第二步��,修改 elasticsearch.yml 配置文件�����,將 NFS 目錄路徑注冊(cè)到各個(gè)主從節(jié)點(diǎn)����。在 KubeSphere 中,elasticsearch.yml 配置在 ConfigMap elasticsearch-logging 里可以找到��。在最后一行�,添加 path.repo: ["/usr/share/elasticsearch/backup"]
第三步,修改 StatefulSet YAML���,將存儲(chǔ)卷掛載到 ElasticSearch 各節(jié)點(diǎn)���,并通過 chown 命令,在 initContainer 啟動(dòng)時(shí)�,初始化快照倉(cāng)庫文件夾的所有者用戶和用戶組為 elasticsearch����。
在這一步特別需要注意的是��,我們無法直接 kubectl edit 修改 Stateful����,需要先把 yaml 內(nèi)容備份下來,修改完后再 kubectl apply 重新應(yīng)用�����。
kubectl get sts -n kubesphere-logging-system elasticsearch-logging-data -oyaml > elasticsearch-logging-data.yml
kubectl get sts -n kubesphere-logging-system elasticsearch-logging-discovery -oyaml > elasticsearch-logging-discovery.yml
修改 yaml 文件�,以修改上面生成的 elasticsearch-logging-data.yml 為例�,主節(jié)點(diǎn)的 yaml 文件一樣修改。
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
# 由于篇幅原因����,此處省略
# ...
name: elasticsearch-logging-data
namespace: kubesphere-logging-system
# -------------------------------------------------
# 注釋或刪除非 labels、name��、namespace 的元信息字段
# -------------------------------------------------
# resourceVersion: "109019"
# selfLink: /apis/apps/v1/namespaces/kubesphere-logging-system/statefulsets/elasticsearch-logging-data
# uid: 423adffe-271f-4657-9078-1a75c387eedc
spec:
# ...
template:
# ...
spec:
# ...
containers:
- name: elasticsearch
# ...
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: data
# --------------------------
# 添加 backup Volume 掛載
# --------------------------
- mountPath: /usr/share/elasticsearch/backup
name: backup
- mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
name: config
subPath: elasticsearch.yml
# ...
initContainers:
- name: sysctl
# ...
- name: chown
# --------------------------------------
# 修改 command��,調(diào)整快照倉(cāng)庫文件夾擁有者
# --------------------------------------
command:
- /bin/bash
- -c
- |
set -e; set -x; chown elasticsearch:elasticsearch /usr/share/elasticsearch/data; for datadir in $(find /usr/share/elasticsearch/data -mindepth 1 -maxdepth 1 -not -name ".snapshot"); do
chown -R elasticsearch:elasticsearch $datadir;
done; chown elasticsearch:elasticsearch /usr/share/elasticsearch/logs; for logfile in $(find /usr/share/elasticsearch/logs -mindepth 1 -maxdepth 1 -not -name ".snapshot"); do
chown -R elasticsearch:elasticsearch $logfile;
done; chown elasticsearch:elasticsearch /usr/share/elasticsearch/backup; for backupdir in $(find /usr/share/elasticsearch/backup -mindepth 1 -maxdepth 1 -not -name ".snapshot"); do
chown -R elasticsearch:elasticsearch $backupdir;
done
# ...
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: data
# --------------------------
# 添加 backup Volume 掛載
# --------------------------
- mountPath: /usr/share/elasticsearch/backup
name: backup
# ...
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- effect: NoSchedule
key: dedicated
value: log
volumes:
- configMap:
defaultMode: 420
name: elasticsearch-logging
name: config
# -----------------------
# 指定第一步中創(chuàng)建的 PVC
# -----------------------
- name: backup
persistentVolumeClaim:
claimName: elasticsearch-logging-backup
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
storageClassName: nfs-client
volumeMode: Filesystem
# --------------------------------------
# 注釋或刪除 status 字段
# --------------------------------------
# status:
# phase: Pending
# status:
# ...
修改完后�����,可以刪除 ElasticSearch StatefulSet,并重新應(yīng)用新 yaml:
kubectl delete sts -n kubesphere-logging-system elasticsearch-logging-data
kubectl delete sts -n kubesphere-logging-system elasticsearch-logging-discovery
kubectl apply -f elasticsearch-logging-data.yml
kubectl apply -f elasticsearch-logging-discovery.yml
最后一步����,等待 ElasticSearch 全部節(jié)點(diǎn)啟動(dòng)后,調(diào)用 Snapshot API 創(chuàng)建出一個(gè)名為 ks-log-snapshots 的 repository����,并開啟壓縮功能:
curl -X PUT "elasticsearch-logging-data.kubesphere-logging-system.svc:9200/_snapshot/ks-log-snapshots?pretty" -H 'Content-Type: application/json' -d'
{
"type": "fs",
"settings": {
"location": "/usr/share/elasticsearch/backup",
"compress": true
}
}
'返回 "acknowledged": true 表示成功。至此��,ElasticSearch 集群快照功能的準(zhǔn)備工作已經(jīng)就緒����。后面只需要定時(shí)的調(diào)用 Snapshot API 實(shí)現(xiàn)增量備份即可。ElasticSearch 自動(dòng)化增量備份可以借助 Curator 來完成��。
2. 使用 Curator 定時(shí)快照
ElasticSearch Curator 能幫助管理 ElasticSearch 索引和快照�����。接下來��,我們使用 Curator 來實(shí)現(xiàn)自動(dòng)化定時(shí)日志備份�����。KubeSphere 日志組件默認(rèn)包含了 Curator(被部署為一個(gè) CronJob,每天凌晨 1 點(diǎn)執(zhí)行)來管理索引����,我們可以借助同一個(gè) Curator。Curator 的執(zhí)行規(guī)則在 ConfigMap 中可以找到�。
這里我們需要在 action_file.yml 字段值中增加兩個(gè) action:snapshot 和 delete_snapshots。并把這個(gè)規(guī)則優(yōu)先級(jí)提高到 delete_indices 前��。該配置規(guī)定了 snapshot 創(chuàng)建命名方式為 snapshot-%Y%m%d%H%M%S���,保留 45 天的 snapshots���。具體參數(shù)含義可參考 Curator Reference����。
actions:
1:
action: snapshot
description: >-
Snapshot ks-logstash-log prefixed indices with the default snapshot
name pattern of 'snapshot-%Y%m%d%H%M%S'.
options:
repository: ks-log-snapshots
name: 'snapshot-%Y%m%d%H%M%S'
ignore_unavailable: False
include_global_state: True
partial: False
wait_for_completion: True
skip_repo_fs_check: False
# If disable_action is set to True, Curator will ignore the current action
disable_action: False
filters:
- filtertype: pattern
kind: prefix
# You may change the index pattern below to fit your case
value: ks-logstash-log-
2:
action: delete_snapshots
description: >-
Delete snapshots from the selected repository older than 45 days
(based on creation_date), for 'snapshot' prefixed snapshots.
options:
repository: ks-log-snapshots
ignore_empty_list: True
# If disable_action is set to True, Curator will ignore the current action
disable_action: False
filters:
- filtertype: pattern
kind: prefix
value: snapshot-
exclude:
- filtertype: age
source: name
direction: older
timestring: '%Y%m%d%H%M%S'
unit: days
unit_count: 45
3:
action: delete_indices
# 原有內(nèi)容不變
# ...
3. 日志恢復(fù)與查看
當(dāng)我們需要回顧某幾天前的日志時(shí),我們可以通過快照恢復(fù)�,比如 11 月 12 日的日志。首先我們需要檢查最新的 Snapshot:
curl -X GET "elasticsearch-logging-data.kubesphere-logging-system.svc:9200/_snapshot/ks-log-snapshots/_all?pretty"
然后通過最新的 Snapshot 恢復(fù)指定日期的索引(也可以選擇恢復(fù)全部)��。這個(gè) API 會(huì)恢復(fù)日志索引到數(shù)據(jù)盤�����,所以請(qǐng)確保數(shù)據(jù)盤的存儲(chǔ)空間足夠充足。另外���,你也可以直接備份對(duì)應(yīng)的 PV(Snapshot 倉(cāng)庫對(duì)應(yīng)的存儲(chǔ)卷是可以直接被用來備份的)���,掛載到其他 ElasticSearch 集群,將日志恢復(fù)到其他 ElasticSearch 集群中使用��。
curl -X POST "elasticsearch-logging-data.kubesphere-logging-system.svc:9200/_snapshot/ks-log-snapshots/snapshot-20191112010008/_restore?pretty" -H 'Content-Type: application/json' -d'
{
"indices": "ks-logstash-log-2019.11.12",
"ignore_unavailable": true,
"include_global_state": true,
}
'根據(jù)日志量的大小��,需要等到的時(shí)間幾分鐘不等���。我們就可以通過 KubeSphere 日志 Dashboard 查看日志了�。
Meetup 預(yù)告
KubeSphere (https://github.com/kubesphere/kubesphere) 是一個(gè)開源的以應(yīng)用為中心的容器管理平臺(tái)�����,支持部署在任何基礎(chǔ)設(shè)施之上���,并提供簡(jiǎn)單易用的 UI�,極大減輕日常開發(fā)����、測(cè)試�����、運(yùn)維的復(fù)雜度����,旨在解決 Kubernetes 本身存在的存儲(chǔ)���、網(wǎng)絡(luò)���、安全和易用性等痛點(diǎn),幫助企業(yè)輕松應(yīng)對(duì)敏捷開發(fā)與自動(dòng)化監(jiān)控運(yùn)維��、端到端應(yīng)用交付��、微服務(wù)治理�����、多租戶管理����、多集群管理、服務(wù)與網(wǎng)絡(luò)管理��、鏡像倉(cāng)庫�、AI 平臺(tái)、邊緣計(jì)算等業(yè)務(wù)場(chǎng)景�����。
關(guān)于怎樣實(shí)現(xiàn)KubeSphere日志備份與恢復(fù)實(shí)踐就分享到這里了����,希望以上內(nèi)容可以對(duì)大家有一定的幫助,可以學(xué)到更多知識(shí)�。如果覺得文章不錯(cuò),可以把它分享出去讓更多的人看到��。
新聞標(biāo)題:怎樣實(shí)現(xiàn)KubeSphere日志備份與恢復(fù)實(shí)踐
URL網(wǎng)址:http://weahome.cn/article/pchppi.html
重慶分公司
重慶分公司
