97 lines
2.8 KiB
YAML
97 lines
2.8 KiB
YAML
|
# es-sts.yaml
|
|||
|
|
apiVersion: apps/v1
|
|||
|
|
kind: StatefulSet
|
|||
|
|
metadata:
|
|||
|
|
name: elasticsearch
|
|||
|
|
namespace: elastic-system
|
|||
|
|
spec:
|
|||
|
|
serviceName: "elasticsearch" # 必须与 Headless Service 名一致
|
|||
|
|
replicas: 3 # 生产环境至少3节点!
|
|||
|
|
selector:
|
|||
|
|
matchLabels:
|
|||
|
|
app: elasticsearch
|
|||
|
|
template:
|
|||
|
|
metadata:
|
|||
|
|
labels:
|
|||
|
|
app: elasticsearch
|
|||
|
|
spec:
|
|||
|
|
# ⚠️ 关键:避免多个ES Pod调度到同一Node(防单点故障)
|
|||
|
|
affinity:
|
|||
|
|
podAntiAffinity:
|
|||
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|||
|
|
- labelSelector:
|
|||
|
|
matchExpressions:
|
|||
|
|
- key: app
|
|||
|
|
operator: In
|
|||
|
|
values: ["elasticsearch"]
|
|||
|
|
topologyKey: kubernetes.io/hostname
|
|||
|
|
|
|||
|
|
initContainers:
|
|||
|
|
# 必须:调整 OS 内核参数(ES 要求)
|
|||
|
|
- name: init-sysctl
|
|||
|
|
image: busybox:1.35
|
|||
|
|
securityContext:
|
|||
|
|
privileged: true
|
|||
|
|
command:
|
|||
|
|
- sysctl
|
|||
|
|
- -w
|
|||
|
|
- vm.max_map_count=262144
|
|||
|
|
- sysctl
|
|||
|
|
- -w
|
|||
|
|
- fs.file-max=65536
|
|||
|
|
|
|||
|
|
containers:
|
|||
|
|
- name: elasticsearch
|
|||
|
|
image: docker.elastic.co/elasticsearch/elasticsearch:9.2.2
|
|||
|
|
env:
|
|||
|
|
- name: cluster.name
|
|||
|
|
value: "k8s-es-cluster"
|
|||
|
|
- name: node.name
|
|||
|
|
valueFrom:
|
|||
|
|
fieldRef:
|
|||
|
|
fieldPath: metadata.name # → es-0, es-1, es-2
|
|||
|
|
- name: discovery.seed_hosts
|
|||
|
|
value: "elasticsearch-0.elasticsearch,elasticsearch-1.elasticsearch,elasticsearch-2.elasticsearch"
|
|||
|
|
- name: cluster.initial_master_nodes
|
|||
|
|
value: "elasticsearch-0,elasticsearch-1,elasticsearch-2"
|
|||
|
|
- name: ES_JAVA_OPTS
|
|||
|
|
value: "-Xms2g -Xmx2g"
|
|||
|
|
- name: network.host
|
|||
|
|
value: "0.0.0.0"
|
|||
|
|
ports:
|
|||
|
|
- containerPort: 9200
|
|||
|
|
name: http
|
|||
|
|
- containerPort: 9300
|
|||
|
|
name: transport
|
|||
|
|
volumeMounts:
|
|||
|
|
- name: data
|
|||
|
|
mountPath: /usr/share/elasticsearch/data
|
|||
|
|
readinessProbe:
|
|||
|
|
httpGet:
|
|||
|
|
path: /_cluster/health
|
|||
|
|
port: 9200
|
|||
|
|
initialDelaySeconds: 30
|
|||
|
|
periodSeconds: 10
|
|||
|
|
livenessProbe:
|
|||
|
|
httpGet:
|
|||
|
|
path: /_cluster/health
|
|||
|
|
port: 9200
|
|||
|
|
initialDelaySeconds: 60
|
|||
|
|
periodSeconds: 30
|
|||
|
|
|
|||
|
|
# ⚠️ 必须设置 securityContext(ES 9+ 默认以非 root 启动)
|
|||
|
|
securityContext:
|
|||
|
|
fsGroup: 1000
|
|||
|
|
runAsUser: 1000
|
|||
|
|
runAsNonRoot: true
|
|||
|
|
|
|||
|
|
# ⚠️ 关键:每个副本独享 PVC → 自动创建3个 PV(各绑定一块 CBS)
|
|||
|
|
volumeClaimTemplates:
|
|||
|
|
- metadata:
|
|||
|
|
name: data
|
|||
|
|
spec:
|
|||
|
|
accessModes: [ "ReadWriteOnce" ] # 腾讯云 CBS 支持 RWO
|
|||
|
|
storageClassName: cbs # 或 cbs-premium(高性能 SSD)
|
|||
|
|
resources:
|
|||
|
|
requests:
|
|||
|
|
storage: 100Gi # 按需调整
|