当前环境:
docker-compose安装的分机多节点 elasticsearch 7.15.0
| node1 |
192.168.1.194 |
| node2 |
192.168.1.195 |
| node3 | 192.168.1.198 |
安装参见:
https://www.cnblogs.com/xiaoyou2018/p/13754943.html
因业务需要,需要升级到8.10.4
8.X 高版本的安全加固已成必须,想不做安全都变得很困难。 8.X 高版本会在7.X版本上做的升级,低版本已知bug都已修复,理论上性能也更优。 8.X 的新特性、新 feature,只有升级才能使用。其中包括矢量搜索、近似最近邻 (ANN) 搜索、现代 NLP 和简化的 Stack 安全性等诸多亮点
流程
两步骤策略如下: 第一步:7.15.0 版本升级到 7.17.5 版本。 https://www.elastic.co/guide/en/elasticsearch/reference/7.17/rolling-upgrades.html 第二步:7.17.5 版本升级到 8.1.3 版本。 https://www.elastic.co/guide/en/elastic-stack/8.1/upgrading-elastic-stack.html#prepare-to-upgrade
1、8.0版本的elastic和7.0版本的elastic在参数配置写法有一些不同
2、8.0版本的elastic弃用掉了一些7.0版本的插件
3、elasticsearch 8.0开始 默认不允许kibana通过elastic账户登录
https://www.elastic.co/guide/en/elasticsearch/reference/8.10/modules-discovery-settings.html
https://blog.csdn.net/qq_42123832/article/details/128517163
步骤:
1、拉取镜像
docker pull docker.elastic.co/elasticsearch/elasticsearch:8.10.4 docker pull docker.elastic.co/kibana/kibana:8.10.4 docker pull docker.elastic.co/elasticsearch/elasticsearch:7.17.0 docker pull docker.elastic.co/kibana/kibana:7.17.0
2、配置yml文件
node1
version: '3.4' services: elasticsearch_node1: network_mode: host image: docker.elastic.co/elasticsearch/elasticsearch:8.10.4 container_name: elasticsearch_node1 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node1 # - node.master=true # - node.data=true - node.roles:[master, data] - http.port:9200 - transport.tcp.port:9300 - TZ=Asia/Shanghai - bootstrap.memory_lock=true - xpack.security.enabled:true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.keystore.type=PKCS12 - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.type=PKCS12 - xpack.security.audit.enabled=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin= "*" - cluster.initial_master_nodes=node1,node2,node3 - "ES_JAVA_OPTS=-Xms8192m -Xmx8192m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.seed_hosts=192.168.1.194,192.168.1.195,192.168.1.198 - discovery.zen.minimum_master_nodes:2 - discovery.zen.ping_timeout:120s #- client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.194 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node1:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node1:/usr/share/elasticsearch/logs - /data/elasticsearch/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 ports: - 9200:9200 - 9300:9300 kibana: network_mode: host image: docker.elastic.co/kibana/kibana:8.10.4 container_name: kibana restart: always ports: - 5601:5601 volumes: - /etc/localtime:/etc/localtime - /opt/kibana_8.10.4.yml:/usr/share/kibana/config/kibana.yml:rw depends_on: - elasticsearch_node1
node2
version: '3.4' services: elasticsearch_node2: network_mode: host image: docker.elastic.co/elasticsearch/elasticsearch:8.10.4 container_name: elasticsearch_node2 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node2 # - node.master=true # - node.data=true - node.roles:[master, data] - http.port:9200 - transport.tcp.port:9300 - TZ=Asia/Shanghai - bootstrap.memory_lock=true - xpack.security.enabled:true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.keystore.type=PKCS12 - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.type=PKCS12 - xpack.security.audit.enabled=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin= "*" - cluster.initial_master_nodes=node1,node2,node3 - "ES_JAVA_OPTS=-Xms8192m -Xmx8192m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.seed_hosts=192.168.1.194,192.168.1.195,192.168.1.198 - discovery.zen.minimum_master_nodes:2 - discovery.zen.ping_timeout:120s #- client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.195 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node1:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node1:/usr/share/elasticsearch/logs - /data/elasticsearch/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 ports: - 9200:9200 - 9300:9300
node3
version: '3.4' services: elasticsearch_node3: network_mode: host image: docker.elastic.co/elasticsearch/elasticsearch:8.10.4 container_name: elasticsearch_node3 restart: always privileged: true environment: - cluster.name=elasticsearch-cluster - node.name=node3 # - node.master=true # - node.data=true - node.roles:[master, data] - http.port:9200 - transport.tcp.port:9300 - TZ=Asia/Shanghai - bootstrap.memory_lock=true - xpack.security.enabled:true - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.keystore.type=PKCS12 - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 - xpack.security.transport.ssl.truststore.type=PKCS12 - xpack.security.audit.enabled=true - search.max_buckets=100000000 - http.cors.enabled=true - http.cors.allow-origin= "*" - cluster.initial_master_nodes=node1,node2,node3 - "ES_JAVA_OPTS=-Xms8192m -Xmx8192m" ####### #如果是单台服务器 ##### #- "discovery.zen.ping.unicast.hosts=elasticsearch_n0,elasticsearch_n1,elasticsearch_n2" - discovery.seed_hosts=192.168.1.194,192.168.1.195,192.168.1.198 - discovery.zen.minimum_master_nodes:2 - discovery.zen.ping_timeout:120s #- client.transport.ping_timeout=60s # 如果是拆分版,这条配置必须加上,指定当前节点访问的ip - network.publish_host=192.168.1.198 ulimits: memlock: soft: -1 hard: -1 volumes: - /data/elasticsearch/data/node1:/usr/share/elasticsearch/data - /data/elasticsearch/logs/node1:/usr/share/elasticsearch/logs - /data/elasticsearch/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12 ports: - 9200:9200 - 9300:9300
kibana.yml
# ## ** THIS IS AN AUTO-GENERATED FILE ** ## # # # Default Kibana configuration for docker target server.name: kibana server.host: "0.0.0.0" #这里写你的es第一个node的地址 elasticsearch.hosts: [ "http://192.168.1.194:9200"] xpack.monitoring.ui.container.elasticsearch.enabled: false xpack.security.enabled: true elasticsearch.username: "kibana" elasticsearch.password: "xxxxxxfeN" i18n.locale: zh-CN