Table of Contents generated with DocToc
0. 参考文档
Elasticsearch Reference[5.2.2] Snapshot And Restore
HDFS Repository Plugin
1. 概述
最近工作中使用了es的snapshot/restore来进行跨集群同步,将步骤整理为此文档。
说明 :本文仅适用于es5.2.2与hadoop2.7.0,其他版本请参考es官方文档。
2. 环境准备
2.1. elasticsearch-5.2.2
2.1.1. elasticsearch安装
将程序包解压并添加如下配置便于用head查看es信息,其他信息保持不变
http.cors.enabled: true
http.cors.allow-origin: "*"
- 启动es
./bin/elasticsearch -d -p pid # 后台运行,将pid输出到pid文件
- 验证
$ curl localhost:9200
{
"name" : "ODQxF0o",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "eBH2lQZGQnKa5ssUXzUEig",
"version" : {
"number" : "5.2.2",
"build_hash" : "f9d9b74",
"build_date" : "2017-02-24T17:26:45.835Z",
"build_snapshot" : false,
"lucene_version" : "6.4.1"
},
"tagline" : "You Know, for Search"
}
2.1.2. repository-hdfs插件安装
若采用hdfs作为快照存储介质,需要额外安装插件(插件下载地址)。
- 安装
$ ./bin/elasticsearch-plugin install file:///path/to/repository-hdfs-5.2.2.zip
- 验证
查看已安装插件列表
$ ./bin/elasticsearch-plugin list
2.1.3. 造数
为了后续验证,在es中新建索引并添加数据。
#! /bin/bash
# 创建名为test-index的索引
curl -XPUT 'http://localhost:9200/test-index/'
# 插入若干条数据,这种方式效率较低,大量数据推荐采用multi api
for i in {1..1001}
do
curl -XPOST 'http://localhost:9200/test-index/doc' -d '{"name":"tom"}'
done
2.2. hadoop-2.7.0
2.2.1. 下载
2.2.2. 安装
为了简单起见,示例采用伪分布式安装(pseudo-distributed),将程序包解压,并修改如下配置文件:
- etc/hadoop/hadoop-env.sh
# 设置java路径
export JAVA_HOME=/path/to/java
- etc/hadoop/core-site.xml
<configuration>
<property>
<name>fs.defaultFS</name>
<value>hdfs://localhost:9000</value>
</property>
</configuration>
- etc/hadoop/hdfs-site.xml
<configuration>
<property>
<name>dfs.replication</name>
<value>1</value>
</property>
<property>
<name>dfs.name.dir</name>
<value>/tmp/hadoop/2.7.0/name</value>
</property>
<property>
<name>dfs.data.dir</name>
<value>/tmp/hadoop/2.7.0/data</value>
</property>
</configuration>
2.2.3. 配置ssh免密
若ssh loclhost无法登陆本机,则进行如下操作:
$ ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
$ chmod 0600 ~/.ssh/authorized_keys
2.2.4. 格式化文件系统
$ ./bin/hdfs namenode -format
2.2.5 启动HDFS
- 启动
$ ./sbin/start-dfs.sh
- 验证
- 通过jps命令查看相关进程是否存在
- 浏览器访问web ui,地址http://localhost:50070 (hadoop2默认为50070端口)
3. 注册仓库
curl -XPUT 'http://localhost:9200/_snapshot/hdfs_repo' -d
'{
"type": "hdfs",
"settings": {
"uri": "hdfs://localhost:9000",
"path": "es/hdfs_repo",
"max_restore_bytes_per_sec":"1mb",
"max_snapshot_bytes_per_sec":"1mb"
}
}'
若返回结果如下,则成功
{
"acknowledged": true
}
- 查看HDFS目录
查看HDFS中是否已经添加相关目录
$ ./bin/hdfs dfs -ls -R /
20/04/29 21:04:45 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java classes where applicable
drwxr-xr-x - username supergroup 0 2020-04-29 21:03 /user
drwxr-xr-x - username supergroup 0 2020-04-29 21:03 /user/username
drwxr-xr-x - username supergroup 0 2020-04-29 21:03 /user/username/es
drwxr-xr-x - username supergroup 0 2020-04-29 21:03 /user/username/es/hdfs_repo
- 查看仓库信息
$ curl 'http://localhost:9200/_snapshot/_all?pretty'
{
"hdfs_repo" : {
"type" : "hdfs",
"settings" : {
"path" : "es/hdfs_repo",
"max_restore_bytes_per_sec" : "1mb",
"uri" : "hdfs://localhost:9000",
"max_snapshot_bytes_per_sec" : "1mb"
}
}
}
- 配置说明
基于HDFS的配置最常用的为示例中几个,uri和path是必不可少,余下两个是限速参数,实际生产环境中也不可或缺。
参数详细说明以及其他参数请参考如下文档:
4. 创建快照
curl -XPUT 'http://localhost:9200/_snapshot/hdfs_repo/snapshot_1?wait_for_completion=false' -d \
'{
"ignore_unavailable": true,
"include_global_state": false,
"partial": true
}'
- 参数说明
| 参数 | 说明 |
|---|---|
| wait_for_completion | 请求立即返回还是等待创建快照完毕后再返回,若数据量较多可以设置为false |
| ignore_unavailable | 忽略创建快照时不存在的索引 |
| partial | 默认情况下索引存在不可用分片时该索引的备份会失败,设置此参数为true可以备份可用的分片 |
| ... | ... |
更多参数说明请参考官方文档
4.1. access_control_exception
此时创建快照会报如下错误
{
"error": {
"root_cause": [
{
"type": "repository_exception",
"reason": "[hdfs_repo] could not read repository data from index blob"
}
],
"type": "repository_exception",
"reason": "[hdfs_repo] could not read repository data from index blob",
"caused_by": {
"type": "i_o_exception",
"reason": "com.google.protobuf.ServiceException: java.security.AccessControlException: access denied (\"javax.security.auth.PrivateCredentialPermission\" \"org.apache.hadoop.security.Credentials\" \"read\")",
"caused_by": {
"type": "service_exception",
"reason": "java.security.AccessControlException: access denied (\"javax.security.auth.PrivateCredentialPermission\" \"org.apache.hadoop.security.Credentials\" \"read\")",
"caused_by": {
"type": "access_control_exception",
"reason": "access denied (\"javax.security.auth.PrivateCredentialPermission\" \"org.apache.hadoop.security.Credentials\" \"read\")"
}
}
}
},
"status": 500
}
- 解决方法
在repository-hdfs插件的java security policy文件中添加如下内容:
permission javax.security.auth.PrivateCredentialPermission "org.apache.hadoop.security.Credentials * \"*\"", "read";
并在es jvm配置文件config/jvm.options中指定该策略文件:
-Djava.security.policy=file:///path/to/plugins/repository-hdfs/plugin-security.policy
4.2. 查看快照信息
curl'http://localhost:9200/_snapshot/hdfs_repo/snapshot_1‘
curl'http://localhost:9200/_snapshot/hdfs_repo/_all‘
curl'http://localhost:9200/_cat/snapshots/hdfs_repo?v'
注:hdfs_repo为前文已经创建了的仓库名,snapshot_1为前文已创建的快照名,后文同。
4.3. 快照删除与停止
curl -XDELETE 'http://localhost:9200/_snapshot/hdfs_repo/snapshot_1'
5. 快照恢复
示例为同集群恢复,若需跨集群恢复则需在目标集群中安装repository-hefs插件以及注册与源集群位置一样的仓库。
5.1. 恢复
为了进行验证首先删除原索引
- 删除索引
curl -XDELETE 'http://localhost:9200/test-index'
- 数据恢复
curl -XPOST 'localhost:9200/_snapshot/hdfs_repo/snapshot_1/_restore?wait_for_completion=false' -d
'{
"ignore_unavailable": true,
"include_global_state": false,
"partial": true,
"index_settings":{
"index.number_of_replicas":0
}
}'
- 参数说明
index_settings为索引设置,可以通过该参数设置索引的分片数、副本数等,其他参数含义与创建快照时相同。
5.2. 恢复进度查看
curl'http://localhost:9200/_snapshot/hdfs_repo/snapshot_1‘ # 信息详细,但较慢
curl'http://localhost:9200/_snapshot/hdfs_repo/snapshot_1/_status‘ # 较快,但信息少
5.3. 中止恢复
curl -XDELETE 'http://localhost:9200/_snapshot/hdfs_repo/snapshot_1' # 与删除快照命令一样
