云计算企业级小架构部署应用综合练习-二- Ansible 部署 Elastic Stack

一、Elasticsearch 集群

https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.10.0-linux-x86_64.tar.gz

https://artifacts.elastic.co/downloads/kibana/kibana-7.10.2-linux-x86_64.tar.gz

https://artifacts.elastic.co/downloads/logstash/logstash-7.11.1-linux-x86_64.tar.gz

https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.10.2-linux-x86_64.tar.gz

目录结构

[root@vm1 playbook]# tree elk
elk
├── deploy-elasticsearch.yml
├── elasticsearch.j2
├── elastic-vars.yml
├── elk-pkg
│   ├── elasticsearch-7.10.0-linux-x86_64.tar.gz
│   ├── filebeat-7.10.0-linux-x86_64.tar.gz
│   ├── kibana-7.10.0-linux-x86_64.tar.gz
│   └── logstash-7.10.0-linux-x86_64.tar.gz
├── jvm.options
├── limits.conf
└── sysctl.conf

1 directory, 10 files

elk/deploy-elasticsearch.yml

---
- name: 部署 elasticsearch 集群
  hosts: es
  gather_facts: no
  remote_user: root
  vars_files:
    - elastic-vars.yml
  tasks:
    - name: 创建用户
      user:
        name: "{
    
    { ela_user }}"
      tags: deploy

    - name: 传输本地软件包到远程主机并且解压到指定目录
      ansible.builtin.unarchive:
        src: "{
    
    { ela }}"
        dest: /usr/local/
        owner: "{
    
    { ela_user }}"
        group: "{
    
    { ela_user }}"
        list_files: yes
      register: ret
      tags: deploy

    - name: 创建软链接
      ansible.builtin.file:
        src: /usr/local/{
    
    {
    
     ret.files.0 | regex_replace('/.*') }}
        dest: /usr/local/elasticsearch
        state: link
      tags: deploy

    - name: 传输配置文件
      template:
        src: elasticsearch.j2
        dest: /usr/local/elasticsearch/config/elasticsearch.yml
        owner: "{
    
    { ela_user }}"
        group: "{
    
    { ela_user }}"
      tags:
        - deploy
        - update-conf

    - name: 传输 jvm 配置文件
      copy:
        src: jvm.options
        dest: /usr/local/elasticsearch/config/jvm.options
        owner: "{
    
    { ela_user }}"
        group: "{
    
    { ela_user }}"
      tags:
        - deploy
        - update-conf

    - name: 传输系统配置文件
      copy:
        src: limits.conf
        dest: /etc/security/limits.conf
      tags: deploy

    - name: 传输系统配置文件
      copy:
        src: sysctl.conf
        dest: /etc/sysctl.conf
      tags: deploy

    - name: 加载 /etc/sysctl.conf  文件,使内核参数生效
      shell: sysctl -p
      tags: deploy

    - name: 检查 进程 PID
      shell:
        cmd: ./jps | grep [E]lasticsearch | cut -d ' ' -f 1
        chdir: /usr/local/elasticsearch/jdk/bin/
      register: ela_pid
      tags:
        - restart
        - update-conf

    #- name: 调试
    #  debug: var=ela_pid

    - name: 停止 elasticsearch
      when: ela_pid.stdout
      shell: kill -9 "{
    
    {
    
     ela_pid.stdout }}"
      tags:
        - restart
        - update-conf

    - name: 启动服务
      # 使用 elastic 用户执行此命令
      become: yes
      become_user: "{
    
    { ela_user }}"
      command:
        # argv 是一个列表，存放了需要执行的命令及其参数
        # 一行一个
        argv:
          - nohup
          - /usr/local/elasticsearch/bin/elasticsearch
          - -p
          - /tmp/elasticsearch.pid
          - -d
      tags:
        - deploy
        - restart
        - update-conf
...

playbook 使用的变量文件内容如下：

[root@vm1 playbook]# cat elk/elastic-vars.yml
# elasticsearch 用户
ela_user: elastic

# 程序的二进制包名称
ela: elk-pkg/elasticsearch-7.10.0-linux-x86_64.tar.gz
logstash: elk-pkg/logstash-7.10.0-linux-x86_64.tar.gz
kibana: elk-pkg/kibana-7.10.0-linux-x86_64.tar.gz
filebeat: eli-pkg/filebeat-7.10.0-linux-x86_64.tar.gz

playbook 中使用到的模板文件内容如下：

[root@vm1 playbook]# cat elk/elasticsearch.j2
cluster.name: elk
node.name: "{
   
   { node_name }}"
node.data: true
network.host: 0.0.0.0
http.port: 9200

discovery.seed_hosts:
   - es01
   - es02:9300
   - es03
cluster.initial_master_nodes: "{
   
   { es_nodes }}"

上面的模板文件在 资产清单文件中添加如下变量

[es]
# 集群节点名称
es01 node_name=ela1
es02 node_name=ela2
es03 node_name=ela3

[es:vars]
# 用于参加选举的节点名列表
es_nodes=["ela1", "ela2", "ela3"]

ES 集群使用的 JVM 配置文件

[root@vm1 playbook]# cat elk/jvm.options
-Xms1g
-Xmx1g
8-13:-XX:+UseConcMarkSweepGC
8-13:-XX:CMSInitiatingOccupancyFraction=75
8-13:-XX:+UseCMSInitiatingOccupancyOnly
14-:-XX:+UseG1GC
14-:-XX:G1ReservePercent=25
14-:-XX:InitiatingHeapOccupancyPercent=30
-Djava.io.tmpdir=${ES_TMPDIR}
-XX:+HeapDumpOnOutOfMemoryError
-XX:HeapDumpPath=data
-XX:ErrorFile=logs/hs_err_pid%p.log
8:-XX:+PrintGCDetails
8:-XX:+PrintGCDateStamps
8:-XX:+PrintTenuringDistribution
8:-XX:+PrintGCApplicationStoppedTime
8:-Xloggc:logs/gc.log
8:-XX:+UseGCLogFileRotation
8:-XX:NumberOfGCLogFiles=32
8:-XX:GCLogFileSize=64m
9-:-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m

系统文件句柄配置文件 elk/limits.conf 内容如下：

root soft nofile 65535
root hard nofile 65535
* soft nofile 65535
* hard nofile 65535
* soft nproc  4096
* hard nproc 4096

系统的内核配置文件 elk/sysctl.conf 内容如下

只有 # elasticsearch 下面的配置是必须的，其他可选

vm.swappiness = 0
kernel.sysrq = 1

net.ipv4.neigh.default.gc_stale_time = 120

# see details in https://help.aliyun.com/knowledge_detail/39428.html
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2

# see details in https://help.aliyun.com/knowledge_detail/41334.html
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 1024
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_slow_start_after_idle = 0

# elasticsearch
net.ipv4.tcp_retries2=5
vm.max_map_count=262144