手记

ElasticSearch实践系列(二):探索集群

前言

为了方便ELK的逐步搭建,我们本篇文章先安装Kibana,然后用Kibana的DevTols执行命令。
也可以安装elasticsearch-head运行命令。

安装Kibana

复制RPM格式的链接。

wget https://artifacts.elastic.co/downloads/kibana/kibana-6.4.1-x86_64.rpm
sudo rpm --install kibana-6.4.1-x86_64.rpm

更新配置信息

vi /etc/kibana/kibana.yml

将elasticsearch.url: "http://127.0.0.1:9200"

sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable kibana.service
sudo systemctl start kibana.service
sudo systemctl stop kibana.service
sudo systemctl  status kibana

状态信息Active是:active (running) 的时候,就是成功了。

[root@izwz9fwifc2eniq3lbdzmgz /]# systemctl status kibana kibana.service - Kibana
   Loaded: loaded (/etc/systemd/system/kibana.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2018-09-28 18:35:41 CST; 20h ago
 Main PID: 1474 (node)
   CGroup: /system.slice/kibana.service
           └─1474 /usr/share/kibana/bin/../node/bin/node --no-warnings /usr/share/kibana/bin/../src/cli -c /etc/kibana/kibana.yml

Sep 29 15:23:52 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:23:52Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r...plain, */*
Sep 29 15:24:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:24:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r...plain, */*
Sep 29 15:24:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:24:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r.../plain, */
Sep 29 15:24:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:24:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r...plain, */*
Sep 29 15:25:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:25:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r...plain, */*
Sep 29 15:25:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:25:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r.../plain, */
Sep 29 15:25:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:25:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r...plain, */*
Sep 29 15:26:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:26:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r...plain, */*
Sep 29 15:26:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:26:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r...plain, */*
Sep 29 15:26:53 izwz9fwifc2eniq3lbdzmgz kibana[1474]: {"type":"response","@timestamp":"2018-09-29T07:26:53Z","tags":[],"pid":1474,"method":"post","statusCode":200,"r.../plain, */
Hint: Some lines were ellipsized, use -l to show in full.

探索集群

群集健康

要检查集群运行情况,我们可以使用_catApi工具。通过使用curl或其他HTTP Restful客户端工具可以执行运行。

curl http://localhost:9200/_cat/health?v

[root@XXX /]# curl http://localhost:9200/_cat/health?vepoch      timestamp cluster       status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent1538204636 15:03:56  elasticsearch yellow          1         1     16  16    0    0       15             0                  -                 51.6%

或者通过Kibana控制台


image.png


检查集群时,我们会获得三个状态:

  • 绿色 - 一切都很好(集群功能齐全)

  • 黄色 - 所有数据均可用,但尚未分配一些副本(群集功能齐全)

  • 红色 - 某些数据由于某种原因不可用(群集部分功能)

注意:当群集为红色时,它将继续提供来自可用分片的搜索请求,但您可能需要尽快修复它,因为存在未分配的分片

节点

Get     /_cat/nodes?v

[root@izwz9fwifc2eniq3lbdzmgz kibana]# curl http://localhost:9200/_cat/nodes172.18.235.220 12 97 1 0.00 0.01 0.05 mdi * JRtCfH7

这里我们看到JRtCfH7的单节点,它是我们集群中当前的单个节点。

创建索引

利用Kibana的DevTools输入指令

PUT /best3?pretty

#! Deprecation: the default number of shards will change from [5] to [1] in 7.0.0; if you wish to continue using the default of [5] shards, you must manage this on the create index request or with an index template{  "acknowledged": true,  "shards_acknowledged": true,  "index": "best3"}

列出所有索引

Get  /_cat/indices?v

green  open   .kibana   qCbYeswVT2WCogz_E9Y3Ag   1   0          1            0        4kb            4kbyellow open   index     3BGZ895tTNa8qtM_nA3YmA   5   1          1            0      4.4kb          4.4kbyellow open   customer2 VyIXSBK6R9yHNYNDlsni3A   5   1          0            0      1.2kb          1.2kbyellow open   customerc Nbglz5hbRO28jyt_XyPNTA   5   1          1            0      4.5kb          4.5kbyellow open   cust      xuYth97RShixNtgNpbyxBA   5   1          1            0      4.4kb          4.4kbyellow open   customer  x57uWBR3Rg-w2_Dz7Djduw   5   1          1            0      4.5kb          4.5kbyellow open   customerf osKgtSLxTPKblJW7mrmO0Q   5   1          1            0      5.1kb          5.1kbyellow open   customerb 80DoY8e3RtinVNV4VGU4Cg   5   1          1            0      4.5kb          4.5kbyellow open   customer3 101ZzeNmRuCn9d_NOx5oZg   5   1          0            0      1.2kb          1.2kbyellow open   customere p2BWLci9Qz-1VnOh0vSSQA   5   1          2            0      7.6kb          7.6kbyellow open   best3     1PDN1mjCTCuq3zfHu2kA0g   5   1          0            0      1.1kb          1.1kb

索引和查询文档

Elasticsearch在您将文档编入索引之前不需要先显式创建索引,如果索引不存在,则会自动创建索引。
我们创建一个简单的文档,索引到best3索引中,Id为1,如下:

PUT /best3/_doc/1?pretty
{
"name": "John Doe"
}

返回:

{  "_index": "best3",  "_type": "_doc",  "_id": "1",  "_version": 1,  "result": "created",  "_shards": {    "total": 2,    "successful": 1,    "failed": 0
  },  "_seq_no": 0,  "_primary_term": 1}

查询:

GET  /best3/_doc/1?

返回:

{  "_index": "best3",  "_type": "_doc",  "_id": "1",  "_version": 1,  "found": true,  "_source": {    "name": "John Doe"
  }
}

删除索引

DELETE /best3?pretty

GET /_cat/indices?v

返回:

health status index     uuid                   pri rep docs.count docs.deleted store.size pri.store.sizegreen  open   .kibana   qCbYeswVT2WCogz_E9Y3Ag   1   0          1            0        4kb            4kbyellow open   index     3BGZ895tTNa8qtM_nA3YmA   5   1          1            0      4.4kb          4.4kbyellow open   customer2 VyIXSBK6R9yHNYNDlsni3A   5   1          0            0      1.2kb          1.2kbyellow open   customerc Nbglz5hbRO28jyt_XyPNTA   5   1          1            0      4.5kb          4.5kbyellow open   cust      xuYth97RShixNtgNpbyxBA   5   1          1            0      4.4kb          4.4kbyellow open   customer  x57uWBR3Rg-w2_Dz7Djduw   5   1          1            0      4.5kb          4.5kbyellow open   customerf osKgtSLxTPKblJW7mrmO0Q   5   1          1            0      5.1kb          5.1kbyellow open   customerb 80DoY8e3RtinVNV4VGU4Cg   5   1          1            0      4.5kb          4.5kbyellow open   customer3 101ZzeNmRuCn9d_NOx5oZg   5   1          0            0      1.2kb          1.2kbyellow open   customere p2BWLci9Qz-1VnOh0vSSQA   5   1          2            0      7.6kb          7.6kb

修改数据

使用Put指定相同的ID时,Es会用新数据覆盖原有数据。不同ID时,则会对新文档编制索引,并且索引中已有的现有文档保持不变。
不指定ID时,需要使用Post,Es会自动生成随机ID。

POST /best3/_doc?pretty
{
"name": "Jane Doe"
}

更新文档

POST /best3/_doc/1/_update?pretty
{
"doc": { "name": "Jane Doe", "age": 20 }
}

根据脚本更新

POST /best3/_doc/1/_update?pretty
{
"script" : "ctx._source.age += 5"
}

参考Update By Query API

删除文档

DELETE /best3/_doc/2?pretty

参考Delete By Query API

批量处理

POST /best3/_doc/_bulk?pretty
{"index":{"_id":"1"}}
{"name": "John Doe" }
{"index":{"_id":"2"}}
{"name": "Jane Doe" }



作者:范存威
链接:https://www.jianshu.com/p/ce7b3808647c


0人推荐
随时随地看视频
慕课网APP