搭建ES集群环境

准备

  1. 三台服务器
  2. 其中一台为主机节点
  3. ES安装自行上传到各个节点home路径下并解压重命名
  4. 集群名称:cluster-big-data同一个集群多个节点,集群名称必须相同,节点名称不同。
  5. 用户账号:es_user
节点 ip地址 服务端口 传输端口 内存(GB) CPU(核) 磁盘(GB)
node1 192.168.0.114 9200 9300 16G 8 100
node2 192.168.0.123 9200 9300 8G 4 50
node3 192.168.0.125 9200 9300 8G 4 50

重要路径说明

名称 路径
根路径 /home/elasticsearch/
配置文件路径 /home/elasticsearch/config/
SSL证书路径 /home/elasticsearch/config/certs/
快照共享路径 /home/elasticsearch/snapshot/

开始搭建

这里跳过了用户创建,密码生成等步奏,详情参考ES安装文档

一、创建路径(三个节点都需要创建)

创建快照和证书路径

[root@localhost ~] su es_user

[es_user@localhost ~]  mkdir -p /home/elasticsearch/snapshot/

[es_user@localhost ~]  mkdir -p /home/elasticsearch/config/certs/

二、NFS共享快照路径(主节点)

切换 root 用户安装共享软件

[root@localhost elasticsearch] su root

[root@localhost elasticsearch] yum -y install nfs-utils rpcbind

编辑 /etc/exports 文件,增加以下内容

[root@localhost elasticsearch] vi /etc/exports


/home/elasticsearch/snapshot *(rw,sync,no_root_squash)

使文件生效 exportfs -rv

[root@localhost elasticsearch] exportfs -rv

exporting *:/home/elasticsearch/snapshot

启动 rpcbindnfs 服务

[root@localhost share] systemctl start rpcbind

[root@localhost share] systemctl start nfs

#或centos8

[root@localhost share] systemctl start nfs-server

测试是否可以联机,输出共享地址成功

[root@localhost share] showmount -e localhost

Export list for localhost:

/www/share *

三、生成证书(主节点)

请使用 es_user 进行操作

生成授权证书,输入密码处直接回车

[es_user@localhost elasticsearch] ./bin/elasticsearch-certutil ca

This tool assists you in the generation of X.509 certificates and certificate

signing requests for use with SSL/TLS in the Elastic stack.

The 'ca' mode generates a new 'certificate authority'

This will create a new X.509 certificate and private key that can be used

to sign certificate when running in 'cert' mode.

Use the 'ca-dn' option if you wish to configure the 'distinguished name'

of the certificate authority

By default the 'ca' mode produces a single PKCS#12 output file which holds:

    * The CA certificate

    * The CA's private key

If you elect to generate PEM format certificates (the -pem option), then the output will

be a zip file containing individual files for the CA certificate and private key

Please enter the desired output file [elastic-stack-ca.p12]:

Enter password for elastic-stack-ca.p12 :

生成秘钥证书,输入密码处直接回车

[es_user@localhost elasticsearch] ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

If you specify any of the following options:

    * -pem (PEM formatted output)

    * -keep-ca-key (retain generated CA key)

    * -multiple (generate multiple certificates)

    * -in (generate certificates from an input file)

then the output will be be a zip file containing individual certificate/key files

Enter password for CA (elastic-stack-ca.p12) :

Please enter the desired output file [elastic-certificates.p12]:

Enter password for elastic-certificates.p12 : 

Certificates written to /home/elasticsearch/elastic-certificates.p12

This file should be properly secured as it contains the private key for

your instance.

This file is a self contained file and can be copied and used 'as is'

For each Elastic product that you wish to configure, you should copy

this '.p12' file to the relevant configuration directory

and then follow the SSL configuration instructions in the product guide.

For client applications, you may only need to copy the CA certificate and

configure the client to trust this certificate

执行以上两个命令后ES根目录会生成两个文件分别是elastic-certificates.p12 elastic-stack-ca.p12

将生成的证书文件拷贝到证书目录下

[es_user@localhost elasticsearch] cp elastic-stack-ca.p12 ./config/certs/

[es_user@localhost elasticsearch] cp elastic-certificates.p12 ./config/certs/

四、其他节点证书

将主节点证书进行打包,分别上传到其他两个节点服务器中

进入ES配置文件路径

[es_user@localhost elasticsearch] cd config/

打包

[es_user@localhost config]$ tar -zcf certs.tar.gz certs/

证书上传到节点1和节点2,这里使用 scp 命令进行上传到目标服务,你可以使用其他FTP工具上传,上传过程需要接受秘钥输入yes然后会提示输入密码

scp 要上传的文件 账号@目标服务器ip:目标服务器路径

[es_user@localhost config]$ scp certs.tar.gz root@192.168.0.123:/home/elasticsearch/config

The authenticity of host '192.168.0.123 (192.168.0.123)' can't be established.

ECDSA key fingerprint is SHA256:iQ6EJttEclqNvpNZIfPEmHemPwT+nbRRMLBXOkB5Kys.

ECDSA key fingerprint is MD5:6b:0d:32:1a:39:98:28:d0:1b:b0:6a:b7:d6:5a:57:c6.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.0.123' (ECDSA) to the list of known hosts.

root@192.168.0.123's password:

certs.tar.gz


[es_user@localhost config]$ scp certs.tar.gz root@192.168.0.125:/home/elasticsearch/config

The authenticity of host '192.168.0.125 (192.168.0.125)' can't be established.

ECDSA key fingerprint is SHA256:iQ6EJttEclqNvpNZIfPEmHemPwT+nbRRMLBXOkB5Kys.

ECDSA key fingerprint is MD5:6b:0d:32:1a:39:98:28:d0:1b:b0:6a:b7:d6:5a:57:c6.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.0.125' (ECDSA) to the list of known hosts.

root@192.168.0.125's password:

certs.tar.gz

挂载共享文件夹

节点2 节点3 安装

[root@log1 ~] yum -y install nfs-utils

启动 nfs 客户端服务

[root@log1 ~] systemctl start nfs-utils

挂载共享df验证最后一条记录出现证明挂载成功

[root@log1 ~] mount -t nfs 192.168.0.114:/home/elasticsearch/snapshot /home/elasticsearch/snapshot

[root@log1 ~] df

文件系统                                      1K-块     已用     可用 已用% 挂载点

devtmpfs                                    3983136        0  3983136    0% /dev

tmpfs                                       3995008        0  3995008    0% /dev/shm

tmpfs                                       3995008    12068  3982940    1% /run

tmpfs                                       3995008        0  3995008    0% /sys/fs/cgroup

/dev/mapper/centos-root                    52403200  3525292 48877908    7% /

/dev/mapper/centos-home                    64054724 22962908 41091816   36% /home

/dev/sda1                                   1038336   198548   839788   20% /boot

tmpfs                                        799004        0   799004    0% /run/user/0

192.168.0.114:/home/elasticsearch/snapshot 43094016  1163264 41930752    3% /home/elasticsearch/snapshot

编写ES配置文件

节点1

cluster.name: cluster-big-data

node.name: node-1

# 不能使用 0.0.0.0 或 127.0.0.1

network.host: 192.168.0.114

http.port: 9200

# 主节点选举

node.master: true

# 允许该节点存储数据

node.data: true

# 集群发现地址

discovery.seed_hosts: ["192.168.0.114","192.168.0.123","192.168.0.125"]

# 集群节点发现

cluster.initial_master_nodes: ["node-1","node-2","node-3"]

# 快照备份路径

path.repo: /home/elasticsearch/snapshot/

# 开启系统监控日志收集

xpack.monitoring.collection.enabled: true

# 数据保留时间默认 7天

xpack.monitoring.history.duration: 7d

xpack.ml.enabled: false

# 开启系统安全

xpack.security.enabled: true

xpack.security.http.ssl.enabled: false

xpack.security.http.ssl.keystore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.http.ssl.truststore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.http.ssl.client_authentication: "optional"

xpack.security.transport.ssl.enabled: true

xpack.security.transport.ssl.verification_mode: certificate

xpack.security.transport.ssl.keystore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.transport.ssl.truststore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

节点2

cluster.name: cluster-big-data

node.name: node-2

# 不能使用 0.0.0.0 或 127.0.0.1

network.host: 192.168.0.123

http.port: 9200

# 主节点选举

node.master: true

# 允许该节点存储数据

node.data: true

# 集群发现地址

discovery.seed_hosts: ["192.168.0.114","192.168.0.123","192.168.0.125"]

# 集群节点发现

cluster.initial_master_nodes: ["node-1","node-2","node-3"]

# 快照备份路径

path.repo: /home/elasticsearch/snapshot/

# 开启系统监控日志收集

xpack.monitoring.collection.enabled: true

# 数据保留时间默认 7天

xpack.monitoring.history.duration: 7d

xpack.ml.enabled: false

# 开启系统安全

xpack.security.enabled: true

xpack.security.http.ssl.enabled: false

xpack.security.http.ssl.keystore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.http.ssl.truststore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.http.ssl.client_authentication: "optional"

xpack.security.transport.ssl.enabled: true

xpack.security.transport.ssl.verification_mode: certificate

xpack.security.transport.ssl.keystore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.transport.ssl.truststore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

节点3(不参与选举)

cluster.name: cluster-big-data

node.name: node-3

# 不能使用 0.0.0.0 或 127.0.0.1

network.host: 192.168.0.125

http.port: 9200

# 主节点选举

node.master: true

# 允许该节点存储数据

node.data: true

# 集群发现地址

discovery.seed_hosts: ["192.168.0.114","192.168.0.123","192.168.0.125"]

# 集群节点发现

cluster.initial_master_nodes: ["node-1","node-2","node-3"]

# 快照备份路径

path.repo: /home/elasticsearch/snapshot/

# 开启系统监控日志收集

xpack.monitoring.collection.enabled: true

# 数据保留时间默认 7天

xpack.monitoring.history.duration: 7d

xpack.ml.enabled: false

# 开启系统安全

xpack.security.enabled: true

xpack.security.http.ssl.enabled: false

xpack.security.http.ssl.keystore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.http.ssl.truststore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.http.ssl.client_authentication: "optional"

xpack.security.transport.ssl.enabled: true

xpack.security.transport.ssl.verification_mode: certificate

xpack.security.transport.ssl.keystore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

xpack.security.transport.ssl.truststore.path: /home/elasticsearch/config/certs/elastic-certificates.p12

启动服务

注意事项:

  1. 先启动节点1(切换 es_user 用户)
  2. 解压各个节点certs证书压缩包
  3. 将上面的配置文件拷贝到各个节点 配置文件路径 文件名称elasticsearch.yml
  4. 测试调试阶段建议前台方式启动, ./elasticsearch 不要加 -d 方便调试
  5. 只有集群服务正常启动并相互连接成功,才可以进SSL加密盘配置已经启用户账号密码

进入节点1 es 跟路径下的 bin 目录启动。其他节点同样操作

[es_user@localhost bin]$ ./elasticsearch

当控制输出以下信息,服务启动成功

[2022-09-24T13:52:58,346][INFO ][o.e.h.AbstractHttpServerTransport] [node-1] publish_address {192.168.0.114:9200}, bound_addresses {192.168.0.114:9200}

[2022-09-24T13:52:58,347][INFO ][o.e.n.Node               ] [node-1] started

[2022-09-24T13:53:00,587][INFO ][o.e.x.s.a.TokenService   ] [node-1] refresh keys

[2022-09-24T13:53:01,546][INFO ][o.e.x.s.a.TokenService   ] [node-1] refreshed keys

[2022-09-24T13:53:03,308][INFO ][o.e.c.s.ClusterApplierService] [node-1] added node-3{nFwDnacnSymxg8gF1jUW2Q}{kONSgIoTRWC3Mz5am24Gdw}{192.168.0.125}{192.168.0.125:9300}{cdfhirstw}}, term: 1, version: 21, reason: ApplyCommitRequest{term=1, version=21, sourceNode={node-2}{xJUzhmMXTS-mDBsIdMFNeA}{PspPplLTQH-cAwhk8ZveqQ}{192.168.0.123}{192.168.0.123:9300}{cdfhimrstw}{xpack.installed=true, transform.node=true}}

[2022-09-24T13:53:06,031][INFO ][o.e.l.LicenseService     ] [node-1] license [212e41c8-54e6-476d-b453-1e7f03a7a4ca] mode [basic] - valid

[2022-09-24T13:53:06,034][INFO ][o.e.x.s.a.Realms         ] [node-1] license mode is [basic], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]

[2022-09-24T13:53:06,038][INFO ][o.e.x.s.s.SecurityStatusChangeListener] [node-1] Active license is now [BASIC]; Security is enabled

[2022-09-24T13:53:10,908][INFO ][o.e.i.g.DatabaseRegistry ] [node-1] downloading geoip database [GeoLite2-ASN.mmdb] to [/tmp/elasticsearch-2213883239317334326/geoip-databases/IIU3ckuVSJOrT4zp61GBJg/GeoLite2-ASN.mmdb.tmp.gz]

[2022-09-24T13:53:11,042][INFO ][o.e.x.s.a.AuthorizationService] [node-1] Took [67ms] to resolve [1] indices for action [indices:data/read/search] and user [_xpack]

[2022-09-24T13:53:12,810][INFO ][o.e.i.g.DatabaseRegistry ] [node-1] successfully reloaded changed geoip database file [/tmp/elasticsearch-2213883239317334326/geoip-databases/IIU3ckuVSJOrT4zp61GBJg/GeoLite2-ASN.mmdb]

[2022-09-24T13:53:22,738][INFO ][o.e.i.g.DatabaseRegistry ] [node-1] downloading geoip database [GeoLite2-City.mmdb] to [/tmp/elasticsearch-2213883239317334326/geoip-databases/IIU3ckuVSJOrT4zp61GBJg/GeoLite2-City.mmdb.tmp.gz]

[2022-09-24T13:53:25,217][INFO ][o.e.i.g.DatabaseRegistry ] [node-1] downloading geoip database [GeoLite2-Country.mmdb] to [/tmp/elasticsearch-2213883239317334326/geoip-databases/IIU3ckuVSJOrT4zp61GBJg/GeoLite2-Country.mmdb.tmp.gz]

[2022-09-24T13:53:25,889][INFO ][o.e.i.g.DatabaseRegistry ] [node-1] successfully reloaded changed geoip database file [/tmp/elasticsearch-2213883239317334326/geoip-databases/IIU3ckuVSJOrT4zp61GBJg/GeoLite2-Country.mmdb]

[2022-09-24T13:53:29,254][INFO ][o.e.i.g.DatabaseRegistry ] [node-1] successfully reloaded changed geoip database file [/tmp/elasticsearch-2213883239317334326/geoip-databases/IIU3ckuVSJOrT4zp61GBJg/GeoLite2-City.mmdb]

账号密码

节点1新开窗口,进入节点1 es 跟路径下 生成账号密码。生成的账号密码妥善保管,账号密码信息会自动同步到ES各个节点上

[root@localhost elasticsearch]./bin/elasticsearch-setup-passwords auto

warning: usage of JAVA_HOME is deprecated, use ES_JAVA_HOME

Future versions of Elasticsearch will require Java 11; your Java version from [/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.342.b07-1.el7_9.x86_64/jre] does not meet this requirement. Consider switching to a distribution of Elasticsearch with a bundled JDK. If you are already using a distribution with a bundled JDK, ensure the JAVA_HOME environment variable is not set.

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.

The passwords will be randomly generated and printed to the console.

Please confirm that you would like to continue [y/N]y

Changed password for user apm_system

PASSWORD apm_system = eXy9NUaSVDhESUE6DS6R

Changed password for user kibana_system

PASSWORD kibana_system = OSjK4VW5EV70AWtGapYy

Changed password for user kibana

PASSWORD kibana = OSjK4VW5EV70AWtGapYy

Changed password for user logstash_system

PASSWORD logstash_system = bUQQv1tCRJdIYn9qby7D

Changed password for user beats_system

PASSWORD beats_system = uMLotKFFRfqGkO9TFRWq

Changed password for user remote_monitoring_user

PASSWORD remote_monitoring_user = 7WHftn76huCDoMUi6XtN

Changed password for user elastic

PASSWORD elastic = z6DV6iFBcat0euvD7o5g

验证ES集群,查看节点 http://elastic:z6DV6iFBcat0euvD7o5g@192.168.0.114:9200/_cat/nodes

http://账号:ES密码@主机IP地址:端口/_cat/nodes

我们可以看到此时node-2为主节点,有*表示主节点

[root@localhost elasticsearch] curl http://elastic:z6DV6iFBcat0euvD7o5g@192.168.0.114:9200/_cat/nodes

192.168.0.114 12 59 7 1.18 1.48 1.15 cdfhimrstw - node-1

192.168.0.125  9 98 6 0.24 0.40 0.43 cdfhirstw  - node-3

192.168.0.123  5 98 5 0.40 0.44 0.48 cdfhimrstw * node-2

启用SSL加密

Ctrl+c 停止所有节点服务,修改所有节点/home/elasticsearch/config/elasticsearch.yml 配置文件

# 修改前

xpack.security.http.ssl.enabled: false

# 修改后

xpack.security.http.ssl.enabled: true

再次启动各个服务,启动成功再次验证

注意:

  1. 此时请求协议变成了https 主节点变成了node1,我们需要把主节点的信息配置到 java配置文件中(参考打包部署章节)
  2. 主节点不是固定不变的,当其中一个节点发生宕机,那么其他节点可以选举为主节点。
[root@localhost elasticsearch] curl https://elastic:z6DV6iFBcat0euvD7o5g@192.168.0.114:9200/_cat/nodes --insecure

192.168.0.114 13 60 9 1.52 1.60 1.33 cdfhimrstw * node-1

192.168.0.123  7 98 4 0.15 0.45 0.47 cdfhimrstw - node-2

192.168.0.125  7 98 4 0.45 0.65 0.53 cdfhirstw  - node-3

软件平台连接

此时我们平台已经成功连接到ES集群,此刻ES集群搭建到此结束

Linux搭建ES集群环境的更多相关文章

  1. Linux 搭建Hadoop集群 成功

    内容基于(自己的真是操作步骤编写) Linux 搭建Hadoop集群---Jdk配置 Linux 搭建Hadoop集群 ---SSH免密登陆 一:下载安装 Hadoop 1.1:下载指定的Hadoop ...

  2. Hadoop2.7.3+HBase1.2.5+ZooKeeper3.4.6搭建分布式集群环境

    Hadoop2.7.3+HBase1.2.5+ZooKeeper3.4.6搭建分布式集群环境 一.环境说明 个人理解:zookeeper可以独立搭建集群,hbase本身不能独立搭建集群需要和hadoo ...

  3. 在搭建Hadoop集群环境时遇到的一些问题

    最近在学习搭建hadoop集群环境,在搭建的过程中遇到很多问题,在这里做一些记录.1. SSH相关的问题 问题一: ssh: connect to host localhost port 22: Co ...

  4. docker-compose搭建zookeeper集群环境 CodingCode

    docker-compose搭建zookeeper集群环境 使用docker-compose搭建zookeeper集群环境 zookeeper是一个集群环境,用来管理微服务架构下面的配置管理功能. 这 ...

  5. kubeadm 搭建kubernetes集群环境

    需求 kubeadm 搭建kubernetes集群环境 准备条件 三台VPS(本文使用阿里云香港 - centos7.7) 一台能SSH连接到VPS的本地电脑 (推荐连接工具xshell) 安装步骤 ...

  6. centos7 快速搭建redis集群环境

    本文主要是记录一下快速搭建redis集群环境的方式. 环境简介:centos 7  + redis-3.2.4 本次用两个服务6个节点来搭建:192.168.116.120  和  192.168.1 ...

  7. 【redis】 linux 下redis 集群环境搭建

    Redis集群 (要让集群正常工作至少需要3个主节点,在这里我们要创建6个redis节点,其中三个为主节点,三个为从节点,对应的redis节点的ip和端口对应关系如下) 127.0.0.1:63791 ...

  8. docker容器中搭建kafka集群环境

    Kafka集群管理.状态保存是通过zookeeper实现,所以先要搭建zookeeper集群 zookeeper集群搭建 一.软件环境: zookeeper集群需要超过半数的的node存活才能对外服务 ...

  9. 搭建ES集群

    服务版本选择 TEG的ctsdb当前最高版本采用的是es的6.4.3版本,为了日后与ctsdb衔接方便,部署开源版es时也采用该版本.6.4.3版本的es依赖的jdk版本要求在8u181以上,测试环境 ...

  10. Kubernetes 搭建 ES 集群(存储使用 cephfs)

    一.集群规划 使用 cephfs 实现分布式存储和数据持久化 ES 集群的 master 节点至少需要三个,防止脑裂. 由于 master 在配置过程中需要保证主机名固定和唯一,所以搭建 master ...

随机推荐

  1. OpenHarmony——内核IPC机制数据结构解析

    一.前言 OpenAtom OpenHarmony(以下简称"OpenHarmony")是由开放原子开源基金会(OpenAtom Foundation)孵化及运营的开源项目,目标是 ...

  2. Qt:获取WIFI列表

    示例:使用QT来获取Windows电脑WIFI列表中所有WIFI的名称,实际是执行CMD命令来完成(netsh wlan show networks) // 获取WIFI列表 QProcess pro ...

  3. 通过 Traefik Hub 暴露家里的网络服务

    Traefik Hub 简介 ️Reference: 你的云原生网络平台 -- 发布和加固你的容器从未如此简单. Traefik Hub 为您在 Kubernetes 或其他容器平台上运行的服务提供一 ...

  4. 基于HarmonyOS的HTTPS请求过程开发示例(ArkTS)

      介绍 本篇Codelab基于网络模块以及Webview实现一次HTTPS请求,并对其过程进行抓包分析.效果如图所示: 相关概念 ● Webview:提供Web控制能力,Web组件提供网页显示能力. ...

  5. 在 macOS Big Sur 上安装 MySQL 8.x Compressed TAR Archive

    因个人能力有限,文章难免存在错误,望斧正,感谢. 版本: macOS 11.6 Intel版本 MySQL 8.0.26 Compressed TAR Archive 一.准备所需文件 前往 MySQ ...

  6. 力扣141(Java)-环形链表(简单)

    题目: 给你一个链表的头节点 head ,判断链表中是否有环. 如果链表中有某个节点,可以通过连续跟踪 next 指针再次到达,则链表中存在环. 为了表示给定链表中的环,评测系统内部使用整数 pos ...

  7. EMAS移动测试-远程真机篇

    简介: 导读:本文将介绍申请远程真机以及在远程真机上执行测试任务的详细操作,包括申请远程真机.安装应用.扫码.定位.性能测试等. 一.移动测试概览 移动测试服务(Mobile Testing)是为企业 ...

  8. 为什么我要迁移 SpringBoot 到函数计算

    简介: 面对流量洪峰,我们再也不会手忙脚乱了,函数计算自动会帮我们扩容!很好的解决了我们的 API 场景和不定时执行各种不同任务的场景. 作者:榴莲   为什么要迁移? 我们的业务有很多对外提供服务的 ...

  9. 饿了么EMonitor演进史

    简介: 可观测性作为技术体系的核心环节之一,跟随饿了么技术的飞速发展,不断自我革新. 序言 时间回到2008年,还在上海交通大学上学的张旭豪.康嘉等人在上海创办了饿了么,从校园外卖场景出发,饿了么一步 ...

  10. WPF 已知问题 资源字典树引用与资源寻找的坑

    大家都知道,在 WPF 里面,可以让资源字典合并其他资源字典,从而定义出资源字典引用树.然而在资源字典引用树里面,如果没有理清关系,将可以作出一个超级复杂的引用关系网.如果在性能优化中,将网断开部分, ...