ELK之elasticsearch6.5集群
前面介绍并初试了es6.5系列的单节点的操作,现在搭建es6.5系列的集群:
环境:三节点:master-172.16.23.128.node1-172.16.23.129.node2-172.16.23.130,首先查看es的服务状态:
[root@master ~]# ansible all_nodes -m shell -a "systemctl status elasticsearch"|grep -i running
Active: active (running) since 六 2018-12-29 12:06:55 CST; 3h 33min ago
Active: active (running) since 六 2018-12-29 12:07:43 CST; 3h 32min ago
Active: active (running) since 六 2018-12-29 15:38:47 CST; 1min 42s ago
查看各节点上面的es的配置文件:
[root@master ~]# ansible all_nodes -m shell -a 'cat /etc/elasticsearch/elasticsearch.yml|egrep -v "^$|^#"'
172.16.23.128 | CHANGED | rc=0 >>
cluster.name: estest
node.name: esnode2
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["172.16.23.128", "172.16.23.131"] 172.16.23.130 | CHANGED | rc=0 >>
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch 172.16.23.129 | CHANGED | rc=0 >>
cluster.name: es
node.name: node1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
现在基于discovery.zen做集群配置参考:https://www.elastic.co/guide/en/elasticsearch/reference/6.5/modules-discovery-zen.html,具体配置如下:
[root@master ~]# ansible all_nodes -m shell -a 'cat /etc/elasticsearch/elasticsearch.yml|egrep -v "^$|^#"'
172.16.23.128 | CHANGED | rc=0 >>
cluster.name: estest
node.name: master
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["172.16.23.128", "172.16.23.129", "172.16.23.130"] 172.16.23.130 | CHANGED | rc=0 >>
cluster.name: estest
node.name: node2
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["172.16.23.128", "172.16.23.129", "172.16.23.130"] 172.16.23.129 | CHANGED | rc=0 >>
cluster.name: estest
node.name: node1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.zen.ping.unicast.hosts: ["172.16.23.128", "172.16.23.129", "172.16.23.130"]
重启elasticsearch服务:
[root@master ~]# ansible all_nodes -m shell -a "systemctl restart elasticsearch"
172.16.23.130 | CHANGED | rc=0 >> 172.16.23.128 | CHANGED | rc=0 >> 172.16.23.129 | CHANGED | rc=0 >>
然后查看集群状态:
[root@master ~]# curl -X GET "localhost:9200/_cluster/health" -s|python -m json.tool
{
"active_primary_shards": 0,
"active_shards": 0,
"active_shards_percent_as_number": 100.0,
"cluster_name": "estest",
"delayed_unassigned_shards": 0,
"initializing_shards": 0,
"number_of_data_nodes": 3,
"number_of_in_flight_fetch": 0,
"number_of_nodes": 3,
"number_of_pending_tasks": 0,
"relocating_shards": 0,
"status": "green",
"task_max_waiting_in_queue_millis": 0,
"timed_out": false,
"unassigned_shards": 0
}
查看节点个数:
[root@master ~]# curl -X GET "localhost:9200/_cat/nodes?v"
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
172.16.23.128 28 71 3 0.04 0.11 0.08 mdi * master
172.16.23.130 29 67 4 0.04 0.11 0.10 mdi - node2
172.16.23.129 28 58 4 0.12 0.20 0.13 mdi - node1
单单只看master节点:
[root@master ~]# curl -X GET "localhost:9200/_cat/master?v"
id host ip node
hVY-U_ocQueMtcryoGGbTg 172.16.23.128 172.16.23.128 master
查看集群health:
[root@master ~]# curl -X GET "localhost:9200/_cat/health?v"
epoch timestamp cluster status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent
1546070536 08:02:16 estest green 3 3 0 0 0 0 0 0 - 100.0%
查看nodeattrs属性:
[root@master ~]# curl -X GET "localhost:9200/_cat/nodeattrs?v"
node host ip attr value
master 172.16.23.128 172.16.23.128 ml.machine_memory 3956293632
master 172.16.23.128 172.16.23.128 xpack.installed true
master 172.16.23.128 172.16.23.128 ml.max_open_jobs 20
master 172.16.23.128 172.16.23.128 ml.enabled true
node2 172.16.23.130 172.16.23.130 ml.machine_memory 3956293632
node2 172.16.23.130 172.16.23.130 ml.max_open_jobs 20
node2 172.16.23.130 172.16.23.130 xpack.installed true
node2 172.16.23.130 172.16.23.130 ml.enabled true
node1 172.16.23.129 172.16.23.129 ml.machine_memory 3956293632
node1 172.16.23.129 172.16.23.129 ml.max_open_jobs 20
node1 172.16.23.129 172.16.23.129 xpack.installed true
node1 172.16.23.129 172.16.23.129 ml.enabled true
现在手动创建一个index为test:
# curl -X PUT "localhost:9200/test"
然后查看各节点index情况:
[root@master ~]# ansible all_nodes -m shell -a 'curl -X GET "localhost:9200/_cat/indices?v" -s'
[WARNING]: Consider using the get_url or uri module rather than running curl. If you need to use command because get_url or uri is insufficient you can add
warn=False to this command task or set command_warnings=False in ansible.cfg to get rid of this message. 172.16.23.128 | CHANGED | rc=0 >>
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
yellow open test l0Js1PJLTPSFEdXhanVSHA 5 1 0 0 1.7kb 1.1kb 172.16.23.130 | CHANGED | rc=0 >>
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
yellow open test l0Js1PJLTPSFEdXhanVSHA 5 1 0 0 1.7kb 1.1kb 172.16.23.129 | CHANGED | rc=0 >>
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
yellow open test l0Js1PJLTPSFEdXhanVSHA 5 1 0 0 1.7kb 1.1kb
查看index的分片情况:
[root@master ~]# curl -X GET "localhost:9200/_cat/shards?v"
index shard prirep state docs store ip node
test 3 p STARTED 0 230b 172.16.23.128 master
test 3 r STARTED 0 230b 172.16.23.130 node2
test 2 r STARTED 0 230b 172.16.23.129 node1
test 2 p STARTED 0 230b 172.16.23.130 node2
test 1 p STARTED 0 230b 172.16.23.129 node1
test 1 r UNASSIGNED
test 4 p STARTED 0 230b 172.16.23.129 node1
test 4 r UNASSIGNED
test 0 p STARTED 0 230b 172.16.23.128 master
test 0 r STARTED 0 230b 172.16.23.130 node2
由上面可以看出有两个分片是UNASSIGNED状态,查看集群health:
[root@master ~]# curl -X GET "localhost:9200/_cat/health?v"
epoch timestamp cluster status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent
1546071645 08:20:45 estest yellow 3 3 8 5 0 0 2 0 - 80.0%
使用下面的命令定位有问题的分片以及原因:
[root@master ~]# curl -XGET localhost:9200/_cat/shards?h=index,shard,prirep,state,unassigned.reason -s| grep UNASSIGNED
test 1 r UNASSIGNED INDEX_CREATED
test 4 r UNASSIGNED INDEX_CREATED
获取分片更多信息:
[root@master ~]# curl -XGET localhost:9200/_cluster/allocation/explain?pretty
{
"index" : "test",
"shard" : 1,
"primary" : false,
"current_state" : "unassigned",
"unassigned_info" : {
"reason" : "INDEX_CREATED",
"at" : "2018-12-29T08:14:47.378Z",
"last_allocation_status" : "no_attempt"
},
"can_allocate" : "no",
"allocate_explanation" : "cannot allocate because allocation is not permitted to any of the nodes",
"node_allocation_decisions" : [
{
"node_id" : "hVY-U_ocQueMtcryoGGbTg",
"node_name" : "master",
"transport_address" : "172.16.23.128:9300",
"node_attributes" : {
"ml.machine_memory" : "3956293632",
"xpack.installed" : "true",
"ml.max_open_jobs" : "20",
"ml.enabled" : "true"
},
"node_decision" : "no",
"weight_ranking" : 1,
"deciders" : [
{
"decider" : "node_version",
"decision" : "NO",
"explanation" : "cannot allocate replica shard to a node with version [6.5.2] since this is older than the primary version [6.5.4]"
}
]
},
{
"node_id" : "q95yZ4W4Tj6PaXyzLZZYDQ",
"node_name" : "node1",
"transport_address" : "172.16.23.129:9300",
"node_attributes" : {
"ml.machine_memory" : "3956293632",
"ml.max_open_jobs" : "20",
"xpack.installed" : "true",
"ml.enabled" : "true"
},
"node_decision" : "no",
"weight_ranking" : 2,
"deciders" : [
{
"decider" : "same_shard",
"decision" : "NO",
"explanation" : "the shard cannot be allocated to the same node on which a copy of the shard already exists [[test][1], node[q95yZ4W4Tj6PaXyzLZZYDQ], [P], s[STARTED], a[id=j7V8PBUvQnOZzISPAxK9Uw]]"
}
]
},
{
"node_id" : "_ADSWG04TEqNfX_88ejtzQ",
"node_name" : "node2",
"transport_address" : "172.16.23.130:9300",
"node_attributes" : {
"ml.machine_memory" : "3956293632",
"ml.max_open_jobs" : "20",
"xpack.installed" : "true",
"ml.enabled" : "true"
},
"node_decision" : "no",
"weight_ranking" : 3,
"deciders" : [
{
"decider" : "node_version",
"decision" : "NO",
"explanation" : "cannot allocate replica shard to a node with version [6.5.2] since this is older than the primary version [6.5.4]"
}
]
}
]
}
由上面结果可知node1,node2的es版本不同于master的es版本:
[root@master ~]# ansible all_nodes -m shell -a 'rpm -qa|grep elasticsearch'
[WARNING]: Consider using the yum, dnf or zypper module rather than running rpm. If you need to use command because yum, dnf or zypper is insufficient you can
add warn=False to this command task or set command_warnings=False in ansible.cfg to get rid of this message. 172.16.23.128 | CHANGED | rc=0 >>
elasticsearch-6.5.2-1.noarch 172.16.23.130 | CHANGED | rc=0 >>
elasticsearch-6.5.2-1.noarch 172.16.23.129 | CHANGED | rc=0 >>
elasticsearch-6.5.4-1.noarch
将其中上面版本不一致的替换掉后,开启es服务,然后观察集群以及shards情况:
[root@master ~]# curl -X GET "localhost:9200/_cat/health?v"
epoch timestamp cluster status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent
1546073143 08:45:43 estest red 1 1 2 2 0 0 8 0 - 20.0%
[root@master ~]# curl -X GET "localhost:9200/_cat/health?v"
epoch timestamp cluster status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent
1546073274 08:47:54 estest green 3 3 10 5 0 0 0 0 - 100.0%
[root@master ~]# curl -X GET "localhost:9200/_cat/shards?v"
index shard prirep state docs store ip node
test 3 p STARTED 0 261b 172.16.23.128 master
test 3 r STARTED 0 261b 172.16.23.130 node2
test 4 r STARTED 0 261b 172.16.23.128 master
test 4 p STARTED 0 261b 172.16.23.129 node1
test 2 r STARTED 0 261b 172.16.23.129 node1
test 2 p STARTED 0 261b 172.16.23.130 node2
test 1 p STARTED 0 261b 172.16.23.129 node1
test 1 r STARTED 0 261b 172.16.23.130 node2
test 0 p STARTED 0 261b 172.16.23.128 master
test 0 r STARTED 0 261b 172.16.23.130 node2
索引test由10个分片组成,五个主分片,5个replica shard,replica shard是primary shard的副本,负责容错,以及承担读请求负载,primary shard的数量在创建索引的时候就固定了,replica shard的数量可以随时修改,primary shard的默认数量是5,replica默认是1
[root@master ~]# curl -XGET localhost:9200/test?pretty
{
"test" : {
"aliases" : { },
"mappings" : { },
"settings" : {
"index" : {
"creation_date" : "1546071287243",
"number_of_shards" : "5",
"number_of_replicas" : "1",
"uuid" : "l0Js1PJLTPSFEdXhanVSHA",
"version" : {
"created" : "6050299"
},
"provided_name" : "test"
}
}
}
}
[root@master ~]# curl -XGET localhost:9200/_cat/indices?v
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open test l0Js1PJLTPSFEdXhanVSHA 5 1 0 0 2.5kb 1.2kb
primary shard不能和自己的replica shard放在同一个节点上(否则节点宕机,primary shard和副本都丢失,起不到容错的作用),但是可以和其他primary shard的replica shard放在 同一个节点上
节点以及shards数分配参考:https://blog.csdn.net/qq_38486203/article/details/80077844
然后这里梳理一下es中一些基础概念:
1.cluster:
集群,一个ES集群由一个或多个节点(Node)组成,每个集群都有一个cluster name作为标识
2.node:
节点,一个ES实例就是一个node,一个机器可以有多个实例,一个集群由多个节点构成,大多数情况下每个node运行在一个独立的环境或虚拟机上。
3.index:
索引,即一系列documents的集合
3.shard:
分片,ES是分布式搜索引擎,每个索引有一个或多个分片,索引的数据被分配到各个分片上,相当于一桶水用了N个杯子装
分片有助于横向扩展,N个分片会被尽可能平均地(rebalance)分配在不同的节点上(例如你有2个节点,4个主分片(不考虑备份),那么每个节点会分到2个分片,后来你增加了2个节点,那么你这4个节点上都会有1个分片,这个过程叫relocation,ES感知后自动完成)
分片是独立的,对于一个Search Request的行为,每个分片都会执行这个Request.另外每个分片都是一个Lucene Index,所以一个分片只能存放 Integer.MAX_VALUE - 128 = 2,147,483,519 个docs
4.replica:
复制,可以理解为备份分片,相应地有primary shard(主分片)
主分片和备分片不会出现在同一个节点上(防止单点故障),默认情况下一个索引创建5个分片一个备份(即5primary+5replica=10个分片)
如果你只有一个节点,那么5个replica都无法分配(unassigned),此时cluster status会变成Yellow。
ES集群的三种状态:
Green: 所有主分片和备份分片都准备就绪,分配成功, 即使有一台机器挂了(假设一台机器实例),数据都不会丢失,但是会变成yellow状态.
Yellow: 所有主分片准备就绪,但至少一个主分片(假设是A)对应的备份分片没有就绪,此时集群处于告警状态,意味着高可用和容灾能力下降.如果刚好A所在的机器挂了,并且你只设置了一个备份(已处于未继续状态), 那么A的数据就会丢失(查询不完整),此时集群处于Red状态.
Red:至少有一个主分片没有就绪(直接原因是找不到对应的备份分片成为新的主分片),此时查询的结果会出现数据丢失(不完整).
容灾:primary分片丢失,replica分片就会被顶上去成为新的主分片,同时根据这个新的主分片创建新的replica,集群数据安然无恙
提高查询性能:replica和primary分片的数据是相同的,所以对于一个query既可以查主分片也可以查备分片,在合适的范围内多个replica性能会更优(但要考虑资源占用也会提升[cpu/disk/heap]),另外index request只能发生在主分片上,replica不能执行index request。
对于一个索引,除非重建索引否则不能调整分片的数目(主分片数, number_of_shards),但可以随时调整replica数(number_of_replicas)。
ELK之elasticsearch6.5集群的更多相关文章
- Elasticsearch6.2集群搭建
Elasticsearch6.2集群搭建 2018年04月02日 11:07:45 这个名字想了很久 阅读数:14154 版权声明:本博客为学习.笔记之用,以笔记形式记录学习的知识与感悟.学习过 ...
- 01篇ELK日志系统——升级版集群之elasticsearch集群的搭建
[ 前言:以前搭了个简单的ELK日志系统,以我个人的感觉来说,ELK日志系统还是非常好用的.以前没有弄这个ELK日志系统的时候,线上的项目出了bug,报错了,要定位错误是什么,错误出现在哪个java代 ...
- Elasticsearch6.2集群搭建, centos7
原文地址,转载请注明出处:https://blog.csdn.net/qq_34021712/article/details/79330028 ©王赛超 环境介绍 服务器 是否可以成为主节点 是否 ...
- ELK之 elasticsearch ES集群 head安装
最近项目用到 jenkins ELK 也在一次重新学习了一次 jenkins 不用说了 玩得就是 插件 + base---shell , ELK 这几年最流得log收集平台,当然不止 ...
- 日志分析平台ELK之搜索引擎Elasticsearch集群
一.简介 什么是ELK?ELK是Elasticsearch.Logstash.Kibana这三个软件的首字母缩写:其中elasticsearch是用来做数据的存储和搜索的搜索引擎:logstash是数 ...
- elasticsearch6.x集群环境部署
elasticsearch集群部署安装jdk chmod 755 jdk-8u161-linux-x64.tar.gztar -zxvf jdk-8u161-linux-x64.tar.gzcp jd ...
- ELK+zookeeper+kafka+rsyslog集群搭建
前言 环境困境: 1.开发人员无法登陆服务器 2.各系统都有日志,日志数据分散难以查找 3.日志数据量大,查询忙,不能实时 环境要求: 1.日志需要标准化 集群流程图: 角色: 软件: 以 ...
- ELK 中的elasticsearch 集群的部署
本文内容 背景 ES集群中第一个master节点 ES slave节点 本文总结 Elasticsearch(以下简称ES)搭建集群的经验.以 Elasticsearch-rtf-2.2.1 版本为例 ...
- [k8s]elk架构设计-k8s集群里搭建
elasticsearch和mysql的对比 https://blog.csdn.net/qq_21383435/article/details/79323383 Mapping ~ Schema m ...
随机推荐
- codeforces 798B - Mike and strings
感觉自己好咸鱼呀……B题写了这么久,虽然可以算作1A(忽略一次少include一个头文件的CE)…… 思想很简单,每次选定一个字符串作为目标字符串,然后把其他所有字符串都当做测试字符串,计算出总共需要 ...
- The "get" method should be used when the form is idempotent---正交的两个概念 get 幂等
https://www.w3.org/TR/REC-html40/interact/forms.html#h-17.13.1 17.13.1 Form submission method The me ...
- Windows Preinstallation Environment
https://en.wikipedia.org/wiki/Windows_Preinstallation_Environment https://zh.wikipedia.org/wiki/Wind ...
- python 几个重要的概念
转自:http://www.cnblogs.com/aylin/p/5601969.html
- window10 telnet的启用
(1) window+R打开运行窗口,输入control,如图: (2) 点击类别改成大图标: 如图所示: 然后点击程序和功能. (3) 然后依次点击:启用或者关闭windows功能->teln ...
- vhost-user 分析1
2018-01-24 占个坑,准备下写vhost-user的东西 vhost-user是vhost-kernel又回到用户空间的实现,其基本思想和vhost-kernel很类似,不过之前在内核的部分现 ...
- requests库的小技巧
#coding:utf-8 import requests # url = 'http://www.baidu.com' # response = requests.get(url) # print ...
- Percona Data Recovery Tool 单表恢复
前几天写过update或者delete忘加where条件的数据恢复.今天介绍一款开源的MySQL数据库InnoDB数据恢复工具:innodb-tools,它通过从原始数据文件中提取表的行记录,实现从丢 ...
- ListView and gridview常用属性
刷新:notifyDataSetChanged 1.gridview常用属性 GridView的一些特殊属性: 1.Android:numColumns=”auto_fit” //GridVi ...
- [vue]vue-cli下载原理
正常vue-cli这样操作就ok了 vue-cli github $ npm install -g vue-cli $ vue init webpack my-project $ cd my-proj ...