由于业务扩展,原来的4台elastic架构已经不能支撑现在的日志流量,所以要对elastic进行节点扩展,扩展需求为10台机器,它们装同样的东西,配置基本一致,这时候就不能每台手动安装了,要进行批量安装,批量管理,ansible不需要在机器上安装客户端,管理更简单,所以我选择了ansible,下面进入实战演示:
环境介绍:
Centos 7.3
Ansible 2.4.2
Elasticsearch 6.6.0
IP:10.1.5.130-139
一.Expect批量免密认证
要实现ansible批量部署,必须先实现ssh免密认证
1.安装expect
yum -y install expect
2.免密脚本
#!/bin/bash
SERVERS=`cat /root/ip.list` #一行写一个IP
PASSWD="123456" #root密码
function sshcopyid
{
expect -c "
set timeout -1;
spawn ssh-copy-id $1;
expect {
\"yes/no\" { send \"yes\r\" ;exp_continue; } #当显示yes/no时,交互输入yes
\"password:\" { send \"$PASSWD\r\";exp_continue; }
};
expect eof; #结束符号
"
}
for server in $SERVERS
do
sshcopyid $server #函数调用
done
3.执行脚本后进行ansible批量验证
二.ansible安装和使用
yum -y install ansible
添加所有主机IP到hosts文件
vim /etc/ansible/hosts
[elk] 10.1.5.130 id=elk_node1 10.1.5.131 id=elk_node2 10.1.5.132 id=elk_node3 10.1.5.133 id=elk_node4 10.1.5.134 id=elk_node5 10.1.5.135 id=elk_node6 10.1.5.136 id=elk_node7 10.1.5.137 id=elk_node8 10.1.5.138 id=elk_node9 10.1.5.139 id=elk_node10
3.测试ssh免密认证是否正常
ansible \* -m ping
如下反馈为正常:(10台机器反馈10次)
10.1.5.130 | SUCCESS | rc=0 >>
4.批量防火墙和selinux关闭
#对elk这个组用copy模块,给所有机器复制文件
ansible elk -m copy -a 'src=/etc/selinux/config dest=/etc/selinux/'
#对elk这个组用shell模块,在所有机器上执行同样的shell命令
ansible elk -m shell -a 'systemctl disable firewalld' ansible elk -m shell -a 'systemctl stop firewalld' ansible elk -m shell -a 'iptables -F' ansible elk -m shell -a 'setenforce 0'
5.最大文件打开数设置
vim /etc/secrity/limits.conf
* soft nofile 10000 * hard nofile 65536 * soft nproc 10000 * hard nproc 65536 elk soft memlock unlimited elk hard memlock unlimited
vim /etc/sysctl.conf
vm.max_map_count = 262144
6.用ansible同步设置
ansible elastic -m copy -a "src=/etc/security/limits.conf dest=/etc/security/" ansible elastic -m copy -a "src=/etc/sysctl.conf dest=/etc/"
#查看是否设置成功
ansible elastic -m shell -a "sysctl -p" ansible elastic -m shell -a "sysctl -a|grep vm.max_map_count"
返回如下提示为成功
10.1.5.130 | SUCCESS | rc=0 >>
vm.max_map_count = 262144
三.必要配置文件编写
Ansible采用模板方式分发带变量的文件,可以实现在分发的同时填写自定义的文字
1.核心配置文件elasticsearch.yml
cluster.name: myapp
node.name: {{id}} #根据ansible的hosts文件中的配置拿到取值
path.data: /data
bootstrap.memory_lock: true
bootstrap.system_call_filter: false
#此变量从ansible all -m setup命令获取到的IP信息
network.host: {{ansible_default_ipv4['address']}}
http.port: 9200
discovery.zen.ping.unicast.hosts: ["10.1.5.130","10.1.5.131","10.1.5.132","10.1.5.133","10.1.5.134","10.1.5.135","10.1.5.136","10.1.5.137","10.1.5.138","10.1.5.139"]
discovery.zen.minimum_master_nodes: 8
gateway.recover_after_nodes: 8
gateway.expected_nodes: 8
gateway.recover_after_time: 3m
action.auto_create_index: true
cluster.routing.allocation.same_shard.host: true
thread_pool.bulk.queue_size: 1000
node.data: true
xpack.security.enabled: false
四.ansible-playbook编写(test.yml)
#作用主机 - hosts: elastic #远程用户 remote_user: root tasks: #创建elk用户 - name: create user user: name: "elk" password: "elk" home: /elk #创建一个目录用于存放必要软件 - name: mkdir file: path=/root/software state=directory mode=0755 #创建安装目录 - name: mkdir elk file: path=/elk state=directory mode=0755 #复制java到目标主机 - name: copy java unarchive: src=jdk1.8.0_144.tar.gz dest=/usr/local/ copy=yes #java安装 - name: copy profile copy: src=/etc/profile dest=/etc/ - name: jdk run shell: source /etc/profile #复制elasticsearch程序到目标目录 - name: copy elastic unarchive: src=elasticsearch-6.6.0.tar.gz dest=/elk copy=yes #修改目录权限給elk用户 - name: chown file: path=/elk state=directory mode=0755 owner=elk group=elk recurse=yes #分发配置文件到目标目录,里面配置了相应变量 - name: Deploy elastic.yml template: src=templates/elasticsearch.j2 dest=/elk/elasticsearch-6.6.0/config/elasticsearch.yml mode=0755 #配置开机启动项 - name: Deploy elastic template: src=templates/elastic dest=/etc/rc.d/init.d/ mode=0755 - name: chkconfig elastic command: chdir=/etc/rc.d/init.d chkconfig --add elastic #分发程序启动脚本 - name: Deploy elasticstart template: src=templates/elasticstart dest=/elk/elasticsearch-6.6.0/ mode=0755
五.运行ansible分发脚本
ansible-playbook test.yml
查看是否都成功执行命令
六.批量启动测试
ansible elastic -m shell -a "systemctl restart elastic" ansible elastic -m shell -a 'netstat -anp|grep 9200' ansible elastic -m shell -a 'tail /elk/elasticsearch-6.6.0/logs/myapp.log'
七.配置更新
#修改jvm配置
ansible elastic -m copy -a "src=/elk/elasticsearch-6.6.0/config/jvm.options dest=/elk/elasticsearch-6.6.0/config/"
或
vim elastic.yml
- hosts: elastic remote_user: root tasks: - name: Deploy elastic.yml template: src=templates/elasticsearch.j2 dest=/elk/elasticsearch-6.6.0/config/elasticsearch.yml mode=0755