elasticsearch 编辑configmap.yml和elasticsearch.yml以更改密码
我想在谷歌云平台上的Kubernetes集群上,使用类似elasticsearch的后端实现一个带有持久存储的jaeger安装 我使用的是jaeger kubernetes模板,我从elasticsearch开始 我下载并修改了该文件以更改密码字段值,并修改了该文件以修复我更改的密码值 我定制的elasticsearch 编辑configmap.yml和elasticsearch.yml以更改密码,elasticsearch,kubernetes,google-cloud-platform,google-kubernetes-engine,persistent-storage,elasticsearch,Kubernetes,Google Cloud Platform,Google Kubernetes Engine,Persistent Storage,我想在谷歌云平台上的Kubernetes集群上,使用类似elasticsearch的后端实现一个带有持久存储的jaeger安装 我使用的是jaeger kubernetes模板,我从elasticsearch开始 我下载并修改了该文件以更改密码字段值,并修改了该文件以修复我更改的密码值 我定制的.yml文件一直是这样: configmap.yml apiVersion: v1 kind: ConfigMap metadata: name: jaeger-configuration lab
.yml
文件一直是这样:
configmap.yml
apiVersion: v1
kind: ConfigMap
metadata:
name: jaeger-configuration
labels:
app: jaeger
jaeger-infra: configuration
data:
span-storage-type: elasticsearch
collector: |
es:
server-urls: http://elasticsearch:9200
username: elastic
password: **my-password-value**
collector:
zipkin:
http-port: 9411
query: |
es:
server-urls: http://elasticsearch:9200
username: elastic
password: **my-password-value**
agent: |
collector:
host-port: "jaeger-collector:14267"
apiVersion: v1
kind: List
items:
- apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: elasticsearch
labels:
app: jaeger
jaeger-infra: elasticsearch-statefulset
spec:
serviceName: elasticsearch
replicas: 1
template:
metadata:
labels:
app: jaeger-elasticsearch
jaeger-infra: elasticsearch-replica
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
imagePullPolicy: Always
command:
- bin/elasticsearch
args:
- "-Ehttp.host=0.0.0.0"
- "-Etransport.host=127.0.0.1"
volumeMounts:
- name: data
mountPath: /data
readinessProbe:
exec:
command:
- curl
- --fail
- --silent
- --output
- /dev/null
- --user
- elastic:**my-password-value**
- localhost:9200
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 4
volumes:
- name: data
emptyDir: {}
- apiVersion: v1
kind: Service
metadata:
name: elasticsearch
labels:
app: jaeger
jaeger-infra: elasticsearch-service
spec:
clusterIP: None
selector:
app: jaeger-elasticsearch
ports:
- port: 9200
name: elasticsearch
- port: 9300
name: transport
elasticsearch.yml
apiVersion: v1
kind: ConfigMap
metadata:
name: jaeger-configuration
labels:
app: jaeger
jaeger-infra: configuration
data:
span-storage-type: elasticsearch
collector: |
es:
server-urls: http://elasticsearch:9200
username: elastic
password: **my-password-value**
collector:
zipkin:
http-port: 9411
query: |
es:
server-urls: http://elasticsearch:9200
username: elastic
password: **my-password-value**
agent: |
collector:
host-port: "jaeger-collector:14267"
apiVersion: v1
kind: List
items:
- apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: elasticsearch
labels:
app: jaeger
jaeger-infra: elasticsearch-statefulset
spec:
serviceName: elasticsearch
replicas: 1
template:
metadata:
labels:
app: jaeger-elasticsearch
jaeger-infra: elasticsearch-replica
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
imagePullPolicy: Always
command:
- bin/elasticsearch
args:
- "-Ehttp.host=0.0.0.0"
- "-Etransport.host=127.0.0.1"
volumeMounts:
- name: data
mountPath: /data
readinessProbe:
exec:
command:
- curl
- --fail
- --silent
- --output
- /dev/null
- --user
- elastic:**my-password-value**
- localhost:9200
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 4
volumes:
- name: data
emptyDir: {}
- apiVersion: v1
kind: Service
metadata:
name: elasticsearch
labels:
app: jaeger
jaeger-infra: elasticsearch-service
spec:
clusterIP: None
selector:
app: jaeger-elasticsearch
ports:
- port: 9200
name: elasticsearch
- port: 9300
name: transport
然后,我通过kubectl
命令创建了kubernetes集群配置,并使用新密码值从我的机器到我的KGE
~/w/j/AddPersistVolumToPods ❯❯❯ kubectl create -f configmap.yml
configmap/jaeger-configuration created
~/w/j/AddPersistVolumToPods ❯❯❯
~/w/j/AddPersistVolumToPods ❯❯❯ kubectl create -f elasticsearch.yml
statefulset.apps/elasticsearch created
service/elasticsearch created
~/w/j/AddPersistVolumToPods ❯❯❯
~/w/j/A/production-elasticsearch ❯❯❯ kubectl describe pod elasticsearch-0
Name: elasticsearch-0
Namespace: default
Node: gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk/10.164.0.2
Start Time: Tue, 08 Jan 2019 13:57:52 +0100
Labels: app=jaeger-elasticsearch
controller-revision-hash=elasticsearch-c684bb745
jaeger-infra=elasticsearch-replica
statefulset.kubernetes.io/pod-name=elasticsearch-0
Annotations: kubernetes.io/limit-ranger: LimitRanger plugin set: cpu request for container elasticsearch
Status: Running
IP: 10.36.2.7
Controlled By: StatefulSet/elasticsearch
Containers:
elasticsearch:
Container ID: docker://54d935f3e07ead105464a003745b80446865eb2417da593857d21c56610f704b
Image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
Image ID: docker-pullable://docker.elastic.co/elasticsearch/elasticsearch@sha256:f95e7d4256197a9bb866b166d9ad37963dc7c5764d6ae6400e551f4987a659d7
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 27m default-scheduler Successfully assigned elasticsearch-0 to gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk
Normal SuccessfulMountVolume 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk MountVolume.SetUp succeeded for volume "data"
Normal SuccessfulMountVolume 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk MountVolume.SetUp succeeded for volume "default-token-vkxnj"
Normal Pulling 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk pulling image "docker.elastic.co/elasticsearch/elasticsearch:5.6.0"
Normal Pulled 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Successfully pulledimage "docker.elastic.co/elasticsearch/elasticsearch:5.6.0"
Normal Created 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Created container
Normal Started 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Started container
Warning Unhealthy 2m6s (x296 over 26m) kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Readiness probe failed:
~/w/j/A/production-elasticsearch ❯❯❯
我通过StatefulSet专用pod(也带有新密码值)创建了elasticsearch服务,通过kubectl
命令从我的机器到我的KGE
~/w/j/AddPersistVolumToPods ❯❯❯ kubectl create -f configmap.yml
configmap/jaeger-configuration created
~/w/j/AddPersistVolumToPods ❯❯❯
~/w/j/AddPersistVolumToPods ❯❯❯ kubectl create -f elasticsearch.yml
statefulset.apps/elasticsearch created
service/elasticsearch created
~/w/j/AddPersistVolumToPods ❯❯❯
~/w/j/A/production-elasticsearch ❯❯❯ kubectl describe pod elasticsearch-0
Name: elasticsearch-0
Namespace: default
Node: gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk/10.164.0.2
Start Time: Tue, 08 Jan 2019 13:57:52 +0100
Labels: app=jaeger-elasticsearch
controller-revision-hash=elasticsearch-c684bb745
jaeger-infra=elasticsearch-replica
statefulset.kubernetes.io/pod-name=elasticsearch-0
Annotations: kubernetes.io/limit-ranger: LimitRanger plugin set: cpu request for container elasticsearch
Status: Running
IP: 10.36.2.7
Controlled By: StatefulSet/elasticsearch
Containers:
elasticsearch:
Container ID: docker://54d935f3e07ead105464a003745b80446865eb2417da593857d21c56610f704b
Image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
Image ID: docker-pullable://docker.elastic.co/elasticsearch/elasticsearch@sha256:f95e7d4256197a9bb866b166d9ad37963dc7c5764d6ae6400e551f4987a659d7
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 27m default-scheduler Successfully assigned elasticsearch-0 to gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk
Normal SuccessfulMountVolume 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk MountVolume.SetUp succeeded for volume "data"
Normal SuccessfulMountVolume 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk MountVolume.SetUp succeeded for volume "default-token-vkxnj"
Normal Pulling 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk pulling image "docker.elastic.co/elasticsearch/elasticsearch:5.6.0"
Normal Pulled 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Successfully pulledimage "docker.elastic.co/elasticsearch/elasticsearch:5.6.0"
Normal Created 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Created container
Normal Started 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Started container
Warning Unhealthy 2m6s (x296 over 26m) kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Readiness probe failed:
~/w/j/A/production-elasticsearch ❯❯❯
我可以看到我在GKE集群上创建了elasticsearch服务
~/w/j/A/production-elasticsearch ❯❯❯ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
elasticsearch ClusterIP None <none> 9200/TCP,9300/TCP 41m
kubernetes ClusterIP 10.39.240.1 <none> 443/TCP 1h
~/w/j/A/production-elasticsearch ❯❯❯
但当我能在KGE上详细说明我的吊舱时,我发现我的吊舱有一些警告,而且不健康
我得到了吊舱的详细描述,我得到了这个警告
Warning Unhealthy 2m6s (x296 over 26m) kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Readiness probe failed:
在这里,我的整个输出的一部分将用于描述命令
~/w/j/AddPersistVolumToPods ❯❯❯ kubectl create -f configmap.yml
configmap/jaeger-configuration created
~/w/j/AddPersistVolumToPods ❯❯❯
~/w/j/AddPersistVolumToPods ❯❯❯ kubectl create -f elasticsearch.yml
statefulset.apps/elasticsearch created
service/elasticsearch created
~/w/j/AddPersistVolumToPods ❯❯❯
~/w/j/A/production-elasticsearch ❯❯❯ kubectl describe pod elasticsearch-0
Name: elasticsearch-0
Namespace: default
Node: gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk/10.164.0.2
Start Time: Tue, 08 Jan 2019 13:57:52 +0100
Labels: app=jaeger-elasticsearch
controller-revision-hash=elasticsearch-c684bb745
jaeger-infra=elasticsearch-replica
statefulset.kubernetes.io/pod-name=elasticsearch-0
Annotations: kubernetes.io/limit-ranger: LimitRanger plugin set: cpu request for container elasticsearch
Status: Running
IP: 10.36.2.7
Controlled By: StatefulSet/elasticsearch
Containers:
elasticsearch:
Container ID: docker://54d935f3e07ead105464a003745b80446865eb2417da593857d21c56610f704b
Image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
Image ID: docker-pullable://docker.elastic.co/elasticsearch/elasticsearch@sha256:f95e7d4256197a9bb866b166d9ad37963dc7c5764d6ae6400e551f4987a659d7
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 27m default-scheduler Successfully assigned elasticsearch-0 to gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk
Normal SuccessfulMountVolume 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk MountVolume.SetUp succeeded for volume "data"
Normal SuccessfulMountVolume 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk MountVolume.SetUp succeeded for volume "default-token-vkxnj"
Normal Pulling 27m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk pulling image "docker.elastic.co/elasticsearch/elasticsearch:5.6.0"
Normal Pulled 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Successfully pulledimage "docker.elastic.co/elasticsearch/elasticsearch:5.6.0"
Normal Created 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Created container
Normal Started 26m kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Started container
Warning Unhealthy 2m6s (x296 over 26m) kubelet, gke-jaeger-persistent-st-default-pool-d72f7fde-ggrk Readiness probe failed:
~/w/j/A/production-elasticsearch ❯❯❯
我转到GCP上的容器日志部分,得到以下信息:
在审计日志部分,我可以看到如下内容:
resourceName: "core/v1/namespaces/default/pods/elasticsearch-0"
response: {
@type: "core.k8s.io/v1.Status"
apiVersion: "v1"
code: 500
details: {…}
kind: "Status"
message: "The POST operation against Pod could not be completed at this time, please try again."
metadata: {…}
reason: "ServerTimeout"
status: "Failure"
}
serviceName: "k8s.io"
status: {
code: 13
message: "The POST operation against Pod could not be completed at this time, please try again."
}
}
如果我尝试使用原始文件,并通过GCP上的KGE更改密码,则会出现以下错误:
Pod "elasticsearch-0" is invalid: spec: Forbidden: pod updates may not change fields other than `spec.containers[*].image`, `spec.initContainers[*].image`, `spec.activeDeadlineSeconds` or `spec.tolerations` (only additions to existing tolerations)
在我创建了一个pod之后,是否可以更新或执行一些更改
kubectl应用-f….
。。。我赞成
如何更改elasticsearch密码
如果我想在此pod上配置持久卷声明,我可以在kubectl create-f
命令之前执行此操作,并且在容器和KGE上创建我的卷和装载路径吗
如果有人能给我指出正确的地址,我们将非常感谢他们的支持