一、对于Curator
curator容许对索引和快照执行许多不同的操作,罕用操作包含:
- 从别名增加或删除索引
- 更改分片路由调配更改分片路由调配
- 敞开索引敞开索引
- 创立索引创立索引
- 删除索引删除索引
- 删除快照删除快照
- 关上被敞开的索引关上被敞开的索引
curator版本
Curator版本关系
二、装置&卸载curator
1.自己应用的装置形式(centos7环境下)
- 下载对应的curator包 下载地址:
Elasticsearch Curator 5.8.3 RHEL/CentOS 7 Binary Package (RPM)
Elasticsearch Curator 5.8.3 RHEL/CentOS 6 Binary Package (RPM) 在elasticsearch集群所在的机器上装置curator
rpm -ivh elasticsearch-curator-5.8.3-1.x86_64.rpm验证是否装置胜利
curator --version如果呈现如下谬误:
Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment. Consult http://click.pocoo.org/python... mitigation steps.
This system lists a couple of UTF-8 supporting locales that
you can pick from. The following suitable locales where
discovered: en_AG.utf8, en_AU.utf8, en_BW.utf8, en_CA.utf8, en_DK.utf8, en_GB.utf8, en_HK.utf8, en_IE.utf8, en_IN.utf8, en_NG.utf8, en_NZ.utf8, en_PH.utf8, en_SG.utf8, en_US.utf8, en_ZA.utf8, en_ZM.utf8, en_ZW.utf8
解决形式:
##执行前运行export LC_ALL=en_US.utf-8export LANG=en_US.utf-82.官网装置步骤
Curator官网装置步骤
3.应用docker镜像装置
docker镜像装置curator
卸载curator
rpm -e elasticsearch-curator参考:ElasticSearch-curator 装置与卸载
三、应用curator治理索引
1.curator运行
## 指定配置文件config_file.yml,和须要执行的脚本文件action_file.yml curator --config /config/config_file.yml /config/action_file.yml- 参考config_file.yml
版本不同配置文件也有很大差异,请参考官网文档:官网配置文件地址
---# Remember, leave a key empty if there is no value. None will be a string,# not a Python "NoneType"client: hosts: - 127.0.0.1 port: 9200 url_prefix: use_ssl: False certificate: client_cert: client_key: ssl_no_validate: True username: 'elastic' password: '123456'# http_auth: elastic:123456 timeout: 120 master_only: Truelogging: loglevel: INFO logfile: logformat: default #blacklist: ['elasticsearch', 'urllib3']- 参考action_file.yml
具体治理执行命令参考官网:官网治理action_file
actions: 1: action: delete_indices description: >- Delete indices older than ${UNIT_COUNT:1} ${UNIT:months} (based on index name), for logstash- prefixed indices. Ignore the error if the filter does not result in an actionable list of indices (ignore_empty_list) and exit cleanly. options: ignore_empty_list: True timeout_override: continue_if_exception: True disable_action: False filters: - filtertype: pattern kind: prefix value: logstash- exclude: - filtertype: age source: name direction: older timestring: '%Y.%m.%d' unit: ${UNIT:months} unit_count: ${UNIT_COUNT:1} exclude:# 2:# action: delete_indices# description: >-# Delete indices older than ${UNIT_COUNT:1} ${UNIT:months} (based on index name), for filebeat-# prefixed indices. Ignore the error if the filter does not result in an# actionable list of indices (ignore_empty_list) and exit cleanly.# options:# ignore_empty_list: True# timeout_override:# continue_if_exception: True# disable_action: False# filters:# - filtertype: pattern# kind: prefix# value: filebeat-# exclude:# - filtertype: age# source: name# direction: older# timestring: '%Y.%m.%d'# unit: ${UNIT:months}# unit_count: ${UNIT_COUNT:1}# exclude:2.定时执行(linux)
crontab命令用于设置周期性被执行的指令。该命令从规范输出设施读取指令,并将其寄存于“crontab”文件中,以供之后读取和执行
- 编写sh脚本:curator-delete-index.sh
#!/bin/sh /usr/local/bin/curator --config /home/soft/elk/config.yml /home/soft/elk/action.yml echo "delete index success" #最好应用命令的全路径名,否则可能找不到- chmod 777 /home/elk/curator-delete-index.sh
- 创立定时工作:crontab
1. crontab -e #关上了vi,输出:30 16 * * * /home/elk/curator-delete-index.sh #之后保留退出vi2. crontab -l #查看所有的root用户的定时工作参考文档:ES Curator的应用及其配置
四、附录
干货 | Elasticsearch索引治理利器——Curator深刻详解