linux办公网
jaeger部暑 (elasticsearch+kafka)
创始人
2024-05-30 21:38:55
0
服务器IP部暑角色
192.168.11.100zookeeper kafka elasticsearch jaeger-collector jaeger-ingester jaeger-agent jaeger-query hotrod

一、docker部暑
。。。

二、.安装Zookeeper

path=/data/zookeeper
mkdir -p ${path}/{data,conf,log}
chown -R 1000.1000 ${path}echo "0" > ${path}/data/myid 
#zookeeper配置文件
cat > ${path}/conf/zoo.cfg << 'EOF'
4lw.commands.whitelist=mntr,ruok
clientPort=2181
dataDir=/data/zookeeper/data
dataLogDir=/data/zookeeper/log
tickTime=2000
initLimit=5
syncLimit=2
autopurge.snapRetainCount=3
autopurge.purgeInterval=0
maxClientCnxns=60
server.0=192.168.11.100:2888:3888EOFcat > ${path}/start.sh << 'EOF'
cd `dirname $0`
docker run -d \
--network host \
--restart=always \
-v `pwd`/data:/data/zookeeper/data \
-v /etc/localtime:/etc/localtime \
-v `pwd`/conf/zoo.cfg:/conf/zoo.cfg \
--name zookeeper \
zookeeper:3.6.3
EOFbash ${path}/start.sh

#查询zookeeper状态
docker exec -i zookeeper zkServer.sh status ZooKeeper JMX enabled by default
Using config: /conf/zoo.cfg
Client port found: 2181. Client address: localhost. Client SSL: false.
Mode: standalone

#zookeeper安全问题

#对根目录进行基于IP或auth的授权
docker exec -i zookeeper zkCli.sh -server 127.0.0.1  << EOF
setAcl / ip:127.0.0.1:rwcda,ip:192.168.11.0/24:rwcda,ip:172.19.0.0/16:rwcda
getAcl /
quit
EOF[zk: 127.0.0.1(CONNECTED) 1] getAcl /
'ip,'127.0.0.1
: cdrwa
'ip,'192.168.11.0/24
: cdrwa
'ip,'172.19.0.0/16
: cdrwa#关闭acl
setAcl / world:anyone:cdrwa

三、部暑kafka
#KAFKA_BROKER_ID,KAFKA_LISTENERS,KAFKA_ADVERTISED_LISTENERS,KAFKA_ZOOKEEPER_CONNECT等四个参数按实际情况修改

path=/data/kafka
mkdir ${path}/{log,data} -p
cat >  ${path}/start.sh << 'EOF'
#!/bin/bash
cd `dirname $0`docker run -d \
--name kafka \
--restart=always \
--network host \
-e LOG_DIRS=/data/kafka/log \
-e KAFKA_BROKER_ID=0 \
-e KAFKA_LISTENERS=PLAINTEXT://192.168.11.100:9092 \
-e KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://192.168.11.100:9092 \
-e KAFKA_ZOOKEEPER_CONNECT=192.168.11.100:2181/kafka \
-e KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1 \
-e KAFKA_PORT=9092 \
-v `pwd`/data:/kafka \
-v `pwd`/log:/data/kafka/log \
-v /etc/localtime:/etc/localtime \
wurstmeister/kafka:2.13-2.8.1
EOFbash  ${path}/start.sh

验证kafka

#创建topic
docker exec -it  kafka bash
kafka-topics.sh --create \
--zookeeper 192.168.11.100:2181/kafka \
--topic test \
--partitions 1 \
--replication-factor 1#生产者
docker exec -it kafka bash
/opt/kafka_2.13-2.8.1/bin/kafka-console-producer.sh \
--broker-list 192.168.11.100:9092 \
--topic test #消费者
docker exec -it kafka bash
/opt/kafka_2.13-2.8.1/bin/kafka-console-consumer.sh \
--bootstrap-server 192.168.11.100:9092 \
--topic test --from-beginning

四、elasticsearch
4.1、集群证书生成,生成elastic-certificates.p12证书(此步要手动执行确认)

mkdir -p /data/elasticsearch/{config,logs,data}/
mkdir -p /data/elasticsearch/config/certs/chown 1000:root /data/elasticsearch/{config,logs,data}
docker run -it --rm \
-v /data/elasticsearch/config/:/usr/share/elasticsearch/config/ \
elasticsearch:7.17.6 bash  
#以下需要手动执行
bin/elasticsearch-certutil ca  -s --pass '' --days 10000 --out elastic-stack-ca.p12bin/elasticsearch-certutil cert  -s --ca-pass '' --pass '' --days 5000  --ca elastic-stack-ca.p12  --out  elastic-certificates.p12mv elastic-* config/certs
chown -R 1000:root config
exit

4.2 准备elasticsearch.yml

mkdir -p /data/elasticsearch/{config,data}
cat > /data/elasticsearch/config/elasticsearch.yml << 'EOF'
cluster.name: smartgate-cluster
discovery.seed_hosts: 192.168.11.100
cluster.initial_master_nodes: 192.168.11.100
network.host: 192.168.11.100#增加了写队列的大小
thread_pool.write.queue_size: 1000
#锁定内存
bootstrap.memory_lock: truexpack.license.self_generated.type: basic
xpack.ml.enabled: false
#xpack.security.enrollment.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: "certificate"
xpack.security.transport.ssl.keystore.path: "certs/elastic-certificates.p12"
xpack.security.transport.ssl.truststore.path: "certs/elastic-certificates.p12"
xpack.security.enabled: true#xpack.security.http.ssl.enabled: true
#xpack.security.http.ssl.keystore.path: certs/elastic-certificates.p12
#xpack.security.http.ssl.truststore.path: certs/elastic-certificates.p12
#xpack.security.http.ssl.client_authentication: optional
#xpack.security.authc.realms.pki.pki1.order: 1node.roles: ['master','data','ingest','remote_cluster_client']
node.name: 192.168.11.100http.port: 9200
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
http.cors.enabled: true
http.host: "192.168.11.100,127.0.0.1"
transport.host: "192.168.11.100,127.0.0.1"
ingest.geoip.downloader.enabled: false
EOFcat >/data/elasticsearch/start.sh << 'EOF'
#!/bin/bash
cd `dirname $0`
dockerd --iptables=false >/dev/nul 2>&1 &
sleep 1
docker start elasticsearch >/dev/nul 2>&1
if [ "$?" == "0" ]
then
docker rm elasticsearch -f
fi
sleep 1
docker start elasticsearch >/dev/nul 2>&1
if [ "$?" != "0" ]
thenecho "run elasticsearch"docker run -d \
--restart=always \
--name elasticsearch \
--network host \
--privileged \
--ulimit memlock=-1:-1 \
--ulimit nofile=65536:65536 \
-e ELASTIC_PASSWORD=xxxxxxxx \
-e KIBANA_PASSWORD=xxxxxxxx \
-e "ES_JAVA_OPTS=-Xms1g -Xmx1g" \
-v /etc/localtime:/etc/localtime \
-v `pwd`/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v `pwd`/config/certs/:/usr/share/elasticsearch/config/certs \
-v `pwd`/data/:/usr/share/elasticsearch/data/ \
-v `pwd`/logs/:/usr/share/elasticsearch/logs/  \
elasticsearch:7.17.6
fi
EOFbash /data/elasticsearch/start.sh

4.3 验证es

curl -u elastic:xxxxxxxx  http://192.168.11.100:9200/
{"name" : "192.168.11.101","cluster_name" : "smartgate-cluster","cluster_uuid" : "arM00fRrTy-FsqohMaftAA","version" : {"number" : "7.17.6","build_flavor" : "default","build_type" : "docker","build_hash" : "f65e9d338dc1d07b642e14a27f338990148ee5b6","build_date" : "2022-08-23T11:08:48.893373482Z","build_snapshot" : false,"lucene_version" : "8.11.1","minimum_wire_compatibility_version" : "6.8.0","minimum_index_compatibility_version" : "6.0.0-beta1"},"tagline" : "You Know, for Search"
}

五、jaeger-collector

path=/data/jaeger-collector
mkdir ${path} -p
cat >${path}/start.sh << 'EOF'
#!/bin/bash
cd `dirname $0`docker run -d \
--restart=always \
--name=jaeger-collector \
-p 9411:9411 \
-p 14250:14250 \
-p 14268:14268 \
-p 14269:14269 \
-e SPAN_STORAGE_TYPE=kafka \
-e KAFKA_PRODUCER_BROKERS="192.168.11.100:9092" \
-e KAFKA_TOPIC="jaeger-spans" \
-v /etc/localtime:/etc/localtime \
jaegertracing/jaeger-collector:1.42
#-e SPAN_STORAGE_TYPE=elasticsearch \
#-e ES_SERVER_URLS=http://192.168.11.100:9200 \
EOFbash ${path}/start.sh

六、jaeger-ingester

path=/data/jaeger-ingester
mkdir ${path} -p
cat >${path}/start.sh << 'EOF'
#!/bin/bash
cd `dirname $0`docker run -d \
--restart=always \
--name jaeger-ingester \
--restart=always \
--hostname=ingester \
-e SPAN_STORAGE_TYPE=elasticsearch \
-e ES_ARCHIVE_SERVER_URLS="http://192.168.11.100:9200" \
-e ES_SERVER_URLS="http://192.168.11.100:9200" \
-e ES_USERNAME=elastic \
-e ES_PASSWORD=xxxxxxxx \
-e KAFKA_CONSUMER_BROKERS="192.168.11.100:9092" \
-e KAFKA_CONSUMER_TOPIC="jaeger-spans" \
-v /etc/localtime:/etc/localtime \
jaegertracing/jaeger-ingester:1.42
EOFbash ${path}/start.sh

七、jaeger-agent(每台服务器部暑一个,但在kubernetes中部暑的意义不大)

path=/data/jaeger-agent
mkdir ${path} -p
cat >${path}/start.sh << 'EOF'
#!/bin/bash
cd `dirname $0`docker run -d \
--restart=always \
--name=jaeger-agent \
-p 6831:6831/udp \
-p 6832:6832/udp \
-p 5778:5778/tcp \
-p 5775:5775/udp \
-e REPORTER_GRPC_HOST_PORT=192.168.11.100:14250 \
-e LOG_LEVEL=debug \
-v /etc/localtime:/etc/localtime \
jaegertracing/jaeger-agent:1.42
EOFbash ${path}/start.sh

八、jaeger-query

path=/data/jaeger-query
mkdir ${path} -p
cat >${path}/start.sh << 'EOF'
#!/bin/bash
cd `dirname $0`docker run -d \
--restart=always \
--name=jaeger-query \
-p 16685:16685 \
-p 16686:16686 \
-p 16687:16687 \
-e SPAN_STORAGE_TYPE=elasticsearch \
-e ES_SERVER_URLS=http://192.168.11.100:9200 \
-e ES_USERNAME=elastic \
-e ES_PASSWORD=xxxxxxxx \
-v /etc/localtime:/etc/localtime \
jaegertracing/jaeger-query:1.42
EOFbash ${path}/start.sh

访问query

http://192.168.11.100:16686/search

九、jaeger-client (hotrod example) 与应用集成

path=/data/hotrod
mkdir ${path} -p
cat >${path}/start.sh << 'EOF'
#!/bin/bash
docker rm -f hotrodcd `dirname $0`
docker run -d \
--restart=always \
--name=hotrod \
-v /etc/localtime:/etc/localtime \
-p 8081:8080 \
-p 8083:8080 \
-e OTEL_EXPORTER_JAEGER_AGENT_HOST=192.168.11.100 \
-e OTEL_EXPORTER_JAEGER_AGENT_PORT=6831 \
-e OTEL_EXPORTER_JAEGER_ENDPOINT=http://192.168.11.100:14268/api/traces \
jaegertracing/example-hotrod:1.42 -m prometheus all
EOFbash ${path}/start.sh

访问hotrod

http://192.168.11.100:8081/

在这里插入图片描述

在这里插入图片描述

词库加载错误:未能找到文件“E:\highferrum_mysql\Configuration\Dict_Stopwords.txt”。

上一篇:计算机网络的166个概念你知道几个 第十二部分

下一篇:《实践论》笔记及当下反思(二)

相关内容

热门资讯

AWSECS:访问外部网络时出... 如果您在AWS ECS中部署了应用程序,并且该应用程序需要访问外部网络,但是无法正常访问,可能是因为...
AWSElasticBeans... 在Dockerfile中手动配置nginx反向代理。例如,在Dockerfile中添加以下代码:FR...
AWR报告解读 WORKLOAD REPOSITORY PDB report (PDB snapshots) AW...
AWS管理控制台菜单和权限 要在AWS管理控制台中创建菜单和权限,您可以使用AWS Identity and Access Ma...
银河麒麟V10SP1高级服务器... 银河麒麟高级服务器操作系统简介: 银河麒麟高级服务器操作系统V10是针对企业级关键业务...
北信源内网安全管理卸载 北信源内网安全管理是一款网络安全管理软件,主要用于保护内网安全。在日常使用过程中,卸载该软件是一种常...
群晖外网访问终极解决方法:IP... 写在前面的话 受够了群晖的quickconnet的小水管了,急需一个新的解决方法&#x...
​ToDesk 远程工具安装及... 目录 前言 ToDesk 优势 ToDesk 下载安装 ToDesk 功能展示 文件传输 设备链接 ...
Azure构建流程(Power... 这可能是由于配置错误导致的问题。请检查构建流程任务中的“发布构建制品”步骤,确保正确配置了“Arti...
不能访问光猫的的管理页面 光猫是现代家庭宽带网络的重要组成部分,它可以提供高速稳定的网络连接。但是,有时候我们会遇到不能访问光...