传输层协议__http协议的负载均衡

    技术交流QQ群[JAVA,C++,Python,.NET,BigData,AI]:170933152 我们在微服务中,由于网关的存在,后来,在nginx中都不需要在配置其他服务的地址了,只需要,配置一 ...

最新文章

  1. PCB 围绕CAM自动化,打造PCB规则引擎
  2. GitLab 502问题的解决
  3. linux top命令简介
  4. Mr.J--代码雨( Matrix)
  5. Linux运维(三)
  6. 电脑桌面数字时钟c语言,DesktopDigitalClock(桌面数字时钟)
  7. 【HTML/CSS】表单美化
  8. Centos7下载linux内核源码
  9. Robo3T连接远程mongodb
  10. 网络传输的七层协议(包括tcp协议和udp协议的区别)
  11. 播放音乐的html代码,音乐播放器-html代码
  12. Layer btnAlign 失效问题解决方法
  13. 第一次写正规论文的同学务必分享,排版自动排版,加注释。。。。。。等等!!!!!!!!(copy也得整出档次来啊,这就是门面啊)
  14. laydate-v5.0.9自定义小时范围和分钟间隔(半小时)
  15. 为什么令牌不是基于“所知”
  16. 基于EasyIPCamera实现的数字网络摄像机IPCamera的模拟器IPC RTSP Simulator
  17. 计算机打字比赛活动策划书怎么写,打字比赛策划书范文
  18. 3D 智慧农场可视化——解锁绿色生态田园
  19. python等比例压缩图片_python图片等比例压缩
  20. 马斯克裁员推特,对互联网行业的影响……

热门文章

  1. 商业银行相关不良资产监管指标大全
  2. python自动化测试学习笔记合集
  3. 推荐几本纳米级光刻机书籍
  4. 戴尔计算机主机型号,戴尔电脑在哪看型号_戴尔电脑型号怎么看
  5. 【tensorflow】制作自己的数据集
  6. JS实现:哔哩哔哩2020校园招聘技术类笔试卷(二)
  7. 通知与服务——消息通知——通知推送Notification
  8. Win2003合并磁盘分区
  9. intel固态硬盘误删文件该如何进行恢复
  10. 图解图库JanusGraph系列-一文知晓“图数据“底层存储结构(JanusGraph data model)