搜索到
211
篇与
默认分类
的结果
-
升级二进制kubernetes集群(大版本升级) 升级二进制kubernetes集群(大版本升级)此文档基于我的二进制安装仓库 https://github.com/cby-chen/Kubernetes基础操作查看当前版本信息[root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready <none> 110d v1.34.3 k8s-master02 Ready <none> 110d v1.34.3 k8s-master03 Ready <none> 110d v1.34.3 k8s-node01 Ready <none> 110d v1.34.3 k8s-node02 Ready <none> 110d v1.34.3 [root@k8s-master01 ~]# 主机域名以及IP地址[root@k8s-master01 ~]# cat /etc/hosts | grep k8s 192.168.1.31 k8s-master01 192.168.1.32 k8s-master02 192.168.1.33 k8s-master03 192.168.1.34 k8s-node01 192.168.1.35 k8s-node02 fc00::31 k8s-master01 fc00::32 k8s-master02 fc00::33 k8s-master03 fc00::34 k8s-node01 fc00::35 k8s-node02 [root@k8s-master01 ~]# 下载二进制安装包[root@k8s-master01 ~]# wget https://dl.k8s.io/v1.34.3/kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]# wget https://dl.k8s.io/v1.35.0/kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]#解压二进制安装包[root@k8s-master01 ~]# tar xf kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]# 升级Maser升级三台主节点上的客户端[root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.32:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.33:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# kubectl version Client Version: v1.35.0 Kustomize Version: v5.7.1 Server Version: v1.34.3 [root@k8s-master01 ~]# 升级三台主节点api组件[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-apiserver root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-apiserver --version Kubernetes v1.35.0 [root@k8s-master01 ~]# 升级三台主节点控制器组件[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-controller-manager" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-controller-manager root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-controller-manager" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-controller-manager" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-controller-manager --version Kubernetes v1.35.0 [root@k8s-master01 ~]# 升级三台主节点选择器组件[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-scheduler" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-scheduler root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-scheduler" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-scheduler" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-scheduler --version Kubernetes v1.35.0 [root@k8s-master01 ~]# 升级Worker每一台机器都要升级kubelet[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubelet root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "kubelet --version" Kubernetes v1.35.0 [root@k8s-master01 ~]#每一台机器都要升级kube-proxy[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-proxy" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-proxy root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-proxy" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-proxy" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-proxy --version Kubernetes v1.35.0 [root@k8s-master01 ~]#验证[root@k8s-master01 ~]# systemctl start kube-proxy [root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready <none> 111d v1.35.0 k8s-master02 Ready <none> 111d v1.35.0 k8s-master03 Ready <none> 111d v1.35.0 k8s-node01 Ready <none> 111d v1.35.0 k8s-node02 Ready <none> 111d v1.35.0 [root@k8s-master01 ~]# kubectl version Client Version: v1.35.0 Kustomize Version: v5.7.1 Server Version: v1.35.0 [root@k8s-master01 ~]# 关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号 -
升级二进制kubernetes集群(小版本升级) 升级二进制kubernetes集群(小版本升级)此文档基于我的二进制安装仓库 https://github.com/cby-chen/Kubernetes基础操作查看当前版本信息[root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready <none> 110d v1.34.0 k8s-master02 Ready <none> 110d v1.34.0 k8s-master03 Ready <none> 110d v1.34.0 k8s-node01 Ready <none> 110d v1.34.0 k8s-node02 Ready <none> 110d v1.34.0 [root@k8s-master01 ~]# 主机域名以及IP地址[root@k8s-master01 ~]# cat /etc/hosts | grep k8s 192.168.1.31 k8s-master01 192.168.1.32 k8s-master02 192.168.1.33 k8s-master03 192.168.1.34 k8s-node01 192.168.1.35 k8s-node02 fc00::31 k8s-master01 fc00::32 k8s-master02 fc00::33 k8s-master03 fc00::34 k8s-node01 fc00::35 k8s-node02 [root@k8s-master01 ~]# 下载二进制安装包[root@k8s-master01 ~]# wget https://dl.k8s.io/v1.34.3/kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]# wget https://dl.k8s.io/v1.35.0/kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]#解压二进制安装包[root@k8s-master01 ~]# tar xf kubernetes-server-linux-amd64.tar.gz [root@k8s-master01 ~]# 升级Maser升级三台主节点上的客户端[root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.32:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubectl root@192.168.1.33:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# kubectl version Client Version: v1.34.3 Kustomize Version: v5.7.1 Server Version: v1.34.0 [root@k8s-master01 ~]# 升级三台主节点api组件[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-apiserver root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-apiserver" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-apiserver --version Kubernetes v1.34.3 [root@k8s-master01 ~]# 升级三台主节点控制器组件[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-controller-manager" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-controller-manager root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-controller-manager" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-controller-manager" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-controller-manager --version Kubernetes v1.34.3 [root@k8s-master01 ~]# 升级三台主节点选择器组件[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-scheduler" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-scheduler root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-scheduler" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-scheduler" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-scheduler --version Kubernetes v1.34.3 [root@k8s-master01 ~]# 升级Worker每一台机器都要升级kubelet[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kubelet root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kubelet" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "kubelet --version" Kubernetes v1.34.3 [root@k8s-master01 ~]#每一台机器都要升级kube-proxy[root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl stop kube-proxy" [root@k8s-master01 ~]# [root@k8s-master01 ~]# scp kubernetes/server/bin/kube-proxy root@192.168.1.31:/usr/local/bin/ [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl start kube-proxy" [root@k8s-master01 ~]# [root@k8s-master01 ~]# ssh root@192.168.1.31 "systemctl status kube-proxy" [root@k8s-master01 ~]# [root@k8s-master01 ~]# kube-proxy --version验证[root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready <none> 110d v1.34.3 k8s-master02 Ready <none> 110d v1.34.3 k8s-master03 Ready <none> 110d v1.34.3 k8s-node01 Ready <none> 110d v1.34.3 k8s-node02 Ready <none> 110d v1.34.3 [root@k8s-master01 ~]# [root@k8s-master01 ~]# kubectl version Client Version: v1.34.3 Kustomize Version: v5.7.1 Server Version: v1.34.3 [root@k8s-master01 ~]# 关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号
-
Elasticsearch常用运维命令 Elasticsearch常用运维命令Elasticsearch 的运维命令主要集中在使用其 RESTful API 上。这些命令可以通过任何 HTTP 客户端(如 curl、Kibana Dev Tools、Postman 等)来执行。集群健康与状态信息这是运维中最常用的一组命令,用于快速了解集群的整体状态。查看集群健康状态[root@k8s-192-168-1-140 ~]# PASSWORD=$(kubectl get secret quickstart-es-elastic-user -o go-template='{{.data.elastic | base64decode}}') [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/health?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/health?pretty" { "cluster_name" : "quickstart", "status" : "green", "timed_out" : false, "number_of_nodes" : 1, "number_of_data_nodes" : 1, "active_primary_shards" : 39, "active_shards" : 39, "relocating_shards" : 0, "initializing_shards" : 0, "unassigned_shards" : 0, "unassigned_primary_shards" : 0, "delayed_unassigned_shards" : 0, "number_of_pending_tasks" : 0, "number_of_in_flight_fetch" : 0, "task_max_waiting_in_queue_millis" : 0, "active_shards_percent_as_number" : 100.0 } [root@k8s-192-168-1-140 ~]# 查看集群详细状态(包含节点、索引信息)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/state?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/state?pretty" --------略 { "state" : "STARTED", "primary" : true, "node" : "N9j3pRcUR06S4vCsRcdnWw", "relocating_node" : null, "shard" : 0, "index" : ".internal.alerts-observability.metrics.alerts-default-000001", "allocation_id" : { "id" : "5onDdIVtS6WBHRBQeCB7PQ" }, "relocation_failure_info" : { "failed_attempts" : 0 } }, { "state" : "STARTED", "primary" : true, "node" : "N9j3pRcUR06S4vCsRcdnWw", "relocating_node" : null, "shard" : 0, "index" : ".ds-ilm-history-7-2025.12.12-000001", "allocation_id" : { "id" : "58PpB0LGQ6iabrqO5VLKqw" }, "relocation_failure_info" : { "failed_attempts" : 0 } } ] } }, "health" : { "disk" : { "high_watermark" : "90%", "high_max_headroom" : "150gb", "flood_stage_watermark" : "95%", "flood_stage_max_headroom" : "100gb", "frozen_flood_stage_watermark" : "95%", "frozen_flood_stage_max_headroom" : "20gb" }, "shard_limits" : { "max_shards_per_node" : 1000, "max_shards_per_node_frozen" : 3000 } } } [root@k8s-192-168-1-140 ~]# 查看节点信息(节点角色、负载等)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/nodes?v&pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/nodes?v&pretty" ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name 172.20.246.81 20 90 2 0.12 0.24 0.30 cdfhilmrstw * quickstart-es-default-0 [root@k8s-192-168-1-140 ~]# 查看所有节点统计信息(CPU,内存,磁盘等)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_nodes/stats?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_nodes/stats?pretty" { "_nodes" : { "total" : 1, "successful" : 1, "failed" : 0 }, "cluster_name" : "quickstart", "nodes" : { "N9j3pRcUR06S4vCsRcdnWw" : { "timestamp" : 1765552084622, "name" : "quickstart-es-default-0", "transport_address" : "172.20.246.81:9300", "host" : "172.20.246.81", "ip" : "172.20.246.81:9300", "roles" : [ "data", "data_cold", "data_content", "data_frozen", "data_hot", "data_warm", "ingest", "master", "ml", "remote_cluster_client", "transform" ], "attributes" : { "k8s_node_name" : "k8s-192-168-1-140", "transform.config_version" : "10.0.0", "xpack.installed" : "true", "ml.allocated_processors" : "4", "ml.max_jvm_size" : "1073741824", "ml.config_version" : "12.0.0", "ml.machine_memory" : "2147483648", "ml.allocated_processors_double" : "4.0" }, "indices" : { "docs" : { "count" : 704, "deleted" : 33, "total_size_in_bytes" : 3277982 }, "shard_stats" : { "total_count" : 39 }, "store" : { "size_in_bytes" : 3463658, "total_data_set_size_in_bytes" : 3463658, "reserved_in_bytes" : 0 }, ---------略 "indexing_pressure" : { "memory" : { "current" : { "combined_coordinating_and_primary_in_bytes" : 0, "coordinating_in_bytes" : 0, "primary_in_bytes" : 0, "replica_in_bytes" : 0, "all_in_bytes" : 0 }, "total" : { "combined_coordinating_and_primary_in_bytes" : 17013966, "coordinating_in_bytes" : 6251254, "primary_in_bytes" : 17072110, "replica_in_bytes" : 0, "all_in_bytes" : 17013966, "coordinating_rejections" : 0, "primary_rejections" : 0, "replica_rejections" : 0, "primary_document_rejections" : 0, "large_operation_rejections" : 0 }, "limit_in_bytes" : 107374182 } }, "repositories" : { }, "allocations" : { "shards" : 39, "undesired_shards" : 0, "forecasted_ingest_load" : 0.0, "forecasted_disk_usage_in_bytes" : 3540384, "current_disk_usage_in_bytes" : 3540384 } } } }关键指标解读:status: green(健康),yellow(数据完整,但副本未分配),red(数据丢失或主分片缺失),只有一个索引出现red则集群就是red。number_of_nodes: 集群中节点总数。unassigned_shards: 未分配的分片数,yellow 或 red 状态的直接原因,集群状态的修复,其实就是修复这里。检查pending taskscurl -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/pending_tasks?pretty" [root@k8s-192-168-1-140 ~]# curl -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/pending_tasks?pretty" { "tasks" : [ ] } [root@k8s-192-168-1-140 ~]#检查节点统计(包括JVM)curl -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_nodes/stats/jvm?pretty" [root@k8s-192-168-1-140 ~]# curl -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_nodes/stats/jvm?pretty" { "_nodes" : { "total" : 1, "successful" : 1, "failed" : 0 }, "cluster_name" : "quickstart", "nodes" : { "N9j3pRcUR06S4vCsRcdnWw" : { "timestamp" : 1765556768340, "name" : "quickstart-es-default-0", "transport_address" : "172.20.246.81:9300", "host" : "172.20.246.81", "ip" : "172.20.246.81:9300", "roles" : [ "data", "data_cold", "data_content", "data_frozen", "data_hot", "data_warm", "ingest", "master", "ml", "remote_cluster_client", "transform" ], "attributes" : { "k8s_node_name" : "k8s-192-168-1-140", "transform.config_version" : "10.0.0", "xpack.installed" : "true", "ml.allocated_processors" : "4", "ml.max_jvm_size" : "1073741824", "ml.config_version" : "12.0.0", "ml.machine_memory" : "2147483648", "ml.allocated_processors_double" : "4.0" }, "jvm" : { "timestamp" : 1765556768340, "uptime_in_millis" : 8190447, "mem" : { "heap_used_in_bytes" : 367588160, "heap_used_percent" : 34, "heap_committed_in_bytes" : 1073741824, "heap_max_in_bytes" : 1073741824, "non_heap_used_in_bytes" : 254902992, "non_heap_committed_in_bytes" : 288817152, "pools" : { "CodeHeap 'non-nmethods'" : { "used_in_bytes" : 2897024, "max_in_bytes" : 5832704, "peak_used_in_bytes" : 3078400, "peak_max_in_bytes" : 5832704 }, "Metaspace" : { "used_in_bytes" : 188019056, "max_in_bytes" : 0, "peak_used_in_bytes" : 188019056, "peak_max_in_bytes" : 0 }, "CodeHeap 'profiled nmethods'" : { "used_in_bytes" : 22557696, "max_in_bytes" : 122908672, "peak_used_in_bytes" : 47959168, "peak_max_in_bytes" : 122908672 }, "Compressed Class Space" : { "used_in_bytes" : 22554848, "max_in_bytes" : 1073741824, "peak_used_in_bytes" : 22558024, "peak_max_in_bytes" : 1073741824 }, "young" : { "used_in_bytes" : 218103808, "max_in_bytes" : 0, "peak_used_in_bytes" : 629145600, "peak_max_in_bytes" : 0 }, "old" : { "used_in_bytes" : 142159792, "max_in_bytes" : 1073741824, "peak_used_in_bytes" : 142159792, "peak_max_in_bytes" : 1073741824 }, "survivor" : { "used_in_bytes" : 7324560, "max_in_bytes" : 0, "peak_used_in_bytes" : 54525952, "peak_max_in_bytes" : 0 }, "CodeHeap 'non-profiled nmethods'" : { "used_in_bytes" : 18874368, "max_in_bytes" : 122916864, "peak_used_in_bytes" : 21230464, "peak_max_in_bytes" : 122916864 } } }, "threads" : { "count" : 102, "peak_count" : 107 }, "gc" : { "collectors" : { "young" : { "collection_count" : 49, "collection_time_in_millis" : 567 }, "G1 Concurrent GC" : { "collection_count" : 32, "collection_time_in_millis" : 299 }, "old" : { "collection_count" : 0, "collection_time_in_millis" : 0 } } }, "buffer_pools" : { "mapped" : { "count" : 0, "used_in_bytes" : 0, "total_capacity_in_bytes" : 0 }, "direct" : { "count" : 19, "used_in_bytes" : 4849681, "total_capacity_in_bytes" : 4849675 }, "mapped - 'non-volatile memory'" : { "count" : 0, "used_in_bytes" : 0, "total_capacity_in_bytes" : 0 } }, "classes" : { "current_loaded_count" : 37618, "total_loaded_count" : 39057, "total_unloaded_count" : 1439 } } } } } [root@k8s-192-168-1-140 ~]#索引管理简单创建索引curl -X PUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby?pretty" -H 'Content-Type: application/json' -d' { "settings": { "number_of_shards": 3, "number_of_replicas": 1 }, "mappings": { "properties": { "title": { "type": "text" }, "content": { "type": "text" }, "timestamp": { "type": "date" } } } } ' [root@k8s-192-168-1-140 ~]# curl -X PUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby?pretty" -H 'Content-Type: application/json' -d' { "settings": { "number_of_shards": 3, "number_of_replicas": 1 }, "mappings": { "properties": { "title": { "type": "text" }, "content": { "type": "text" }, "timestamp": { "type": "date" } } } } ' { "acknowledged" : true, "shards_acknowledged" : true, "index" : "cby" } [root@k8s-192-168-1-140 ~]#查看所有索引(包含文档数、存储大小等)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/indices?v&pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/indices?v&pretty" health status index uuid pri rep docs.count docs.deleted store.size pri.store.size dataset.size green open .internal.alerts-transform.health.alerts-default-000001 a2rSAm8mS-SrwYku3uAYLQ 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.logs.alerts-default-000001 kfuEckcpSmGERMea6-K7SQ 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.uptime.alerts-default-000001 LjhwWuZjRlah9zJKu2Q1bQ 1 0 0 0 249b 249b 249b green open .internal.alerts-ml.anomaly-detection.alerts-default-000001 1T4CZbf5T8SG1goXXn-07w 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.slo.alerts-default-000001 4M4iza7KQCaU2t_y6E5smQ 1 0 0 0 249b 249b 249b green open .internal.alerts-default.alerts-default-000001 y1re-StiTG-aoC6sSgcGXA 1 0 0 0 249b 249b 249b green open .internal.alerts-streams.alerts-default-000001 RNM1iJUnSvOpqy4KPNFwBQ 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.apm.alerts-default-000001 gWZKJICPQtO8-hNQsWfn8A 1 0 0 0 249b 249b 249b green open .internal.alerts-security.attack.discovery.alerts-default-000001 AW_JMgIZSjaEyHDmQapViA 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.metrics.alerts-default-000001 cPLbEFixQF2tJO7hY0GK4A 1 0 0 0 249b 249b 249b green open .internal.alerts-ml.anomaly-detection-health.alerts-default-000001 yFWgfEPoQiKnfjYYd_9rfA 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.threshold.alerts-default-000001 OfniPqsZRvWm4p0ybqZfEw 1 0 0 0 249b 249b 249b green open .internal.alerts-security.alerts-default-000001 4DrPeUpGRcm2VVlK2tytbQ 1 0 0 0 249b 249b 249b green open .internal.alerts-dataset.quality.alerts-default-000001 1nWfrX_DTKO4VDuLULH9hw 1 0 0 0 249b 249b 249b yellow open cby Xu_XibxhQGSSdVTvZac3OA 3 1 0 0 681b 681b 681b green open .internal.alerts-stack.alerts-default-000001 sqLxcGqeS22EbJJ2XBMJvQ 1 0 0 0 249b 249b 249b [root@k8s-192-168-1-140 ~]#查看特定索引的状态curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/indices/cby?v&pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/indices/cby?v&pretty" health status index uuid pri rep docs.count docs.deleted store.size pri.store.size dataset.size yellow open cby Xu_XibxhQGSSdVTvZac3OA 3 1 0 0 681b 681b 681b [root@k8s-192-168-1-140 ~]# 查看索引的详细统计信息curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_stats?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_stats?pretty" { "_shards" : { "total" : 6, "successful" : 3, "failed" : 0 }, "_all" : { "primaries" : { "docs" : { "count" : 0, "deleted" : 0, "total_size_in_bytes" : 0 }, -----略 "dense_vector" : { "value_count" : 0, "off_heap" : { "total_size_bytes" : 0, "total_veb_size_bytes" : 0, "total_vec_size_bytes" : 0, "total_veq_size_bytes" : 0, "total_vex_size_bytes" : 0 } }, "sparse_vector" : { "value_count" : 0 } } } } } [root@k8s-192-168-1-140 ~]# 查看索引的映射(mapping)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_mapping?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_mapping?pretty" { "cby" : { "mappings" : { "properties" : { "content" : { "type" : "text" }, "timestamp" : { "type" : "date" }, "title" : { "type" : "text" } } } } } [root@k8s-192-168-1-140 ~]# 查看索引的设置(settings)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings?pretty" { "cby" : { "settings" : { "index" : { "routing" : { "allocation" : { "include" : { "_tier_preference" : "data_content" } } }, "number_of_shards" : "3", "provided_name" : "cby", "creation_date" : "1765552408698", "number_of_replicas" : "1", "uuid" : "Xu_XibxhQGSSdVTvZac3OA", "version" : { "created" : "9039002" } } } } } [root@k8s-192-168-1-140 ~]# 删除索引(危险操作!) curl -XDELETE -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby" [root@k8s-192-168-1-140 ~]# curl -XDELETE -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby" {"acknowledged":true} [root@k8s-192-168-1-140 ~]# 关闭索引(保留数据但不再读写,节省资源)curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_close" [root@k8s-192-168-1-140 ~]# curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_close" {"acknowledged":true,"shards_acknowledged":true,"indices":{"cby":{"closed":true}}} [root@k8s-192-168-1-140 ~]# 打开索引curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_open" [root@k8s-192-168-1-140 ~]# curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_open" {"acknowledged":true,"shards_acknowledged":true}[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# 修改索引配置(如动态修改副本数)curl -XPUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings" -H 'Content-Type: application/json' -d' { "number_of_replicas": 2 } ' [root@k8s-192-168-1-140 ~]# curl -XPUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings" -H 'Content-Type: application/json' -d' { "number_of_replicas": 2 } ' {"acknowledged":true}[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# 查看分片分配情况(非常重要!)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/shards?v&pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/shards?v&pretty" index shard prirep state docs store dataset ip node .kibana_search_solution_9.2.2_001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .slo-observability.summary-v3.5 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .kibana_task_manager_9.2.2_001 0 p STARTED 48 90.1kb 90.1kb 172.20.246.81 quickstart-es-default-0 .kibana_usage_counters_9.2.2_001 0 p STARTED 82 64.9kb 64.9kb 172.20.246.81 quickstart-es-default-0 .kibana_alerting_cases_9.2.2_001 0 p STARTED 1 7.5kb 7.5kb 172.20.246.81 quickstart-es-default-0 cby 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 cby 0 r UNASSIGNED cby 0 r UNASSIGNED cby 1 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 cby 1 r UNASSIGNED cby 1 r UNASSIGNED cby 2 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 cby 2 r UNASSIGNED cby 2 r UNASSIGNED .slo-observability.summary-v3.5.temp 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-observability.slo.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .kibana_locks-000001 0 p STARTED 0 3.6kb 3.6kb 172.20.246.81 quickstart-es-default-0 .ds-.edr-workflow-insights-default-2025.12.12-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .kibana_9.2.2_001 0 p STARTED 88 86.4kb 86.4kb 172.20.246.81 quickstart-es-default-0 .ds-ilm-history-7-2025.12.12-000001 0 p STARTED 48 34.7kb 34.7kb 172.20.246.81 quickstart-es-default-0 .internal.alerts-observability.apm.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-observability.threshold.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-stack.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-transform.health.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-dataset.quality.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-streams.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-observability.uptime.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .ds-.logs-elasticsearch.deprecation-default-2025.12.12-000001 0 p STARTED 4 34.6kb 34.6kb 172.20.246.81 quickstart-es-default-0 .apm-agent-configuration 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-observability.metrics.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .slo-observability.sli-v3.5 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-ml.anomaly-detection.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .kibana_security_solution_9.2.2_001 0 p STARTED 6 61.4kb 61.4kb 172.20.246.81 quickstart-es-default-0 .internal.alerts-default.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-security.attack.discovery.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-security.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .kibana_ingest_9.2.2_001 0 p STARTED 143 294.3kb 294.3kb 172.20.246.81 quickstart-es-default-0 .internal.alerts-observability.logs.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .ds-.kibana-event-log-ds-2025.12.12-000001 0 p STARTED 1 6.3kb 6.3kb 172.20.246.81 quickstart-es-default-0 .kibana-siem-rule-migrations-integrations 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .kibana_analytics_9.2.2_001 0 p STARTED 5 1.7mb 1.7mb 172.20.246.81 quickstart-es-default-0 .security-profile-8 0 p STARTED 1 19.9kb 19.9kb 172.20.246.81 quickstart-es-default-0 .kibana_security_session_1 0 p STARTED 2 13.6kb 13.6kb 172.20.246.81 quickstart-es-default-0 .apm-custom-link 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .internal.alerts-ml.anomaly-detection-health.alerts-default-000001 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .apm-source-map 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 .security-7 0 p STARTED 288 771.8kb 771.8kb 172.20.246.81 quickstart-es-default-0 .kibana-siem-rule-migrations-prebuiltrules 0 p STARTED 0 249b 249b 172.20.246.81 quickstart-es-default-0 [root@k8s-192-168-1-140 ~]# 查看未分配的分片及原因curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/shards?v&h=index,shard,prirep,state,unassigned.reason&s=state&pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/shards?v&h=index,shard,prirep,state,unassigned.reason&s=state&pretty" index shard prirep state unassigned.reason cby 0 r UNASSIGNED INDEX_REOPENED cby 0 r UNASSIGNED REPLICA_ADDED cby 1 r UNASSIGNED INDEX_REOPENED cby 1 r UNASSIGNED REPLICA_ADDED cby 2 r UNASSIGNED INDEX_REOPENED cby 2 r UNASSIGNED REPLICA_ADDED .kibana_search_solution_9.2.2_001 0 p STARTED .slo-observability.summary-v3.5 0 p STARTED .kibana_task_manager_9.2.2_001 0 p STARTED .kibana_usage_counters_9.2.2_001 0 p STARTED .kibana_alerting_cases_9.2.2_001 0 p STARTED cby 0 p STARTED cby 1 p STARTED cby 2 p STARTED .slo-observability.summary-v3.5.temp 0 p STARTED .internal.alerts-observability.slo.alerts-default-000001 0 p STARTED .kibana_locks-000001 0 p STARTED .ds-.edr-workflow-insights-default-2025.12.12-000001 0 p STARTED .kibana_9.2.2_001 0 p STARTED .ds-ilm-history-7-2025.12.12-000001 0 p STARTED .internal.alerts-observability.apm.alerts-default-000001 0 p STARTED .internal.alerts-observability.threshold.alerts-default-000001 0 p STARTED .internal.alerts-stack.alerts-default-000001 0 p STARTED .internal.alerts-transform.health.alerts-default-000001 0 p STARTED .internal.alerts-dataset.quality.alerts-default-000001 0 p STARTED .internal.alerts-streams.alerts-default-000001 0 p STARTED .internal.alerts-observability.uptime.alerts-default-000001 0 p STARTED .ds-.logs-elasticsearch.deprecation-default-2025.12.12-000001 0 p STARTED .apm-agent-configuration 0 p STARTED .internal.alerts-observability.metrics.alerts-default-000001 0 p STARTED .slo-observability.sli-v3.5 0 p STARTED .internal.alerts-ml.anomaly-detection.alerts-default-000001 0 p STARTED .kibana_security_solution_9.2.2_001 0 p STARTED .internal.alerts-default.alerts-default-000001 0 p STARTED .internal.alerts-security.attack.discovery.alerts-default-000001 0 p STARTED .internal.alerts-security.alerts-default-000001 0 p STARTED .kibana_ingest_9.2.2_001 0 p STARTED .internal.alerts-observability.logs.alerts-default-000001 0 p STARTED .ds-.kibana-event-log-ds-2025.12.12-000001 0 p STARTED .kibana-siem-rule-migrations-integrations 0 p STARTED .kibana_analytics_9.2.2_001 0 p STARTED .security-profile-8 0 p STARTED .kibana_security_session_1 0 p STARTED .apm-custom-link 0 p STARTED .internal.alerts-ml.anomaly-detection-health.alerts-default-000001 0 p STARTED .apm-source-map 0 p STARTED .security-7 0 p STARTED .kibana-siem-rule-migrations-prebuiltrules 0 p STARTED [root@k8s-192-168-1-140 ~]# 清除节点的缓存curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_cache/clear" [root@k8s-192-168-1-140 ~]# curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_cache/clear" {"_shards":{"total":9,"successful":3,"failed":0}}[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# 清除所有的缓存curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cache/clear?pretty" [root@k8s-192-168-1-140 ~]# curl -XPOST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cache/clear?pretty" { "_shards" : { "total" : 21, "successful" : 18, "failed" : 0 } } [root@k8s-192-168-1-140 ~]# 将节点排除出集群(下线节点)curl -XPUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/settings" -H 'Content-Type: application/json' -d' { "transient": { "cluster.routing.allocation.exclude._name": "node-name-to-remove" } } '查看正在运行的任务(如 _forcemerge, reindex)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/tasks?v&pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/tasks?v&pretty" action task_id parent_task_id type start_time timestamp running_time ip node geoip-downloader[c] N9j3pRcUR06S4vCsRcdnWw:340 cluster:1 persistent 1765548603189 14:10:03 1.2h 172.20.246.81 quickstart-es-default-0 health-node[c] N9j3pRcUR06S4vCsRcdnWw:350 cluster:2 persistent 1765548603882 14:10:03 1.2h 172.20.246.81 quickstart-es-default-0 cluster:monitor/tasks/lists N9j3pRcUR06S4vCsRcdnWw:53136 - transport 1765553067275 15:24:27 498micros 172.20.246.81 quickstart-es-default-0 cluster:monitor/tasks/lists[n] N9j3pRcUR06S4vCsRcdnWw:53137 N9j3pRcUR06S4vCsRcdnWw:53136 transport 1765553067275 15:24:27 420.9micros 172.20.246.81 quickstart-es-default-0 [root@k8s-192-168-1-140 ~]# 查看热点线程(用于诊断性能问题)curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_nodes/hot_threads?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_nodes/hot_threads?pretty" ::: {quickstart-es-default-0}{N9j3pRcUR06S4vCsRcdnWw}{ob3LpO08ReyXSUqr6OkHDQ}{quickstart-es-default-0}{172.20.246.81}{172.20.246.81:9300}{cdfhilmrstw}{9.2.2}{8000099-9039002}{k8s_node_name=k8s-192-168-1-140, transform.config_version=10.0.0, xpack.installed=true, ml.allocated_processors=4, ml.max_jvm_size=1073741824, ml.config_version=12.0.0, ml.machine_memory=2147483648, ml.allocated_processors_double=4.0} Hot threads at 2025-12-12T16:31:15.859Z, interval=500ms, busiestThreads=3, ignoreIdleThreads=true: [root@k8s-192-168-1-140 ~]# 查看集群设置curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/settings?pretty" [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cluster/settings?pretty" { "persistent" : { }, "transient" : { } } [root@k8s-192-168-1-140 ~]# 在索引中插入内容指定IDcurl -X POST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_doc/123" -H 'Content-Type: application/json' -d' { "name": "Snow Crash", "author": "Neal Stephenson", "release_date": "1992-06-01", "page_count": 470 } ' [root@k8s-192-168-1-140 ~]# curl -X POST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_doc/123" -H 'Content-Type: application/json' -d' { "name": "Snow Crash", "author": "Neal Stephenson", "release_date": "1992-06-01", "page_count": 470 } ' {"_index":"cby","_id":"123","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":3} 在索引中插入内容随机IDcurl -X POST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_doc/" -H 'Content-Type: application/json' -d' { "name": "Snow Crash", "author": "Neal Stephenson", "release_date": "1992-06-01", "page_count": 470 } ' [root@k8s-192-168-1-140 ~]# curl -X POST -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_doc/" -H 'Content-Type: application/json' -d' { "name": "Snow Crash", "author": "Neal Stephenson", "release_date": "1992-06-01", "page_count": 470 } ' {"_index":"cby","_id":"ByNRE5sBdx0sYBy0kiOe","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":3}[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# 统计索引中的量curl -XGET -u "elastic:$PASSWORD" -k 'https://10.68.66.232:9200/cby/_count' [root@k8s-192-168-1-140 ~]# curl -XGET -u "elastic:$PASSWORD" -k 'https://10.68.66.232:9200/cby/_count' {"count":2,"_shards":{"total":3,"successful":3,"skipped":0,"failed":0}}[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# 查询索引中的数据内容curl -XGET -u "elastic:$PASSWORD" -k 'https://10.68.66.232:9200/cby/_search?pretty' [root@k8s-192-168-1-140 ~]# curl -XGET -u "elastic:$PASSWORD" -k 'https://10.68.66.232:9200/cby/_search?pretty' { "took" : 8, "timed_out" : false, "_shards" : { "total" : 3, "successful" : 3, "skipped" : 0, "failed" : 0 }, "hits" : { "total" : { "value" : 2, "relation" : "eq" }, "max_score" : 1.0, "hits" : [ { "_index" : "cby", "_id" : "123", "_score" : 1.0, "_source" : { "name" : "Snow Crash", "author" : "Neal Stephenson", "release_date" : "1992-06-01", "page_count" : 470 } }, { "_index" : "cby", "_id" : "ByNRE5sBdx0sYBy0kiOe", "_score" : 1.0, "_source" : { "name" : "Snow Crash", "author" : "Neal Stephenson", "release_date" : "1992-06-01", "page_count" : 470 } } ] } } [root@k8s-192-168-1-140 ~]# 删除指定索引中的数据内容curl -X DELETE -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_doc/123" [root@k8s-192-168-1-140 ~]# curl -X DELETE -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_doc/123" {"_index":"cby","_id":"123","_version":2,"result":"deleted","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":1,"_primary_term":3} [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# curl -XGET -u "elastic:$PASSWORD" -k 'https://10.68.66.232:9200/cby/_search?pretty' { "took" : 25, "timed_out" : false, "_shards" : { "total" : 3, "successful" : 3, "skipped" : 0, "failed" : 0 }, "hits" : { "total" : { "value" : 1, "relation" : "eq" }, "max_score" : 1.0, "hits" : [ { "_index" : "cby", "_id" : "ByNRE5sBdx0sYBy0kiOe", "_score" : 1.0, "_source" : { "name" : "Snow Crash", "author" : "Neal Stephenson", "release_date" : "1992-06-01", "page_count" : 470 } } ] } } [root@k8s-192-168-1-140 ~]# 设检查索引统计curl -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/indices?v&s=index" [root@k8s-192-168-1-140 ~]# curl -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/_cat/indices?v&s=index" health status index uuid pri rep docs.count docs.deleted store.size pri.store.size dataset.size green open .internal.alerts-dataset.quality.alerts-default-000001 1nWfrX_DTKO4VDuLULH9hw 1 0 0 0 249b 249b 249b green open .internal.alerts-default.alerts-default-000001 y1re-StiTG-aoC6sSgcGXA 1 0 0 0 249b 249b 249b green open .internal.alerts-ml.anomaly-detection-health.alerts-default-000001 yFWgfEPoQiKnfjYYd_9rfA 1 0 0 0 249b 249b 249b green open .internal.alerts-ml.anomaly-detection.alerts-default-000001 1T4CZbf5T8SG1goXXn-07w 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.apm.alerts-default-000001 gWZKJICPQtO8-hNQsWfn8A 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.logs.alerts-default-000001 kfuEckcpSmGERMea6-K7SQ 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.metrics.alerts-default-000001 cPLbEFixQF2tJO7hY0GK4A 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.slo.alerts-default-000001 4M4iza7KQCaU2t_y6E5smQ 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.threshold.alerts-default-000001 OfniPqsZRvWm4p0ybqZfEw 1 0 0 0 249b 249b 249b green open .internal.alerts-observability.uptime.alerts-default-000001 LjhwWuZjRlah9zJKu2Q1bQ 1 0 0 0 249b 249b 249b green open .internal.alerts-security.alerts-default-000001 4DrPeUpGRcm2VVlK2tytbQ 1 0 0 0 249b 249b 249b green open .internal.alerts-security.attack.discovery.alerts-default-000001 AW_JMgIZSjaEyHDmQapViA 1 0 0 0 249b 249b 249b green open .internal.alerts-stack.alerts-default-000001 sqLxcGqeS22EbJJ2XBMJvQ 1 0 0 0 249b 249b 249b green open .internal.alerts-streams.alerts-default-000001 RNM1iJUnSvOpqy4KPNFwBQ 1 0 0 0 249b 249b 249b green open .internal.alerts-transform.health.alerts-default-000001 a2rSAm8mS-SrwYku3uAYLQ 1 0 0 0 249b 249b 249b yellow open cby zKsFpdUaTJaO0MBUyQ-O4g 3 1 1 0 6.7kb 6.7kb 6.7kb [root@k8s-192-168-1-140 ~]# 查询指定字段为某值的数据curl -XGET -u "elastic:$PASSWORD" -k 'https://10.68.66.232:9200/cby/_search?q=page_count:470' [root@k8s-192-168-1-140 ~]# curl -XGET -u "elastic:$PASSWORD" -k 'https://10.68.66.232:9200/cby/_search?q=page_count:470' {"took":1,"timed_out":false,"_shards":{"total":3,"successful":3,"skipped":0,"failed":0},"hits":{"total":{"value":1,"relation":"eq"},"max_score":1.0,"hits":[{"_index":"cby","_id":"ByNRE5sBdx0sYBy0kiOe","_score":1.0,"_source": { "name": "Snow Crash", "author": "Neal Stephenson", "release_date": "1992-06-01", "page_count": 470 } }]}}[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# 重置refesh_intervalcurl -X PUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings" -H "Content-Type: application/json" -d'{"refresh_interval": null}' [root@k8s-192-168-1-140 ~]# curl -X PUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings" -H "Content-Type: application/json" -d'{"refresh_interval": null}' {"acknowledged":true} [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings?pretty" { "cby" : { "settings" : { "index" : { "routing" : { "allocation" : { "include" : { "_tier_preference" : "data_content" } } }, "number_of_shards" : "3", "provided_name" : "cby", "creation_date" : "1765552854698", "number_of_replicas" : "1", "uuid" : "zKsFpdUaTJaO0MBUyQ-O4g", "version" : { "created" : "9039002" } } } } } [root@k8s-192-168-1-140 ~]# 设置refesh_interval时间curl -X PUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings" -H "Content-Type: application/json" -d'{"refresh_interval": "30s"}' [root@k8s-192-168-1-140 ~]# curl -X PUT -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings" -H "Content-Type: application/json" -d'{"refresh_interval": "30s"}' {"acknowledged":true}[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# curl -s -XGET -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200/cby/_settings?pretty" { "cby" : { "settings" : { "index" : { "routing" : { "allocation" : { "include" : { "_tier_preference" : "data_content" } } }, "refresh_interval" : "30s", "number_of_shards" : "3", "provided_name" : "cby", "creation_date" : "1765552854698", "number_of_replicas" : "1", "uuid" : "zKsFpdUaTJaO0MBUyQ-O4g", "version" : { "created" : "9039002" } } } } } [root@k8s-192-168-1-140 ~]# 关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号:《Linux运维交流社区》
-
K8S 中使用 YAML 安装 ECK K8S 中使用 YAML 安装 ECKKubernetes 是目前最受欢迎的容器编排技术,越来越多的应用开始往 Kubernetes 中迁移。Kubernetes 现有的 ReplicaSet、Deployment、Service 等资源对象已经可以满足无状态应用对于自动扩缩容、负载均衡等基本需求。但是对于有状态的、分布式的应用,通常拥有各自的一套模型定义规范,例如 Prometheus,Etcd,Zookeeper,Elasticsearch 等等。部署这些分布式应用往往需要熟悉特定领域的知识,并且在扩缩容和升级时需要考虑如何保证应用服务的可用性等问题。为了简化有状态、分布式应用的部署,Kubernetes Operator 应运而生。Kubernetes Operator 是一种特定的应用控制器,通过 CRD(Custom Resource Definitions,自定义资源定义)扩展 Kubernetes API 的功能,可以用它来创建、配置和管理特定的有状态应用,而不需要直接去使用 Kubernetes 中最原始的一些资源对象,比如 Pod,Deployment,Service 等等。Elastic Cloud on Kubernetes(ECK) 是其中的一种 Kubernetes Operator,方便我们管理 Elastic Stack 家族中的各种组件,例如 Elasticsearch,Kibana,APM,Beats 等等。比如只需要定义一个 Elasticsearch 类型的 CRD 对象,ECK 就可以帮助我们快速搭建出一套 Elasticsearch 集群。使用create安装Elastic的自定义资源定义[root@k8s-192-168-1-140 ~]# kubectl create -f https://download.elastic.co/downloads/eck/3.2.0/crds.yaml customresourcedefinition.apiextensions.k8s.io/agents.agent.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/apmservers.apm.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/beats.beat.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/elasticmapsservers.maps.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/elasticsearchautoscalers.autoscaling.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/elasticsearches.elasticsearch.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/enterprisesearches.enterprisesearch.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/kibanas.kibana.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/logstashes.logstash.k8s.elastic.co created customresourcedefinition.apiextensions.k8s.io/stackconfigpolicies.stackconfigpolicy.k8s.elastic.co created [root@k8s-192-168-1-140 ~]# 使用kubectl apply 安装operator及其RBAC规则[root@k8s-192-168-1-140 ~]# kubectl apply -f https://download.elastic.co/downloads/eck/3.2.0/operator.yaml namespace/elastic-system created serviceaccount/elastic-operator created secret/elastic-webhook-server-cert created configmap/elastic-operator created clusterrole.rbac.authorization.k8s.io/elastic-operator created clusterrole.rbac.authorization.k8s.io/elastic-operator-view created clusterrole.rbac.authorization.k8s.io/elastic-operator-edit created clusterrolebinding.rbac.authorization.k8s.io/elastic-operator created service/elastic-webhook-server created statefulset.apps/elastic-operator created validatingwebhookconfiguration.admissionregistration.k8s.io/elastic-webhook.k8s.elastic.co created [root@k8s-192-168-1-140 ~]# 查看是否启动完成[root@k8s-192-168-1-140 ~]kubectl get -n elastic-system pods NAME READY STATUS RESTARTS AGE elastic-operator-0 1/1 Running 0 8m38s [root@k8s-192-168-1-140 ~]# 启动部署Operator自动创建和管理Kubernetes资源,以实现Elasticsearch集群的期望状态。可能需要几分钟的时间才能创建所有资源并准备好使用群集。cat <<EOF | kubectl apply -f - apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: quickstart spec: version: 9.2.2 nodeSets: - name: default count: 1 config: node.store.allow_mmap: false EOF存储用量创建时默认为1G存储空间,可以在创建时配置申明空间cat <<EOF | kubectl apply -f - apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: quickstart spec: version: 9.2.2 nodeSets: - name: default count: 1 volumeClaimTemplates: - metadata: name: elasticsearch-data spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi storageClassName: nfs-storage config: node.store.allow_mmap: false EOF查看部署状态[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# kubectl get pod -A NAMESPACE NAME READY STATUS RESTARTS AGE default nginx-66686b6766-tdwt2 1/1 Running 2 (<invalid> ago) 81d default quickstart-es-default-0 0/1 Pending 0 2m1s elastic-system elastic-operator-0 1/1 Running 0 12m kube-system calico-kube-controllers-78dcb7b647-8f2ph 1/1 Running 2 (<invalid> ago) 81d kube-system calico-node-hpwvr 1/1 Running 2 (<invalid> ago) 81d kube-system coredns-6746f4cb74-bhkv8 1/1 Running 2 (<invalid> ago) 81d kube-system metrics-server-55c56cb875-bwbpr 1/1 Running 2 (<invalid> ago) 81d kube-system node-local-dns-nz4q7 1/1 Running 2 (<invalid> ago) 81d [root@k8s-192-168-1-140 ~]# 查看日志[root@k8s-192-168-1-140 ~]# kubectl logs -f quickstart-es-default-0 Defaulted container "elasticsearch" out of: elasticsearch, elastic-internal-init-filesystem (init), elastic-internal-suspend (init) [root@k8s-192-168-1-140 ~]# 安装NFS动态挂载[root@k8s-192-168-1-140 ~]# yum install nfs-utils -y [root@k8s-192-168-1-140 ~]# mkdir /nfs [root@k8s-192-168-1-140 ~]# vim /etc/exports /nfs *(rw,sync,no_root_squash,no_subtree_check) [root@k8s-192-168-1-140 ~]# systemctl restart rpcbind [root@k8s-192-168-1-140 ~]# systemctl restart nfs-server [root@k8s-192-168-1-140 ~]# systemctl enable rpcbind [root@k8s-192-168-1-140 ~]# systemctl enable nfs-serverK8S 编写NFS供给[root@k8s-192-168-1-140 ~]# vim nfs-storage.yaml [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# cat nfs-storage.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: nfs-storage annotations: storageclass.kubernetes.io/is-default-class: "true" provisioner: k8s-sigs.io/nfs-subdir-external-provisioner parameters: archiveOnDelete: "true" ## 删除pv的时候,pv的内容是否要备份 --- apiVersion: apps/v1 kind: Deployment metadata: name: nfs-client-provisioner labels: app: nfs-client-provisioner # replace with namespace where provisioner is deployed namespace: default spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: nfs-client-provisioner template: metadata: labels: app: nfs-client-provisioner spec: serviceAccountName: nfs-client-provisioner containers: - name: nfs-client-provisioner image: registry.cn-hangzhou.aliyuncs.com/chenby/nfs-subdir-external-provisioner:v4.0.2 # resources: # limits: # cpu: 10m # requests: # cpu: 10m volumeMounts: - name: nfs-client-root mountPath: /persistentvolumes env: - name: PROVISIONER_NAME value: k8s-sigs.io/nfs-subdir-external-provisioner - name: NFS_SERVER value: 192.168.1.140 ## 指定自己nfs服务器地址 - name: NFS_PATH value: /nfs/ ## nfs服务器共享的目录 volumes: - name: nfs-client-root nfs: server: 192.168.1.140 path: /nfs/ --- apiVersion: v1 kind: ServiceAccount metadata: name: nfs-client-provisioner # replace with namespace where provisioner is deployed namespace: default --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: nfs-client-provisioner-runner rules: - apiGroups: [""] resources: ["nodes"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "update", "patch"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: run-nfs-client-provisioner subjects: - kind: ServiceAccount name: nfs-client-provisioner # replace with namespace where provisioner is deployed namespace: default roleRef: kind: ClusterRole name: nfs-client-provisioner-runner apiGroup: rbac.authorization.k8s.io --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-client-provisioner # replace with namespace where provisioner is deployed namespace: default rules: - apiGroups: [""] resources: ["endpoints"] verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-client-provisioner # replace with namespace where provisioner is deployed namespace: default subjects: - kind: ServiceAccount name: nfs-client-provisioner # replace with namespace where provisioner is deployed namespace: default roleRef: kind: Role name: leader-locking-nfs-client-provisioner apiGroup: rbac.authorization.k8s.io开始安装[root@k8s-192-168-1-140 ~]# kubectl apply -f nfs-storage.yaml storageclass.storage.k8s.io/nfs-storage created deployment.apps/nfs-client-provisioner created serviceaccount/nfs-client-provisioner created clusterrole.rbac.authorization.k8s.io/nfs-client-provisioner-runner created clusterrolebinding.rbac.authorization.k8s.io/run-nfs-client-provisioner created role.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner created rolebinding.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner created [root@k8s-192-168-1-140 ~]# 查看存储[root@k8s-192-168-1-140 ~]# kubectl get storageclasses.storage.k8s.io NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE nfs-storage (default) k8s-sigs.io/nfs-subdir-external-provisioner Delete Immediate false 6h7m [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE elasticsearch-data-quickstart-es-default-0 Bound pvc-2df832aa-1c54-4af6-8384-5e5c5f167445 5Gi RWO nfs-storage <unset> 39s [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS VOLUMEATTRIBUTESCLASS REASON AGE pvc-2df832aa-1c54-4af6-8384-5e5c5f167445 5Gi RWO Delete Bound default/elasticsearch-data-quickstart-es-default-0 nfs-storage <unset> 43s [root@k8s-192-168-1-140 ~]# 查看ES服务发现[root@k8s-192-168-1-140 ~]# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.68.0.1 <none> 443/TCP 81d nginx NodePort 10.68.148.53 <none> 80:30330/TCP 81d quickstart-es-default ClusterIP None <none> 9200/TCP 74s quickstart-es-http ClusterIP 10.68.66.232 <none> 9200/TCP 75s quickstart-es-internal-http ClusterIP 10.68.121.73 <none> 9200/TCP 75s quickstart-es-transport ClusterIP None <none> 9300/TCP 75s [root@k8s-192-168-1-140 ~]# 查看ES密码[root@k8s-192-168-1-140 ~]# PASSWORD=$(kubectl get secret quickstart-es-elastic-user -o go-template='{{.data.elastic | base64decode}}') [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# kubectl get secret quickstart-es-elastic-user -o go-template='{{.data.elastic | base64decode}}' V3VPqwQMURTSg6zFYvVIsH13[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# curl -u "elastic:$PASSWORD" -k "https://10.68.66.232:9200" { "name" : "quickstart-es-default-0", "cluster_name" : "quickstart", "cluster_uuid" : "JNqGubnmSeao_LO-JmypHg", "version" : { "number" : "9.2.2", "build_flavor" : "default", "build_type" : "docker", "build_hash" : "ed771e6976fac1a085affabd45433234a4babeaf", "build_date" : "2025-11-27T08:06:51.614397514Z", "build_snapshot" : false, "lucene_version" : "10.3.2", "minimum_wire_compatibility_version" : "8.19.0", "minimum_index_compatibility_version" : "8.0.0" }, "tagline" : "You Know, for Search" } [root@k8s-192-168-1-140 ~]# 安装Kibana服务cat <<EOF | kubectl apply -f - apiVersion: kibana.k8s.elastic.co/v1 kind: Kibana metadata: name: quickstart spec: version: 9.2.2 count: 1 elasticsearchRef: name: quickstart EOF查看服务状态以及密码信息[root@k8s-192-168-1-140 ~]# kubectl get kibana NAME HEALTH NODES VERSION AGE quickstart red 9.2.2 16s [root@k8s-192-168-1-140 ~]# # 查看密码 [root@k8s-192-168-1-140 ~]# kubectl get secret quickstart-es-elastic-user -o=jsonpath='{.data.elastic}' | base64 --decode; echo V3VPqwQMURTSg6zFYvVIsH13 [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.68.0.1 <none> 443/TCP 81d nginx NodePort 10.68.148.53 <none> 80:30330/TCP 81d quickstart-es-default ClusterIP None <none> 9200/TCP 2m47s quickstart-es-http ClusterIP 10.68.66.232 <none> 9200/TCP 2m48s quickstart-es-internal-http ClusterIP 10.68.121.73 <none> 9200/TCP 2m48s quickstart-es-transport ClusterIP None <none> 9300/TCP 2m48s quickstart-kb-http ClusterIP 10.68.103.103 <none> 5601/TCP 24s [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# kubectl get service quickstart-kb-http NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE quickstart-kb-http ClusterIP 10.68.103.103 <none> 5601/TCP 2m39s [root@k8s-192-168-1-140 ~]# 开启访问[root@k8s-192-168-1-140 ~] kubectl port-forward --address 0.0.0.0 service/quickstart-kb-http 5601 Forwarding from 0.0.0.0:5601 -> 5601 # 登录地址 https://192.168.1.140:5601/login 用户: elastic 密码: V3VPqwQMURTSg6zFYvVIsH13修改ES副本数cat <<EOF | kubectl apply -f - apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: quickstart spec: version: 9.2.2 nodeSets: - name: default count: 3 config: node.store.allow_mmap: false EOF查看状态[root@k8s-192-168-1-140 ~]# kubectl get pod -A NAMESPACE NAME READY STATUS RESTARTS AGE default nfs-client-provisioner-58d465c998-w8mfq 1/1 Running 0 5h38m default nginx-66686b6766-tdwt2 1/1 Running 2 (<invalid> ago) 81d default quickstart-es-default-0 1/1 Running 0 5h51m default quickstart-kb-57cc78f6b8-b8fpf 1/1 Running 0 5h24m elastic-system elastic-operator-0 1/1 Running 0 6h2m kube-system calico-kube-controllers-78dcb7b647-8f2ph 1/1 Running 2 (<invalid> ago) 81d kube-system calico-node-hpwvr 1/1 Running 2 (<invalid> ago) 81d kube-system coredns-6746f4cb74-bhkv8 1/1 Running 2 (<invalid> ago) 81d kube-system metrics-server-55c56cb875-bwbpr 1/1 Running 2 (<invalid> ago) 81d kube-system node-local-dns-nz4q7 1/1 Running 2 (<invalid> ago) 81d [root@k8s-192-168-1-140 ~]# kubectl get pod -A -w NAMESPACE NAME READY STATUS RESTARTS AGE default nfs-client-provisioner-58d465c998-w8mfq 1/1 Running 0 5h38m default nginx-66686b6766-tdwt2 1/1 Running 2 (<invalid> ago) 81d default quickstart-es-default-0 1/1 Running 0 5h51m default quickstart-kb-57cc78f6b8-b8fpf 1/1 Running 0 5h24m elastic-system elastic-operator-0 1/1 Running 0 6h2m kube-system calico-kube-controllers-78dcb7b647-8f2ph 1/1 Running 2 (<invalid> ago) 81d kube-system calico-node-hpwvr 1/1 Running 2 (<invalid> ago) 81d kube-system coredns-6746f4cb74-bhkv8 1/1 Running 2 (<invalid> ago) 81d kube-system metrics-server-55c56cb875-bwbpr 1/1 Running 2 (<invalid> ago) 81d kube-system node-local-dns-nz4q7 1/1 Running 2 (<invalid> ago) 81d default quickstart-es-default-1 0/1 Pending 0 0s default quickstart-es-default-1 0/1 Pending 0 0s default quickstart-es-default-1 0/1 Pending 0 0s default quickstart-es-default-1 0/1 Init:0/2 0 0s default quickstart-es-default-1 0/1 Init:0/2 0 1s default quickstart-es-default-0 1/1 Running 0 5h51m default quickstart-es-default-1 0/1 Init:0/2 0 1s default quickstart-es-default-0 1/1 Running 0 5h51m default quickstart-es-default-1 0/1 Init:0/2 0 2s default quickstart-es-default-1 0/1 Init:1/2 0 3s default quickstart-es-default-1 0/1 PodInitializing 0 4s default quickstart-es-default-1 0/1 Running 0 5s default quickstart-es-default-1 1/1 Running 0 26s default quickstart-es-default-2 0/1 Pending 0 0s default quickstart-es-default-2 0/1 Pending 0 0s default quickstart-es-default-2 0/1 Pending 0 0s default quickstart-es-default-2 0/1 Init:0/2 0 0s default quickstart-es-default-2 0/1 Init:0/2 0 1s default quickstart-es-default-0 1/1 Running 0 5h51m default quickstart-es-default-1 1/1 Running 0 30s default quickstart-es-default-2 0/1 Init:0/2 0 2s default quickstart-es-default-1 1/1 Running 0 30s default quickstart-es-default-2 0/1 Init:0/2 0 2s default quickstart-es-default-0 1/1 Running 0 5h51m default quickstart-es-default-2 0/1 Init:1/2 0 3s default quickstart-es-default-2 0/1 PodInitializing 0 4s default quickstart-es-default-2 0/1 Running 0 5s default quickstart-es-default-2 1/1 Running 0 33s ^C[root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# [root@k8s-192-168-1-140 ~]# kubectl get pod -A -w NAMESPACE NAME READY STATUS RESTARTS AGE default nfs-client-provisioner-58d465c998-w8mfq 1/1 Running 0 5h40m default nginx-66686b6766-tdwt2 1/1 Running 2 (<invalid> ago) 81d default quickstart-es-default-0 1/1 Running 0 5h53m default quickstart-es-default-1 1/1 Running 0 2m19s default quickstart-es-default-2 1/1 Running 0 111s default quickstart-kb-57cc78f6b8-b8fpf 1/1 Running 0 5h26m elastic-system elastic-operator-0 1/1 Running 0 6h4m kube-system calico-kube-controllers-78dcb7b647-8f2ph 1/1 Running 2 (<invalid> ago) 81d kube-system calico-node-hpwvr 1/1 Running 2 (<invalid> ago) 81d kube-system coredns-6746f4cb74-bhkv8 1/1 Running 2 (<invalid> ago) 81d kube-system metrics-server-55c56cb875-bwbpr 1/1 Running 2 (<invalid> ago) 81d kube-system node-local-dns-nz4q7 1/1 Running 2 (<invalid> ago) 81d 卸载删除 # 删除所有命名空间中的所有Elastic资源 kubectl get namespaces --no-headers -o custom-columns=:metadata.name \ | xargs -n1 kubectl delete elastic --all -n # 删除operator kubectl delete -f https://download.elastic.co/downloads/eck/3.2.0/operator.yaml kubectl delete -f https://download.elastic.co/downloads/eck/3.2.0/crds.yaml关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号:《Linux运维交流社区》
-
Kubernetes核心-Ingress-metallb Kubernetes核心-Ingress-metallb使用一种能感知协议配置的机制来解析 URI、主机名称、路径等 Web 概念, 让你的 HTTP(或 HTTPS)网络服务可被访问。 Ingress 概念允许你通过 Kubernetes API 定义的规则将流量映射到不同后端。部署metallbMetalLB 是Kubernetes 的一个裸机环境下的负载均衡器,它为LoadBalancer 类型的Service 提供IP 地址分配和对外流量广播,从而使裸机Kubernetes 集群也能像云环境一样通过外部IP 访问内部服务下载部署# 我可以连接国际网络,就直接部署了 kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml # 网络不通畅可以使用手动修改镜像地址 # 下载yaml配置 wget https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml # 修改镜像地址 # 自行找代理 sed -i "s#quay.io#quay.chenby.cn#g" metallb-native.yaml cat metallb-native.yaml | grep image image: quay.chenby.cn/metallb/controller:v0.14.5 image: quay.chenby.cn/metallb/speaker:v0.14.5 # 执行部署 kubectl apply -f metallb-native.yaml查看运行情况root@k8s-master01:~# kubectl -n metallb-system get all NAME READY STATUS RESTARTS AGE pod/controller-6599cd9c46-rr54w 1/1 Running 0 78s pod/speaker-55j5t 1/1 Running 0 78s pod/speaker-bcr4j 1/1 Running 0 78s pod/speaker-p7vgz 1/1 Running 0 78s pod/speaker-pzvkd 1/1 Running 0 78s pod/speaker-vcjvr 1/1 Running 0 78s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/metallb-webhook-service ClusterIP 10.106.20.159 <none> 443/TCP 78s NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE daemonset.apps/speaker 5 5 5 5 5 kubernetes.io/os=linux 78s NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/controller 1/1 1 1 78s NAME DESIRED CURRENT READY AGE replicaset.apps/controller-6599cd9c46 1 1 1 78s 配置VIP的资源池# 新版本metallb使用了CR(Custom Resources),这里我们通过IPAddressPool的CR,进行地址池的定义。 # 如果实例中不设置IPAddressPool选择器L2Advertisement;那么L2Advertisement默认为该实例所有的IPAddressPool相关联。 cat > metallb-config-ipaddresspool.yaml << EOF apiVersion: metallb.io/v1beta1 kind: IPAddressPool metadata: name: first-pool namespace: metallb-system spec: addresses: - 192.168.1.71-192.168.1.75 EOF # 进行L2关联地址池的绑定。 cat > metallb-config-L2Advertisement.yaml << EOF apiVersion: metallb.io/v1beta1 kind: L2Advertisement metadata: name: example namespace: metallb-system spec: ipAddressPools: - first-pool EOF # 执行部署 kubectl apply -f metallb-config-ipaddresspool.yaml kubectl apply -f metallb-config-L2Advertisement.yamlIngress安装执行部署# 添加仓库 helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx helm repo update # 拉取仓库 helm pull ingress-nginx/ingress-nginx tar xvf ingress-nginx-4.12.3.tgz # 查看镜像地址,若你的环境无法下载这个镜像,那么就需要你自行找镜像 或者更换镜像地址 [root@k8s-master01 ingress-nginx]# cat values.yaml | grep image | grep -v \# image: image: image: ingress-nginx/controller image: image: ingress-nginx/kube-webhook-certgen image: image: defaultbackend-amd64 imagePullSecrets: [] [root@k8s-master01 ingress-nginx]# # 我这里的环境可以直接拉取 我直接进行了安装 helm install ingress-nginx ingress-nginx/ingress-nginx \ --namespace ingress --create-namespace # 查看完成安装 [root@k8s-master01 ~]# kubectl get all -n ingress NAME READY STATUS RESTARTS AGE pod/ingress-nginx-controller-6996967cbb-fplzt 1/1 Running 0 56s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/ingress-nginx-controller LoadBalancer 10.109.63.223 192.168.1.71 80:32046/TCP,443:31512/TCP 56s service/ingress-nginx-controller-admission ClusterIP 10.110.227.191 <none> 443/TCP 56s NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/ingress-nginx-controller 1/1 1 1 56s NAME DESIRED CURRENT READY AGE replicaset.apps/ingress-nginx-controller-6996967cbb 1 1 1 56s [root@k8s-master01 ~]# 创建测试镜像 cat > Dockerfile << EOF FROM nginx RUN echo 'nginx-v1' > /usr/share/nginx/html/index.html EOF docker build -t registry.cn-hangzhou.aliyuncs.com/chenby/cby:nginx-v1 . cat > Dockerfile << EOF FROM nginx RUN echo 'nginx-v2' > /usr/share/nginx/html/index.html EOF docker build -t registry.cn-hangzhou.aliyuncs.com/chenby/cby:nginx-v2 . docker push registry.cn-hangzhou.aliyuncs.com/chenby/cby:nginx-v1 docker push registry.cn-hangzhou.aliyuncs.com/chenby/cby:nginx-v2创建测试应用cat > ingress-demo-app.yaml << EOF apiVersion: apps/v1 kind: Deployment metadata: name: cby-nginx-v1 spec: replicas: 2 selector: matchLabels: app: cby-nginx-v1 template: metadata: labels: app: cby-nginx-v1 spec: containers: - name: cby-nginx-v1 image: registry.cn-hangzhou.aliyuncs.com/chenby/cby:nginx-v1 ports: - containerPort: 9000 --- apiVersion: apps/v1 kind: Deployment metadata: labels: app: cby-nginx-v2 name: cby-nginx-v2 spec: replicas: 2 selector: matchLabels: app: cby-nginx-v2 template: metadata: labels: app: cby-nginx-v2 spec: containers: - image: registry.cn-hangzhou.aliyuncs.com/chenby/cby:nginx-v2 name: nginx --- apiVersion: v1 kind: Service metadata: labels: app: cby-nginx-v2 name: cby-nginx-v2 spec: selector: app: cby-nginx-v2 ports: - port: 8000 protocol: TCP targetPort: 80 --- apiVersion: v1 kind: Service metadata: labels: app: cby-nginx-v1 name: cby-nginx-v1 spec: selector: app: cby-nginx-v1 ports: - port: 8000 protocol: TCP targetPort: 80 EOF # 创建路由 cat >> ingress-demo-app-ingress.yaml <<EOF apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ingress-host-bar spec: ingressClassName: nginx rules: - host: "nginx-v1.chenby.cn" http: paths: - pathType: Prefix path: "/" backend: service: name: cby-nginx-v1 port: number: 8000 - host: "nginx-v2.chenby.cn" http: paths: - pathType: Prefix path: "/" backend: service: name: cby-nginx-v2 port: number: 8000 EOF # 等创建完成后在执行: kubectl apply -f ingress-demo-app.yaml kubectl apply -f ingress-demo-app-ingress.yaml # 查看ING kubectl get ingress NAME CLASS HOSTS ADDRESS PORTS AGE ingress-host-bar nginx nginx-v1.chenby.cn,nginx-v2.chenby.cn 192.168.1.71 80 69m 测试访问# 写入hosts cat >> /etc/hosts <<EOF 192.168.1.71 nginx-v1.chenby.cn 192.168.1.71 nginx-v2.chenby.cn EOF # 访问 v1 正常 [root@localhost ~]# curl nginx-v1.chenby.cn nginx-v1 [root@localhost ~]# # # 访问 v2 正常 [root@localhost ~]# curl nginx-v2.chenby.cn nginx-v2 [root@localhost ~]#测试路径重写# 删除刚建的ingress kubectl delete -f ingress-demo-app-ingress.yaml # 写入新的ingress cat >> ingress-demo-app-ingress-router.yaml <<EOF apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: nginx.ingress.kubernetes.io/rewrite-target: /$2 name: ingress-host-bar spec: ingressClassName: nginx rules: - host: "nginx-v1.chenby.cn" http: paths: - pathType: Prefix path: "/" backend: service: name: cby-nginx-v1 port: number: 8000 - host: "nginx-v2.chenby.cn" http: paths: - pathType: Prefix path: "/nginx(/|$)(.*)" pathType: ImplementationSpecific backend: service: name: cby-nginx-v2 port: number: 8000 EOF # 执行部署 kubectl apply -f ingress-demo-app-ingress-router.yaml # 访问 v1 返回正常 [root@localhost ~]# curl nginx-v1.chenby.cn nginx-v1 [root@localhost ~]# # 访问 v2 访问异常 [root@localhost ~]# curl nginx-v2.chenby.cn <html> <head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx</center> </body> </html> [root@localhost ~]# # 访问时加上URI 访问正常 [root@localhost ~]# curl nginx-v2.chenby.cn/nginx nginx-v2 [root@localhost ~]# 测试流量限制 # 删除刚建的ingress kubectl delete -f ingress-demo-app-ingress-router.yaml # 写入新的ingress cat >> ingress-demo-app-ingress-limit.yaml <<EOF apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ingress-limit-rate annotations: nginx.ingress.kubernetes.io/limit-rps: "1" spec: ingressClassName: nginx rules: - host: "nginx-v1.chenby.cn" http: paths: - pathType: Exact path: "/" backend: service: name: cby-nginx-v1 port: number: 8000 - host: "nginx-v2.chenby.cn" http: paths: - pathType: Exact path: "/" backend: service: name: cby-nginx-v2 port: number: 8000 EOF # 执行部署 kubectl apply -f ingress-demo-app-ingress-limit.yaml # 访问过快 会返回 503 [root@localhost ~]# for i in {1..8}; do curl nginx-v1.chenby.cn; done nginx-v1 nginx-v1 nginx-v1 nginx-v1 nginx-v1 nginx-v1 <html> <head><title>503 Service Temporarily Unavailable</title></head> <body> <center><h1>503 Service Temporarily Unavailable</h1></center> <hr><center>nginx</center> </body> </html> <html> <head><title>503 Service Temporarily Unavailable</title></head> <body> <center><h1>503 Service Temporarily Unavailable</h1></center> <hr><center>nginx</center> </body> </html> [root@localhost ~]# 过滤查看ingress端口上面有安装metallb组件,所有ingress有自动获取到地址,我这里就不修改nodeport了,各位如果没有metallb组件 就需要修改 nodeport# 修改为nodeport kubectl edit svc -n ingress-nginx ingress-nginx-controller type: NodePort [root@hello ~/yaml]# kubectl get svc -A | grep ingress ingress-nginx ingress-nginx-controller LoadBalancer 10.110.161.30 192.168.1.71 80:32480/TCP,443:30195/TCP 12m ingress-nginx ingress-nginx-controller-admission ClusterIP 10.105.211.217 <none> 443/TCP 12m [root@hello ~/yaml]#关于https://www.oiox.cn/https://www.oiox.cn/index.php/start-page.htmlCSDN、GitHub、知乎、开源中国、思否、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客全网可搜《小陈运维》文章主要发布于微信公众号:《Linux运维交流社区》
