diff --git a/apps/elastic-elasticsearch/8.14.3/config/elasticsearch.yml b/apps/elastic-elasticsearch/8.14.3/config/elasticsearch.yml new file mode 100644 index 000000000..9a7743005 --- /dev/null +++ b/apps/elastic-elasticsearch/8.14.3/config/elasticsearch.yml @@ -0,0 +1,9 @@ +http.port: 9200 +transport.port: 9300 +http.host: 0.0.0.0 +http.cors.enabled: true +http.cors.allow-origin: "*" +network.host: 0.0.0.0 + +xpack.security.enabled: true +xpack.security.enrollment.enabled: true diff --git a/apps/elastic-elasticsearch/8.14.3/data.yml b/apps/elastic-elasticsearch/8.14.3/data.yml index add08a03e..9a3359180 100644 --- a/apps/elastic-elasticsearch/8.14.3/data.yml +++ b/apps/elastic-elasticsearch/8.14.3/data.yml @@ -25,11 +25,18 @@ additionalProperties: type: number - default: "elasticsearch-cluster" edit: true - envKey: ES_SETTING_CLUSTER_NAME - labelZh: 节点名称 + envKey: CLUSTER_NAME + labelZh: 集群名称 labelEn: Cluster name required: true type: text + - default: "elasticsearch-node" + edit: true + envKey: ES_SETTING_NODE_NAME + labelZh: 节点名称 + labelEn: Node name + required: true + type: text - default: "" edit: true envKey: ELASTIC_PASSWORD @@ -51,3 +58,10 @@ additionalProperties: labelEn: Enrollment token (node) required: false type: text + - default: "-Xlog:disable -Xlog:gc=debug:stderr -Xms512m -Xmx512m" + edit: true + envKey: ES_JAVA_OPTS + labelZh: Elasticsearch Java 配置 (可选) + labelEn: Elasticsearch Java configuration (optional) + required: false + type: text diff --git a/apps/elastic-elasticsearch/8.14.3/docker-compose.yml b/apps/elastic-elasticsearch/8.14.3/docker-compose.yml index 0afe6806c..c91e997b7 100644 --- a/apps/elastic-elasticsearch/8.14.3/docker-compose.yml +++ b/apps/elastic-elasticsearch/8.14.3/docker-compose.yml @@ -18,6 +18,9 @@ services: memlock: soft: -1 hard: -1 + nofile: + soft: 65536 + hard: 65536 ports: - ${PANEL_APP_PORT_HTTPS}:9200 - ${PANEL_APP_PORT_API}:9300 @@ -25,14 +28,11 @@ services: - /etc/1panel/envs/global.env - ${ENV_FILE:-/etc/1panel/envs/default.env} volumes: + - ./config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ${BARK_ROOT_PATH}/certs:/usr/share/elasticsearch/config/certs - - ${BARK_ROOT_PATH}/config:/usr/share/elasticsearch/config - ${BARK_ROOT_PATH}/data:/usr/share/elasticsearch/data - - ${BARK_ROOT_PATH}/data:/usr/share/elasticsearch/logs - - ${BARK_ROOT_PATH}/data:/usr/share/elasticsearch/plugins + - ${BARK_ROOT_PATH}/logs:/usr/share/elasticsearch/logs + - ${BARK_ROOT_PATH}/plugins:/usr/share/elasticsearch/plugins environment: - - ES_SETTING_HTTP_PORT=9200 - - ES_SETTING_NETWORK_HOST=0.0.0.0 - - ES_SETTING_LICENSE=basic - - MEM_LIMIT=1073741824 + - LICENSE=basic - ES_SETTING_BOOTSTRAP_MEMORY__LOCK=true diff --git a/apps/elastic-elasticsearch/README.md b/apps/elastic-elasticsearch/README.md index dd899e657..9970779e2 100644 --- a/apps/elastic-elasticsearch/README.md +++ b/apps/elastic-elasticsearch/README.md @@ -10,24 +10,72 @@ Kibana 使您能够以交互方式探索、可视化和分享对数据的见解 ## 安装说明 +### 宿主机配置 + ++ `vm.max_map_count` 配置 + +Elasticsearch 需要设置 `vm.max_map_count` 为至少 `262144`。可以通过以下命令设置: + +```sh +grep vm.max_map_count /etc/sysctl.conf + +# 如果输出为空,表示没有设置,需要手动添加 +vm.max_map_count=262144 +``` + +添加配置 + +```sh +# 临时生效 +sysctl -w vm.max_map_count=262144 + +# 永久生效 +echo "vm.max_map_count=262144" >>/etc/sysctl.conf +sysctl -p +``` + ### 单节点安装 ++ `集群名称` 配置 + +用于标识集群的名称。默认为 `elasticsearch-cluster`。 + + `节点名称` 配置 -用于标识集群中的节点。默认情况下,节点名称是随机生成的 UUID。 +用于标识节点的名称。默认为 `elasticsearch-node`。 + `Elasticsearch 密码 (elastic)` 配置 -单节点启动必填 - -用于保护内置用户 `elastic` 的密码。默认情况下,密码是随机生成的。 +内置用户 `elastic` 的密码。默认情况下,密码是随机生成的。 + `Kibana 密码 (kibana_system)` 配置 -单节点启动必填 +内置用户 `kibana_system` 的密码。默认情况下,密码是随机生成的。 用于保护内置用户 `kibana_system` 的密码。默认情况下,密码是随机生成的。 + `注册令牌 (节点)` 配置 -单节点启动可忽略, 如果是作为 `集群` 中的节点启动,此项 `必须` 填写,可忽略密码配置。 +忽略即可 + +### 集群节点安装 + ++ `集群名称` 配置 + +与加入的集群名称一致。 + ++ `节点名称` 配置 + +集群中唯一的节点名称。请勿重复 + ++ `Elasticsearch 密码 (elastic)` 配置 + +忽略即可 + ++ `Kibana 密码 (kibana_system)` 配置 + +忽略即可 + ++ `注册令牌 (节点)` 配置 + +用于加入集群的注册令牌。在集群中的节点中生成,用于加入集群验证。每个注册令牌有效时长30分钟。 diff --git a/apps/elastic-kibana/8.14.3/config/kibana.yml b/apps/elastic-kibana/8.14.3/config/kibana.yml index cd426f430..62491587e 100644 --- a/apps/elastic-kibana/8.14.3/config/kibana.yml +++ b/apps/elastic-kibana/8.14.3/config/kibana.yml @@ -1,183 +1,6 @@ -# For more configuration options see the configuration guide for Kibana in -# https://www.elastic.co/guide/index.html - -# =================== System: Kibana Server =================== -# Kibana is served by a back end server. This setting specifies the port to use. -server.port: 5601 - -# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. -# The default is 'localhost', which usually means remote machines will not be able to connect. -# To allow connections from remote users, set this parameter to a non-loopback address. -server.host: "0.0.0.0" - -# Enables you to specify a path to mount Kibana at if you are running behind a proxy. -# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath -# from requests it receives, and to prevent a deprecation warning at startup. -# This setting cannot end in a slash. -#server.basePath: "" - -# Specifies whether Kibana should rewrite requests that are prefixed with -# `server.basePath` or require that they are rewritten by your reverse proxy. -# Defaults to `false`. -#server.rewriteBasePath: false - -# Specifies the public URL at which Kibana is available for end users. If -# `server.basePath` is configured this URL should end with the same basePath. -#server.publicBaseUrl: "" - -# The maximum payload size in bytes for incoming server requests. -#server.maxPayload: 1048576 - -# The Kibana server's name. This is used for display purposes. -server.name: "kibana-node" - -# =================== System: Kibana Server (Optional) =================== -# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively. -# These settings enable SSL for outgoing requests from the Kibana server to the browser. -#server.ssl.enabled: false -#server.ssl.certificate: /path/to/your/server.crt -#server.ssl.key: /path/to/your/server.key - -# =================== System: Elasticsearch =================== -# The URLs of the Elasticsearch instances to use for all your queries. -#elasticsearch.hosts: ["http://localhost:9200"] - -# If your Elasticsearch is protected with basic authentication, these settings provide -# the username and password that the Kibana server uses to perform maintenance on the Kibana -# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which -# is proxied through the Kibana server. -#elasticsearch.username: "kibana_system" -#elasticsearch.password: "pass" - -# Kibana can also authenticate to Elasticsearch via "service account tokens". -# Service account tokens are Bearer style tokens that replace the traditional username/password based configuration. -# Use this token instead of a username/password. -# elasticsearch.serviceAccountToken: "my_token" - -# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of -# the elasticsearch.requestTimeout setting. -#elasticsearch.pingTimeout: 1500 - -# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value -# must be a positive integer. -#elasticsearch.requestTimeout: 30000 - -# The maximum number of sockets that can be used for communications with elasticsearch. -# Defaults to `Infinity`. -#elasticsearch.maxSockets: 1024 - -# Specifies whether Kibana should use compression for communications with elasticsearch -# Defaults to `false`. -#elasticsearch.compression: false - -# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side -# headers, set this value to [] (an empty list). -#elasticsearch.requestHeadersWhitelist: [ authorization ] - -# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten -# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. -#elasticsearch.customHeaders: {} - -# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. -#elasticsearch.shardTimeout: 30000 - -# =================== System: Elasticsearch (Optional) =================== -# These files are used to verify the identity of Kibana to Elasticsearch and are required when -# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required. -#elasticsearch.ssl.certificate: /path/to/your/client.crt -#elasticsearch.ssl.key: /path/to/your/client.key - -# Enables you to specify a path to the PEM file for the certificate -# authority for your Elasticsearch instance. -#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ] - -# To disregard the validity of SSL certificates, change this setting's value to 'none'. -#elasticsearch.ssl.verificationMode: full - -# =================== System: Logging =================== -# Set the value of this setting to off to suppress all logging output, or to debug to log everything. Defaults to 'info' -#logging.root.level: debug - -# Enables you to specify a file where Kibana stores log output. -#logging.appenders.default: -# type: file -# fileName: /var/logs/kibana.log -# layout: -# type: json - -# Example with size based log rotation -#logging.appenders.default: -# type: rolling-file -# fileName: /var/logs/kibana.log -# policy: -# type: size-limit -# size: 256mb -# strategy: -# type: numeric -# max: 10 -# layout: -# type: json - -# Logs queries sent to Elasticsearch. -#logging.loggers: -# - name: elasticsearch.query -# level: debug - -# Logs http responses. -#logging.loggers: -# - name: http.server.response -# level: debug - -# Logs system usage information. -#logging.loggers: -# - name: metrics.ops -# level: debug - -# Enables debug logging on the browser (dev console) -#logging.browser.root: -# level: debug - -# =================== System: Other =================== -# The path where Kibana stores persistent data not saved in Elasticsearch. Defaults to data -#path.data: data - -# Specifies the path where Kibana creates the process ID file. -#pid.file: /run/kibana/kibana.pid - -# Set the interval in milliseconds to sample system and process performance -# metrics. Minimum is 100ms. Defaults to 5000ms. -#ops.interval: 5000 - -# Specifies locale to be used for all localizable strings, dates and number formats. -# Supported languages are the following: English (default) "en", Chinese "zh-CN", Japanese "ja-JP", French "fr-FR". i18n.locale: "zh-CN" - -# =================== Frequently used (Optional)=================== - -# =================== Saved Objects: Migrations =================== -# Saved object migrations run at startup. If you run into migration-related issues, you might need to adjust these settings. - -# The number of documents migrated at a time. -# If Kibana can't start up or upgrade due to an Elasticsearch `circuit_breaking_exception`, -# use a smaller batchSize value to reduce the memory pressure. Defaults to 1000 objects per batch. -#migrations.batchSize: 1000 - -# The maximum payload size for indexing batches of upgraded saved objects. -# To avoid migrations failing due to a 413 Request Entity Too Large response from Elasticsearch. -# This value should be lower than or equal to your Elasticsearch cluster’s `http.max_content_length` -# configuration option. Default: 100mb -#migrations.maxBatchSizeBytes: 100mb - -# The number of times to retry temporary migration failures. Increase the setting -# if migrations fail frequently with a message such as `Unable to complete the [...] step after -# 15 attempts, terminating`. Defaults to 15 -#migrations.retryAttempts: 15 - -# =================== Search Autocomplete =================== -# Time in milliseconds to wait for autocomplete suggestions from Elasticsearch. -# This value must be a whole number greater than zero. Defaults to 1000ms -#unifiedSearch.autocomplete.valueSuggestions.timeout: 1000 - -# Maximum number of documents loaded by each shard to generate autocomplete suggestions. -# This value must be a whole number greater than zero. Defaults to 100_000 -#unifiedSearch.autocomplete.valueSuggestions.terminateAfter: 100000 +server.host: "0.0.0.0" +server.port: 5601 +server.name: "kibana" +server.shutdownTimeout: "5s" +monitoring.ui.container.elasticsearch.enabled: true diff --git a/apps/elastic-kibana/8.14.3/docker-compose.yml b/apps/elastic-kibana/8.14.3/docker-compose.yml index 9074a9d19..dc74e9ba1 100644 --- a/apps/elastic-kibana/8.14.3/docker-compose.yml +++ b/apps/elastic-kibana/8.14.3/docker-compose.yml @@ -23,10 +23,6 @@ services: - ${BARK_ROOT_PATH}/config:/usr/share/kibana/config - ${BARK_ROOT_PATH}/data:/usr/share/kibana/data environment: - - SERVER_PORT=5601 - - SERVER_NAME="kibana-node" + - SERVER_NAME="kibana" - SERVER_HOST="0.0.0.0" - I18N_LOCALE="zh-CN" - - SERVER_REWRITEBASEPATH=false - - SERVER_BASEPATH="" - - SERVER_PUBLICBASEURL=""