可見由 配置文件path.data決定
[root@master etc]# cat /usr/local/elasticsearch/config/elasticsearch.yml | egrep -v "^$|^#"
path.data: /tmp/elasticsearch/data
path.logs: /tmp/elasticsearch/logs
network.host: 192.168.100.10
network.port: 9200
[root@master etc]# du -s /tmp/elasticsearch/data/
4384 /tmp/elasticsearch/data/
[root@master etc]# du -s /tmp/elasticsearch/data/
8716 /tmp/elasticsearch/data/
如果是rpm安裝的elasticsearch(簡稱)可以/etc/init.d/elasticsearch 中設置: data 和log的位置
35 ES_USER="elasticsearch" 36 ES_GROUP="elasticsearch" 37 ES_HOME="/usr/share/elasticsearch" 38 MAX_OPEN_FILES=65535 39 MAX_MAP_COUNT=262144 40 LOG_DIR="/data2/elk/elasticsearch/log/elasticsearch" 41 DATA_DIR="/data2/elk/elasticsearch/data/elasticsearch" 42 CONF_DIR="/etc/elasticsearch" 43
配置集羣:
沒有集羣的時候,默認的數據目錄結構是:
[root@master etc]# ls /tmp/elasticsearch/data/elasticsearch/
nodes
【配置集羣的前提 hosts 解析】
master節點和slave節點要互相能夠解析
[root@master httpd]# ping master
PING www.elk.com (192.168.100.10) 56(84) bytes of data.
64 bytes from www.elk.com (192.168.100.10): icmp_seq=1 ttl=64 time=0.073 ms
^C
--- www.elk.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 675ms
rtt min/avg/max/mdev = 0.073/0.073/0.073/0.000 ms
[root@master httpd]# ping slave
PING slave (192.168.100.13) 56(84) bytes of data.
64 bytes from slave (192.168.100.13): icmp_seq=1 ttl=64 time=1.18 ms
【配置集羣】
master節點(節點一) 192.168.100.10上的配置:
# ---------------------------------- Cluster -----------------------------------
cluster.name: elasticsearch-cluster
# ------------------------------------ Node ------------------------------------
node.name: master
# --------------------------------- Discovery ----------------------------------
#
# Elasticsearch nodes will find each other via unicast, by default.
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
# discovery.zen.ping.unicast.hosts: ["host1", "host2"]
discovery.zen.ping.unicast.hosts: ["master", "slave"]
salve節點(節點二) 192.168.100.13上的配置:安裝elasticsearch (同上elasticsearch安裝)
[root@slave elasticsearch]# egrep -v "^$|^#" config/elasticsearch.yml
cluster.name: elasticsearch-cluster node.name: slave discovery.zen.ping.unicast.hosts: ["master", "slave"] path.data: /tmp/elasticsearch/data path.logs: /tmp/elasticsearch/logs network.host: 0.0.0.0 network.port: 9200
slave啓動elasticsearch
[root@slave elasticsearch]# sudo su - elasticsearch /usr/local/elasticsearch/bin/elasticsearch
【驗證】
訪問插件查看集羣狀態
http://192.168.100.10:9200/_plugin/head/
或者使用:
API檢查
[root@master etc]# curl 192.168.100.10:9200/_cluster/health?pretty
{
"cluster_name" : "elasticsearch",
"status" : "yellow",
"timed_out" : false,
"number_of_nodes" : 1,
"number_of_data_nodes" : 1,
"active_primary_shards" : 26,
"active_shards" : 26,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 26,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 50.0
}狀態意義
green所有主分片和從分片都可用
yellow所有主分片可用,但存在不可用的從分片
red存在不可用的主要分片
在接下來的章節,我們將學習一下什麼是主要分片(primary shard) 和 從分片(replica shard),並說明這些狀態在實際環境中的意義。
【爲黃不爲綠色的原因】
我主節點配置文件修改後,木有重啓,重啓後即正常
【結果】
之後數據的存儲路徑會變成 elasticsearch-cluster 目錄下面
/tmp/elasticsearch/data/elasticsearch-cluster
當然之前一個節點的數據當然是沒有了,所以重新打開kibana會要新創建索引
數據目錄中也只能看到今天的索引了
[root@master tls]# ls /tmp/elasticsearch/data/elasticsearch-cluster/nodes/0/indices/
.kibana/ logstash-2016.05.15/
【看數據增加】
爲了給它加點數據
[root@master httpd]# for i in {1..100000}; do echo "mesaage $i" >> /var/log/messages ;done
看結果:
