一、环境版本
- Kubernetes1.23.1
- Elasticsearch7.16.2
- Kuboard3.3.0
- Kibana7.16.2
- Harbor2.4.2
1.知识点分析:
Kubernetes是Google开源的一个容器编排引擎,它支持自动化部署、大规模可伸缩、应用容器化管理。在生产环境中部署一个应用程序时,通常要部署该应用的多个实例以便对应用请求进行负载均衡。
Elasticsearch 是一个分布式、高扩展、高实时的搜索与数据分析引擎。它能很方便的使大量数据具有搜索、分析和探索的能力。充分利用Elasticsearch的水平伸缩性,能使数据在生产环境变得更有价值。
Kuboard,是一款免费的 Kubernetes 图形化管理工具,Kuboard 力图帮助用户快速在 Kubernetes 上落地微服务。
Kibana 是一款开源的数据分析和可视化平台,设计用于和 Elasticsearch 协作。可以使用 Kibana 对 Elasticsearch 索引中的数据进行搜索、查看、交互操作。您可以很方便的利用图表、表格及地图对数据进行多元化的分析和呈现。
Harbor是一个企业级私有 Registry 服务器,Harbor 提供了更好的性能和安全。提升用户使用 Registry 构建和运行环境传输镜像的效率。Harbor 支持安装在多个 Registry 节点的镜像资源复制,镜像全部保存在私有 Registry 中, 确保数据和知识产权在公司内部网络中管控。另外,Harbor 也提供了高级的安全特性,诸如用户管理,访问控制和活动审计等。
2.服务分布:
IP角色主机名pod10.111.13.2mastermaster-1es-master、es-data、es-client10.111.13.4mastermaster-2es-master、es-data、es-client10.111.13.14mastermaster-3es-master、es-data、es-client、kibana10.111.13.5nodenode-1es-data、10.111.13.41nodenode-5es-data、
(主机节点选择无要求,随意挑选5个节点给大家演示的)
二、部署kuboard
文章没写部署的参考之前文章即可:
【Kubernetes+Harbor部署参考】
1.部署kuboard 添加k8s集群
(没有镜像的小伙伴直接拉取docker pull swr.cn-east-2.myhuaweicloud.com/kuboard/kuboard:v3)
docker load --input kuboard-v3.tar //因离线部署所以需要导入
#启动kuboard容器docker run -d \
--restart=unless-stopped \
--name=kuboard \
-p 8081:80/tcp \
-p 30081:10081/tcp \
-e KUBOARD_ENDPOINT="http://10.111.13.2:8081"\
-e KUBOARD_AGENT_SERVER_TCP_PORT="30081"\
-v /srv/docker/kuboard:/data \
swr.cn-east-2.myhuaweicloud.com/kuboard/kuboard:v3
访问地址:http://主机ip:8081/
用户:admin
密码:Kuboard123
2.添加k8s集群:
之后按照提示操作添加即可!
三、部署Elasticsearch7.16.2集群
1.创建StorageClass
(采用本地持久化存储部署)
[root@master-1 es]# cat 00-sc.yaml
kind: StorageClass #类别
apiVersion: storage.k8s.io/v1
metadata:
name: local-storage #存储类名字
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
[root@master-1 es]# kubectl apply -f 00-sc.yaml
在kuboard上查看:
2.创建Namespace
[root@master-1 es]# cat 00-ns.yaml
apiVersion: v1
kind: Namespace #类别
metadata:
name: elasticsearch #名称空间名字
labels:
app: elasticsearch
[root@master-1 es]# kubectl apply -f 00-ns.yaml
3.创建证书
(没有镜像的小伙伴直接拉取 docker pull docker.elastic.co/elasticsearch/elasticsearch:7.16.2)
#利用docker容器创建证书并拷贝到当前目录[root@master-1 es]# docker run --name es-certutil -i -w /tmp docker.elastic.co/elasticsearch/elasticsearch:7.16.2 /bin/sh -c \"elasticsearch-certutil ca --out /tmp/es-ca.p12 --pass '' && \
elasticsearch-certutil cert --name security-master --dns \
security-master --ca /tmp/es-ca.p12 --pass '' --ca-pass '' --out /tmp/elastic-certificates.p12"[root@master-1 es]# docker cp es-certutil:/tmp/elastic-certificates.p12 ./
将证书创建到k8s集群里:
[root@master-1 es]# kubectl -n elasticsearch create secret generic elastic-certificates --from-file=./elastic-certificates.p12
查看证书:
4.创建3个Master节点的PV卷
[root@master-1 es]# cat 00-pv-master.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-pv-0 # pv名称
namespace: elasticsearch # 空间名称
labels:
name: local-storage-pv-0 # 标签名
spec:
capacity:
storage: 100Gi # 容量
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain # 回收策略
storageClassName: local-storage # 关联的存储类
local:
path: /srv/esdata # 宿主机路径。要手动在主机创建访目录
nodeAffinity:
required:
nodeSelectorTerms: # 节点选择
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-1 # 根据自己节点名称
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-pv-1
namespace: elasticsearch
labels:
name: local-storage-pv-1
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esdata
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-2
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-pv-2
namespace: elasticsearch
labels:
name: local-storage-pv-2
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esdata
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-3
[root@master-1 es]# kubectl apply -f 00-pv-master.yaml
5.部署Master节点
[root@master-1 es]# cat 01-es-master.yaml
apiVersion: apps/v1
kind: StatefulSet #适用于持久化存储集群
metadata:
namespace: elasticsearch
name: elasticsearch-master
labels:
app: elasticsearch
role: master #承担的角色
spec:
serviceName: elasticsearch-master
replicas: 3#负载3
selector:
matchLabels:
app: elasticsearch
role: master
template:
metadata:
labels:
app: elasticsearch
role: master
spec:
containers:
- name: elasticsearch
image: 10.111.13.4:8080/jsjb/docker.elastic.co/elasticsearch/elasticsearch:7.16.2 #私有镜像地址
command: ["bash", "-c", "ulimit -l unlimited && sysctl -w vm.max_map_count=262144 && chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/data && exec su elasticsearch docker-entrypoint.sh"]
ports:
- containerPort: 9200
name: http
- containerPort: 9300
name: transport
env:
#- name: discovery.seed_hosts# value: "elasticsearch-master-0.elasticsearch-master,elasticsearch-master-1.elasticsearch-master,elasticsearch-master-2.elasticsearch-master"
- name: discovery.seed_hosts #es集群host(k8s独有的集群命名规则)
value: "elasticsearch-master-0.elasticsearch-master,elasticsearch-master-1.elasticsearch-master,elasticsearch-master-2.elasticsearch-master,elasticsearch-data-0.elasticsearch-data,elasticsearch-data-1.elasticsearch-data,elasticsearch-data-2.elasticsearch-data,elasticsearch-data-3.elasticsearch-data,elasticsearch-data-4.elasticsearch-data,elasticsearch-client-0.elasticsearch-client,elasticsearch-client-1.elasticsearch-client,elasticsearch-client-2.elasticsearch-client"
- name: cluster.initial_master_nodes
value: "elasticsearch-master-0,elasticsearch-master-1,elasticsearch-master-2"
- name: ES_JAVA_OPTS
value: -Xms1G -Xmx1G #限制jvm运行内存
- name: node.master #主负责调度
value: "true"#特别注意打开对应的角色关闭其他角色
- name: node.ingest #负责客户端访问
value: "false"
- name: node.data #负责数据存储
value: "false"
- name: cluster.name
value: "elasticsearch"
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: xpack.security.enabled
value: "true"
- name: xpack.security.transport.ssl.enabled
value: "true"
- name: xpack.monitoring.collection.enabled
value: "true"
- name: xpack.security.transport.ssl.verification_mode
value: "certificate"
- name: xpack.security.transport.ssl.keystore.path
value: "/usr/share/elasticsearch/config/elastic-certificates.p12"
- name: xpack.security.transport.ssl.truststore.path
value: "/usr/share/elasticsearch/config/elastic-certificates.p12"
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: pv-storage-elastic-master #名字要和volumeClaimTemplates的一致
- name: elastic-certificates #刚才创建的证书挂载到pod里
readOnly: true
mountPath: "/usr/share/elasticsearch/config/elastic-certificates.p12"
subPath: elastic-certificates.p12
- mountPath: /etc/localtime
name: localtime
securityContext:
privileged: true
volumes:
- name: elastic-certificates
secret:
secretName: elastic-certificates
- hostPath:
path: /etc/localtime
name: localtime
volumeClaimTemplates:
- metadata:
name: pv-storage-elastic-master #volumeMounts会用到
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: "local-storage"#之前创建的存储类名字
resources:
requests:
storage: 100Gi
[root@master-1 es]# kubectl apply -f 01-es-master.yaml
回到kuboard查看
6.创建Data节点的PV卷
[root@master-1 es]# cat 00-pv-data.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-data-0 # pv名称
namespace: elasticsearch # 空间名称
labels:
name: local-storage-data-0 # 标签名
spec:
capacity:
storage: 100Gi # 容量
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain # 回收策略
storageClassName: local-storage # 关联的存储类
local:
path: /srv/esnode-data # 宿主机路径。要手动在主机创建访目录
nodeAffinity:
required:
nodeSelectorTerms: # 节点选择
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-1 # 根据自己节点名称
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-data-1
namespace: elasticsearch
labels:
name: local-storage-data-1
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esnode-data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-2
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-data-2
namespace: elasticsearch
labels:
name: local-storage-data-2
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esnode-data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-3
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-data-3
namespace: elasticsearch
labels:
name: local-storage-data-3
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esnode-data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- node-1
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-data-4
namespace: elasticsearch
labels:
name: local-storage-data-4
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esnode-data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- node-5
[root@master-1 es]# kubectl apply -f 00-pv-data.yaml
7.部署Data节点
(配置文件就不解释了,同上pv)
[root@master-1 es]# cat 02-es-data.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
namespace: elasticsearch
name: elasticsearch-data
labels:
app: elasticsearch
role: data
spec:
serviceName: elasticsearch-data
replicas: 5
selector:
matchLabels:
app: elasticsearch
role: data
template:
metadata:
labels:
app: elasticsearch
role: data
spec:
containers:
- name: elasticsearch
image: 10.111.13.4:8080/jsjb/docker.elastic.co/elasticsearch/elasticsearch:7.16.2
command: ["bash", "-c", "ulimit -l unlimited && sysctl -w vm.max_map_count=262144 && chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/data && exec su elasticsearch docker-entrypoint.sh"]
ports:
- containerPort: 9200
name: http
- containerPort: 9300
name: transport
env:
#- name: discovery.seed_hosts# value: "elasticsearch-master-0.elasticsearch-master,elasticsearch-master-1.elasticsearch-master,elasticsearch-master-2.elasticsearch-master"
- name: discovery.seed_hosts
value: "elasticsearch-master-0.elasticsearch-master,elasticsearch-master-1.elasticsearch-master,elasticsearch-master-2.elasticsearch-master,elasticsearch-data-0.elasticsearch-data,elasticsearch-data-1.elasticsearch-data,elasticsearch-data-2.elasticsearch-data,elasticsearch-data-3.elasticsearch-data,elasticsearch-data-4.elasticsearch-data,elasticsearch-client-0.elasticsearch-client,elasticsearch-client-1.elasticsearch-client,elasticsearch-client-2.elasticsearch-client"
- name: cluster.initial_master_nodes
value: "elasticsearch-master-0,elasticsearch-master-1,elasticsearch-master-2"
- name: ES_JAVA_OPTS
value: -Xms1G -Xmx1G
- name: node.master
value: "false"
- name: node.ingest
value: "false"
- name: node.data
value: "true"
- name: cluster.name
value: "elasticsearch"
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: xpack.security.enabled
value: "true"
- name: xpack.security.transport.ssl.enabled
value: "true"
- name: xpack.monitoring.collection.enabled
value: "true"
- name: xpack.security.transport.ssl.verification_mode
value: "certificate"
- name: xpack.security.transport.ssl.keystore.path
value: "/usr/share/elasticsearch/config/elastic-certificates.p12"
- name: xpack.security.transport.ssl.truststore.path
value: "/usr/share/elasticsearch/config/elastic-certificates.p12"
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: pv-storage-elastic-data
- name: elastic-certificates
readOnly: true
mountPath: "/usr/share/elasticsearch/config/elastic-certificates.p12"
subPath: elastic-certificates.p12
- mountPath: /etc/localtime
name: localtime
securityContext:
privileged: true
volumes:
- name: elastic-certificates
secret:
secretName: elastic-certificates
- hostPath:
path: /etc/localtime
name: localtime
volumeClaimTemplates:
- metadata:
name: pv-storage-elastic-data
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: "local-storage"
resources:
requests:
storage: 100Gi
[root@master-1 es]# kubectl apply -f 02-es-data.yaml
8.创建Client节点的PV卷
[root@master-1 es]# cat 00-pv-client.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-client-0 # pv名称
namespace: elasticsearch # 空间名称
labels:
name: local-storage-client-0 # 标签名
spec:
capacity:
storage: 100Gi # 容量
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain # 回收策略
storageClassName: local-storage # 关联的存储类
local:
path: /srv/esclient-data # 宿主机路径。要手动在主机创建访目录
nodeAffinity:
required:
nodeSelectorTerms: # 节点选择
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-1 # 根据自己节点名称
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-client-1
namespace: elasticsearch
labels:
name: local-storage-client-1
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esclient-data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-2
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-storage-client-2
namespace: elasticsearch
labels:
name: local-storage-client-2
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
local:
path: /srv/esclient-data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- master-3
[root@master-1 es]# kubectl apply -f 00-pv-client.yaml
9.部署Client节点
[root@master-1 es]# cat 02-es-client.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
namespace: elasticsearch
name: elasticsearch-client
labels:
app: elasticsearch
role: client
spec:
serviceName: elasticsearch-client
replicas: 3
selector:
matchLabels:
app: elasticsearch
role: client
template:
metadata:
labels:
app: elasticsearch
role: client
spec:
containers:
- name: elasticsearch
image: 10.111.13.4:8080/jsjb/docker.elastic.co/elasticsearch/elasticsearch:7.16.2
command: ["bash", "-c", "ulimit -l unlimited && sysctl -w vm.max_map_count=262144 && chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/data && exec su elasticsearch docker-entrypoint.sh"]
ports:
- containerPort: 9200
name: http
- containerPort: 9300
name: transport
env:
#- name: discovery.seed_hosts# value: "elasticsearch-master-0.elasticsearch-master,elasticsearch-master-1.elasticsearch-master,elasticsearch-master-2.elasticsearch-master"
- name: discovery.seed_hosts
value: "elasticsearch-master-0.elasticsearch-master,elasticsearch-master-1.elasticsearch-master,elasticsearch-master-2.elasticsearch-master,elasticsearch-data-0.elasticsearch-data,elasticsearch-data-1.elasticsearch-data,elasticsearch-data-2.elasticsearch-data,elasticsearch-data-3.elasticsearch-data,elasticsearch-data-4.elasticsearch-data,elasticsearch-client-0.elasticsearch-client,elasticsearch-client-1.elasticsearch-client,elasticsearch-client-2.elasticsearch-client"
- name: cluster.initial_master_nodes
value: "elasticsearch-master-0,elasticsearch-master-1,elasticsearch-master-2"
- name: ES_JAVA_OPTS
value: -Xms1G -Xmx1G
- name: node.master
value: "false"
- name: node.ingest
value: "true"
- name: node.data
value: "false"
- name: cluster.name
value: "elasticsearch"
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: xpack.security.enabled
value: "true"
- name: xpack.security.transport.ssl.enabled
value: "true"
- name: xpack.monitoring.collection.enabled
value: "true"
- name: xpack.security.transport.ssl.verification_mode
value: "certificate"
- name: xpack.security.transport.ssl.keystore.path
value: "/usr/share/elasticsearch/config/elastic-certificates.p12"
- name: xpack.security.transport.ssl.truststore.path
value: "/usr/share/elasticsearch/config/elastic-certificates.p12"
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: pv-storage-elastic-client
- name: elastic-certificates
readOnly: true
mountPath: "/usr/share/elasticsearch/config/elastic-certificates.p12"
subPath: elastic-certificates.p12
- mountPath: /etc/localtime
name: localtime
securityContext:
privileged: true
volumes:
- name: elastic-certificates
secret:
secretName: elastic-certificates
- hostPath:
path: /etc/localtime
name: localtime
volumeClaimTemplates:
- metadata:
name: pv-storage-elastic-client
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: "local-storage"
resources:
requests:
storage: 100Gi
[root@master-1 es]# kubectl apply -f 02-es-client.yaml
10.创建Service
(用于服务发现使外部服务可以访问使用、固定clusterIP防止重启ip改变无法访问)
[root@master-1 es]# cat 04-es-service.yaml
apiVersion: v1
kind: Service
metadata:
namespace: elasticsearch
name: elasticsearch-master
labels:
app: elasticsearch
role: master
spec:
selector:
app: elasticsearch
role: master
type: NodePort
ports:
- port: 9200
nodePort: 30001
targetPort: 9200
---
apiVersion: v1
kind: Service
metadata:
namespace: elasticsearch
name: elasticsearch-data
labels:
app: elasticsearch
role: data
spec:
selector:
app: elasticsearch
role: data
type: NodePort
ports:
- port: 9200
nodePort: 30002
targetPort: 9200
---
apiVersion: v1
kind: Service
metadata:
namespace: elasticsearch
name: elasticsearch-client
labels:
app: elasticsearch
role: client
spec:
selector:
app: elasticsearch
role: client
type: NodePort
ports:
- port: 9200
nodePort: 30003
targetPort: 9200
11.设置ES集群密码
方法1:随机密码
#设置ES集群密码(如果用的auto自动获取就类似于下面随机)[root@master-1 es]# kubectl -n elasticsearch exec -it $(kubectl -n elasticsearch get pods | grep elasticsearch-master | sed -n 1p | awk '{print $1}') -- bin/elasticsearch-setup-passwords auto -b
Changed password for user apm_system
PASSWORD apm_system = vxko4ZwcjZm6U6PbxsGW
Changed password for user kibana_system
PASSWORD kibana_system = D0XzzEUsicgAWCqK0xZQ
Changed password for user kibana
PASSWORD kibana = D0XzzEUsicgAWCqK0xZQ
Changed password for user logstash_system
PASSWORD logstash_system = 4fmoXf2lofEqQtcq5wt5
Changed password for user beats_system
PASSWORD beats_system = fhndHgNnbgqtNRSIFbHV
Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = vRkXsT9VooPz6tYOAriq
Changed password for user elastic
PASSWORD elastic = H8QfDUlp290CHX8L3U2Q
方法2:自定义
通过kuboard进入master-0容器设置自定义密码:
./bin/elasticsearch-setup-passwords interactive
(回车输入自己自定义密码即可)
集群验证:
curl --user elastic:xxxxx http://10.254.162.248:9200/_cluster/health?pretty
curl --user elastic:xxxx http://10.254.162.248:9200/_cat/nodes?v
四、部署Kibana7.16.2
1.创建Secret
#密码写elastic用户的密码(跟上面创建的要相同)
kubectl -n elasticsearch create secret generic elasticsearch-password --from-literal password=xxxxx
2.部署Kibana
部署前打个标签,通过标签将pod部署到指定节点
kubectl label node master-3 node=master-3
[root@master-1 es]# cat 05-kibana.yaml
apiVersion: v1
kind: ConfigMap #配置映射
metadata:
namespace: elasticsearch
name: kibana-config #映射配置名字
labels:
app: kibana
data:
kibana.yml: |-
server.host: 0.0.0.0
i18n.locale: zh-CN #中文支持
elasticsearch: #es密码设置
hosts: ${ELASTICSEARCH_HOSTS}
username: ${ELASTICSEARCH_USER}
password: ${ELASTICSEARCH_PASSWORD}
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: kibana
name: kibana
namespace: elasticsearch
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: kibana
template:
metadata:
labels:
app: kibana
spec:
nodeSelector: #通过刚才标签下发到指定节点
node: master-3
containers:
- name: kibana
image: 10.111.13.4:8080/jsjb/kibana/kibana:7.16.2
ports:
- containerPort: 5601
protocol: TCP
env:
- name: SERVER_PUBLICBASEURL
value: "http://0.0.0.0:5601"
- name: I18N.LOCALE
value: zh-CN
- name: ELASTICSEARCH_HOSTS
value: "http://10.254.162.248:9200"
- name: ELASTICSEARCH_USER
value: "elastic"
- name: ELASTICSEARCH_PASSWORD
valueFrom:
secretKeyRef:
name: elasticsearch-password
key: password
- name: xpack.encryptedSavedObjects.encryptionKey
value: "min-32-byte-long-strong-encryption-key"
volumeMounts:
- name: kibana-config
mountPath: /usr/share/kibana/config/kibana.yml
readOnly: true
subPath: kibana.yml
- mountPath: /etc/localtime
name: localtime
volumes:
- name: kibana-config #挂在映射配置
configMap:
name: kibana-config #映射配置的名字
- hostPath:
path: /etc/localtime
name: localtime
---
kind: Service
apiVersion: v1
metadata:
labels:
app: kibana
name: kibana-service
namespace: elasticsearch
spec:
ports:
- port: 5601
targetPort: 5601
nodePort: 30004
type: NodePort
selector:
app: kibana
[root@master-1 es]# kubectl apply -f 05-kibana.yaml
Kibana上检测集群
五、结束语
到此Kubernetes1.23.1+Elasticsearch7.16.2+Kibana7.16.2部署完毕,部署过程中有疑问的欢迎留言提问,感谢大家一直以来的支持,点点关注收藏吧!后期推出k8s上es集群安装ik分词器教程,欢迎大家来采文呀!
本文转载自: https://blog.csdn.net/qq_43417559/article/details/127346481
版权归原作者 cs阿坤dn 所有, 如有侵权,请联系我们删除。
版权归原作者 cs阿坤dn 所有, 如有侵权,请联系我们删除。