# PVC 定义(已存在,无需重复创建) apiVersion: v1 kind: PersistentVolumeClaim metadata: name: elasticsearch-data-pvc-elasticsearch-0 namespace: efk spec: accessModes: - ReadWriteOnce resources: requests: storage: 300Gi volumeName: elasticsearch-hot-pv storageClassName: "" --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: elasticsearch-data-pvc-elasticsearch-1 namespace: efk spec: accessModes: - ReadWriteOnce resources: requests: storage: 128Gi volumeName: elasticsearch-warm-pv storageClassName: "" --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: elasticsearch-data-pvc-elasticsearch-2 namespace: efk spec: accessModes: - ReadWriteOnce resources: requests: storage: 500Gi volumeName: elasticsearch-cold-pv storageClassName: "" --- # StatefulSet for elasticsearch-0 (hot) apiVersion: apps/v1 kind: StatefulSet metadata: name: elasticsearch-0 namespace: efk spec: serviceName: elasticsearch-service replicas: 1 selector: matchLabels: app: elasticsearch template: metadata: labels: app: elasticsearch spec: initContainers: - name: init-sysctl image: busybox command: ["sysctl", "-w", "vm.max_map_count=262144"] securityContext: privileged: true - name: init-dirs image: busybox command: ["sh", "-c", "mkdir -p /data/data /data/config"] volumeMounts: - name: data mountPath: /data containers: - name: elasticsearch image: docker.elastic.co/elasticsearch/elasticsearch:8.8.0 ports: - containerPort: 9200 name: http - containerPort: 9300 name: transport env: - name: cluster.name value: "my-es-cluster" - name: node.name value: "elasticsearch-0" - name: discovery.seed_hosts value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local" - name: cluster.initial_master_nodes value: "elasticsearch-0" - name: xpack.security.enabled value: "true" - name: xpack.security.transport.ssl.enabled value: "false" # 禁用 transport SSL - name: ELASTIC_PASSWORD valueFrom: secretKeyRef: name: elasticsearch-secret key: elastic_password - name: ES_JAVA_OPTS value: "-Xms4g -Xmx4g" - name: node.roles value: "[master, data]" - name: node.attr.data-tier value: "hot" resources: requests: memory: "4Gi" cpu: "1" limits: memory: "6Gi" cpu: "2" volumeMounts: - name: data mountPath: /usr/share/elasticsearch/data subPath: data - name: data mountPath: /usr/share/elasticsearch/config subPath: config affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: ["elasticsearch"] topologyKey: "kubernetes.io/hostname" volumes: - name: data persistentVolumeClaim: claimName: "elasticsearch-data-pvc-elasticsearch-0" --- # StatefulSet for elasticsearch-1 (warm) apiVersion: apps/v1 kind: StatefulSet metadata: name: elasticsearch-1 namespace: efk spec: serviceName: elasticsearch-service replicas: 1 selector: matchLabels: app: elasticsearch template: metadata: labels: app: elasticsearch spec: initContainers: - name: init-sysctl image: busybox command: ["sysctl", "-w", "vm.max_map_count=262144"] securityContext: privileged: true - name: init-dirs image: busybox command: ["sh", "-c", "mkdir -p /data/data /data/config"] volumeMounts: - name: data mountPath: /data containers: - name: elasticsearch image: docker.elastic.co/elasticsearch/elasticsearch:8.8.0 ports: - containerPort: 9200 name: http - containerPort: 9300 name: transport env: - name: cluster.name value: "my-es-cluster" - name: node.name value: "elasticsearch-1" - name: discovery.seed_hosts value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local" - name: cluster.initial_master_nodes value: "elasticsearch-0" - name: xpack.security.enabled value: "true" - name: xpack.security.transport.ssl.enabled value: "false" # 禁用 transport SSL - name: ELASTIC_PASSWORD valueFrom: secretKeyRef: name: elasticsearch-secret key: elastic_password - name: ES_JAVA_OPTS value: "-Xms2g -Xmx4g" - name: node.roles value: "[data]" - name: node.attr.data-tier value: "warm" resources: requests: memory: "4Gi" cpu: "1" limits: memory: "6Gi" cpu: "2" volumeMounts: - name: data mountPath: /usr/share/elasticsearch/data subPath: data - name: data mountPath: /usr/share/elasticsearch/config subPath: config affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: ["elasticsearch"] topologyKey: "kubernetes.io/hostname" volumes: - name: data persistentVolumeClaim: claimName: "elasticsearch-data-pvc-elasticsearch-1" --- # StatefulSet for elasticsearch-2 (cold) apiVersion: apps/v1 kind: StatefulSet metadata: name: elasticsearch-2 namespace: efk spec: serviceName: elasticsearch-service replicas: 1 selector: matchLabels: app: elasticsearch template: metadata: labels: app: elasticsearch spec: initContainers: - name: init-sysctl image: busybox command: ["sysctl", "-w", "vm.max_map_count=262144"] securityContext: privileged: true - name: init-dirs image: busybox command: ["sh", "-c", "mkdir -p /data/data /data/config"] volumeMounts: - name: data mountPath: /data containers: - name: elasticsearch image: docker.elastic.co/elasticsearch/elasticsearch:8.8.0 ports: - containerPort: 9200 name: http - containerPort: 9300 name: transport env: - name: cluster.name value: "my-es-cluster" - name: node.name value: "elasticsearch-2" - name: discovery.seed_hosts value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local" - name: cluster.initial_master_nodes value: "elasticsearch-0" - name: xpack.security.enabled value: "true" - name: xpack.security.transport.ssl.enabled value: "false" # 禁用 transport SSL - name: ELASTIC_PASSWORD valueFrom: secretKeyRef: name: elasticsearch-secret key: elastic_password - name: ES_JAVA_OPTS value: "-Xms2g -Xmx4g" - name: node.roles value: "[data]" - name: node.attr.data-tier value: "cold" resources: requests: memory: "4Gi" cpu: "1" limits: memory: "6Gi" cpu: "2" volumeMounts: - name: data mountPath: /usr/share/elasticsearch/data subPath: data - name: data mountPath: /usr/share/elasticsearch/config subPath: config affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: ["elasticsearch"] topologyKey: "kubernetes.io/hostname" volumes: - name: data persistentVolumeClaim: claimName: "elasticsearch-data-pvc-elasticsearch-2" --- apiVersion: v1 kind: Service metadata: name: elasticsearch-service namespace: efk spec: clusterIP: None selector: app: elasticsearch ports: - port: 9200 name: http - port: 9300 name: transport --- apiVersion: v1 kind: Secret metadata: name: elasticsearch-secret namespace: efk type: Opaque data: elastic_password: bXluZXdwYXNzd29yZA== # 示例密码 "mynewpassword"