es的3节点组集群问题解决了

busybox-deployment.yaml

@@ -0,0 +1,27 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: busybox
+  namespace: efk
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: busybox
+  template:
+    metadata:
+      labels:
+        app: busybox
+    spec:
+      containers:
+      - name: busybox
+        image: busybox:1.35
+        command: ["sh", "-c", "while true; do sleep 3600; done"]
+        resources:
+          requests:
+            memory: "10Mi"
+            cpu: "10m"
+          limits:
+            memory: "50Mi"
+            cpu: "50m"
+      restartPolicy: Always

elasticsearch-ingress.yaml

@@ -59,3 +59,20 @@ spec:
         path: /
         pathType: Prefix
 
+---
+
+
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: elasticsearch-ingress
+  namespace: efk
+spec:
+  entryPoints:
+    - web  # 使用 HTTP 入口点（如果需要 HTTPS，请改为 "websecure"）
+  routes:
+  - match: Host(`elastic.k8s.xunlang.home`) && PathPrefix(`/`)
+    kind: Rule
+    services:
+    - name: elasticsearch-lb
+      port: 9200

elasticsearch-service-0.yaml

@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: elasticsearch-0
-  namespace: efk
-spec:
-  ports:
-  - port: 9200
-    targetPort: 9200
-    name: http
-  selector:
-    statefulset.kubernetes.io/pod-name: elasticsearch-0-0
-  type: LoadBalancer

elasticsearch-service-1.yaml

@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: elasticsearch-1
-  namespace: efk
-spec:
-  ports:
-  - port: 9200
-    targetPort: 9200
-    name: http
-  selector:
-    statefulset.kubernetes.io/pod-name: elasticsearch-1-0
-  type: LoadBalancer

elasticsearch-service-2.yaml

@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: elasticsearch-2
-  namespace: efk
-spec:
-  ports:
-  - port: 9200
-    targetPort: 9200
-    name: http
-  selector:
-    statefulset.kubernetes.io/pod-name: elasticsearch-2-0
-  type: LoadBalancer

elasticsearch-service.yaml

@@ -1,13 +1,64 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: elasticsearch-public  # 新服务名，避免与现有 headless 服务冲突
+  name: elasticsearch-0
   namespace: efk
 spec:
   ports:
   - port: 9200
     targetPort: 9200
     name: http
+  - port: 9300
+    targetPort: 9300
+    name: transport
   selector:
-    statefulset.kubernetes.io/pod-name: elasticsearch-0-0  # 精确匹配 master 节点
+    statefulset.kubernetes.io/pod-name: elasticsearch-0-0
   type: LoadBalancer
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: elasticsearch-1
+  namespace: efk
+spec:
+  ports:
+  - port: 9200
+    targetPort: 9200
+    name: http
+  - port: 9300
+    targetPort: 9300
+    name: transport
+  selector:
+    statefulset.kubernetes.io/pod-name: elasticsearch-1-0
+  type: LoadBalancer
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: elasticsearch-2
+  namespace: efk
+spec:
+  ports:
+  - port: 9200
+    targetPort: 9200
+    name: http
+  - port: 9300
+    targetPort: 9300
+    name: transport
+  selector:
+    statefulset.kubernetes.io/pod-name: elasticsearch-2-0
+  type: LoadBalancer
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: elasticsearch-lb
+  namespace: efk
+spec:
+  type: LoadBalancer  # 使用 LoadBalancer 类型
+  selector:
+    app: elasticsearch
+  ports:
+  - port: 9200        # 客户端访问的端口
+    targetPort: 9200  # Elasticsearch 容器中实际监听的端口
+    name: http

elasticsearch-statefulSet.yaml

@@ -1,4 +1,3 @@
-# elasticsearch-0
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
@@ -35,31 +34,22 @@ spec:
         - name: node.name
           value: "elasticsearch-0"
         - name: discovery.seed_hosts
-          value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local"
+          value: "elasticsearch-0.efk.svc.cluster.local,elasticsearch-1.efk.svc.cluster.local,elasticsearch-2.efk.svc.cluster.local"
         - name: cluster.initial_master_nodes
           value: "elasticsearch-0"
         - name: xpack.security.enabled
           value: "false"
-        - name: xpack.security.transport.ssl.enabled
-          value: "false"
-        - name: ELASTIC_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: elasticsearch-secret
-              key: elastic_password
         - name: ES_JAVA_OPTS
-          value: "-Xms4g -Xmx4g"
+          value: "-Xms6g -Xmx6g"
         - name: node.roles
           value: "[master, data_hot]"
-        - name: node.attr.data-tier
-          value: "hot"
         resources:
           requests:
-            memory: "4Gi"
-            cpu: "1"
-          limits:
             memory: "6Gi"
             cpu: "2"
+          limits:
+            memory: "8Gi"
+            cpu: "4"
         volumeMounts:
         - name: data
           mountPath: /usr/share/elasticsearch/data
@@ -81,8 +71,9 @@ spec:
       - name: config-volume
         persistentVolumeClaim:
           claimName: "elasticsearch-config-pvc-elasticsearch-0"
+            
 ---
-# elasticsearch-1
+
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
@@ -119,22 +110,15 @@ spec:
         - name: node.name
           value: "elasticsearch-1"
         - name: discovery.seed_hosts
-          value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local"
+          value: "elasticsearch-0.efk.svc.cluster.local,elasticsearch-1.efk.svc.cluster.local,elasticsearch-2.efk.svc.cluster.local"
         - name: cluster.initial_master_nodes
           value: "elasticsearch-0"
         - name: xpack.security.enabled
           value: "false"
-        - name: ELASTIC_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: elasticsearch-secret
-              key: elastic_password
         - name: ES_JAVA_OPTS
           value: "-Xms4g -Xmx4g"
         - name: node.roles
           value: "[data_warm]"
-        - name: node.attr.data-tier
-          value: "warm"
         resources:
           requests:
             memory: "4Gi"
@@ -162,9 +146,10 @@ spec:
           claimName: "elasticsearch-data-pvc-elasticsearch-1"
       - name: config-volume
         persistentVolumeClaim:
-          claimName: "elasticsearch-config-pvc-elasticsearch-0"
+          claimName: "elasticsearch-config-pvc-elasticsearch-1"
+
 ---
-# elasticsearch-2
+
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
@@ -201,22 +186,15 @@ spec:
         - name: node.name
           value: "elasticsearch-2"
         - name: discovery.seed_hosts
-          value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local"
+          value: "elasticsearch-0.efk.svc.cluster.local,elasticsearch-1.efk.svc.cluster.local,elasticsearch-2.efk.svc.cluster.local"
         - name: cluster.initial_master_nodes
           value: "elasticsearch-0"
         - name: xpack.security.enabled
           value: "false"
-        - name: ELASTIC_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: elasticsearch-secret
-              key: elastic_password
         - name: ES_JAVA_OPTS
           value: "-Xms4g -Xmx4g"
         - name: node.roles
           value: "[data_cold]"
-        - name: node.attr.data-tier
-          value: "cold"
         resources:
           requests:
             memory: "4Gi"
@@ -244,5 +222,4 @@ spec:
           claimName: "elasticsearch-data-pvc-elasticsearch-2"
       - name: config-volume
         persistentVolumeClaim:
-          claimName: "elasticsearch-config-pvc-elasticsearch-0"
-
+          claimName: "elasticsearch-config-pvc-elasticsearch-2"

kibana-deployment.yaml

@@ -22,7 +22,7 @@ spec:
             - containerPort: 5601
           env:
             - name: ELASTICSEARCH_HOSTS
-              value: "http://elasticsearch-0.elasticsearch-service.efk.svc.cluster.local:9200"  # 直接连接 master 节点
+              value: '["http://elasticsearch-0.elasticsearch-service.efk.svc.cluster.local:9200", "http://elasticsearch-1.elasticsearch-service.efk.svc.cluster.local:9200", "http://elasticsearch-2.elasticsearch-service.efk.svc.cluster.local:9200"]'
             - name: XPACK_SECURITY_ENCRYPTIONKEY
               value: "a_secure_random_string_of_32_characters"
             - name: XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY
@@ -30,4 +30,4 @@ spec:
             - name: XPACK_REPORTING_ENCRYPTIONKEY
               value: "yet_another_secure_random_string_of_32_characters"
             - name: ELASTICSEARCH_SERVICEACCOUNTTOKEN
-              value: "AAEAAWVsYXN0aWMva2liYW5hL215LXRva2VuOkdVVktJMWVFU3dHVC1aZEZEUEFqbUE"
+              value: "AAEAAWVsYXN0aWMva2liYW5hL215LXRva2VuOlo1dC0xNDFQVHQyajdBeEVtQzZjZ2c"

kibana-deployment.yaml_tmp

@@ -22,7 +22,7 @@ spec:
             - containerPort: 5601
           env:
             - name: ELASTICSEARCH_HOSTS
-              value: "http://elasticsearch-0.elasticsearch-service.efk.svc.cluster.local:9200"  # 直接连接 master 节点
+              value: '["http://elasticsearch-0.elasticsearch-service.efk.svc.cluster.local:9200", "http://elasticsearch-1.elasticsearch-service.efk.svc.cluster.local:9200", "http://elasticsearch-2.elasticsearch-service.efk.svc.cluster.local:9200"]'
             - name: XPACK_SECURITY_ENCRYPTIONKEY
               value: "a_secure_random_string_of_32_characters"
             - name: XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY

networkPolicy.yaml

@@ -0,0 +1,32 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-elasticsearch-communication
+  namespace: efk
+spec:
+  podSelector:
+    matchLabels:
+      app: elasticsearch
+  policyTypes:
+  - Ingress
+  - Egress
+  ingress:
+  - from:
+    - podSelector:
+        matchLabels:
+          app: elasticsearch
+    ports:
+    - protocol: TCP
+      port: 9200
+    - protocol: TCP
+      port: 9300
+  egress:
+  - to:
+    - podSelector:
+        matchLabels:
+          app: elasticsearch
+    ports:
+    - protocol: TCP
+      port: 9200
+    - protocol: TCP
+      port: 9300