$m/host sys_init cs3d5 esd5 'SSH=echo;'
dev=vdb; d_mnt=/data; host=cs3d5_esd50; dev2=vdc;
fs=xfs;
cmd="svn update /mysh"
s $host "$cmd"
查看磁盘
cmd="/mysh/sys/disk show"
s $host "$cmd"
cmd="/mysh/sys/disk lvm_create $dev $d_mnt $fs"; echo "$cmd"
s $host "$cmd"
host=cs3d5_esd50[23];
cmd="/mysh/sys/disk lvm_extend $dev2 $fs"; echo "$cmd"
s $host "$cmd"
s cs3d5_esd5 "umount /data"
cmd="/mysh/sys/disk lvm_del 'vdb' 'vg=vg1'"
s cs3d5_esd501 "$cmd"
cmd="/mysh/sys/disk lvm_del 'vdb vdc' 'vg=vg1'"
s cs3d5_esd50[23] "$cmd"
dd if=/dev/zero of=/dev/vdb
dd if=/dev/zero of=/dev/vdc
$m/safe allow_rdc cs3d5_esd5 5200
dd if=/dev/zero of=/dev/vdb
https://artifacts.opensearch.org/releases/bundle/opensearch/1.1.0/opensearch-1.1.0-linux-x64.tar.gz
https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/1.1.0/opensearch-dashboards-1.1.0-linux-x64.tar.gz
https://artifacts.opensearch.org/logstash/logstash-oss-with-opensearch-output-plugin-7.13.2-linux-x64.tar.gz
https://hub.docker.com/r/opensearchproject/data-prepper/tags?page=1&ordering=last_updated&name=1.1.0
https://artifacts.opensearch.org/opensearch-clients/opensearch-cli/opensearch-cli-1.0.0-linux-x64.zip
s cs3d5_esd "wget http://test.hzdlsoft.com:4459/opensearch-1.1.0.tar.gz"
s cs3d5_esd "tar -zxvf opensearch-1.1.0.tar.gz"
s cs3d5_esd "/mysh/sys/sed.sh append /etc/sysctl.conf 'vm.max_map_count=262144';sysctl -p;cat /proc/sys/vm/max_map_count"
#安装
cmd="svn up /mysh; cd /mysh/sys; ./other_install.sh jdk11; ./other_install.sh opensearch;"
s cs3d5_esd50 "$cmd"
c=esd5; host=cs3d5_esd50;
s $host "svn up /mysh; /mysh/es/conf_opensearch cluster '$c' dp_jdk=11;"
#配置/etc/hosts
172.17.0.175 cs3d5_esd501
172.17.0.202 cs3d5_esd502
172.17.0.252 cs3d5_esd503
#生成证书,拷贝
# Root CA
openssl genrsa -out root-ca-key.pem 2048
openssl req -new -x509 -sha256 -key root-ca-key.pem -subj "/C=CA/ST=ONTARIO/L=TORONTO/O=ORG/OU=UNIT/CN=ROOT" -out root-ca.pem -days 36500
# Admin cert
openssl genrsa -out admin-key-temp.pem 2048
openssl pkcs8 -inform PEM -outform PEM -in admin-key-temp.pem -topk8 -nocrypt -v1 PBE-SHA1-3DES -out admin-key.pem
openssl req -new -key admin-key.pem -subj "/C=CA/ST=ONTARIO/L=TORONTO/O=ORG/OU=UNIT/CN=ADMIN" -out admin.csr
openssl x509 -req -in admin.csr -CA root-ca.pem -CAkey root-ca-key.pem -CAcreateserial -sha256 -out admin.pem -days 36500
# Node cert
openssl genrsa -out node-key-temp.pem 2048
openssl pkcs8 -inform PEM -outform PEM -in node-key-temp.pem -topk8 -nocrypt -v1 PBE-SHA1-3DES -out node-key.pem
openssl req -new -key node-key.pem -subj "/C=CA/ST=ONTARIO/L=TORONTO/O=ORG/OU=UNIT/CN=cs3d5_esd501" -out node.csr
openssl x509 -req -in node.csr -CA root-ca.pem -CAkey root-ca-key.pem -CAcreateserial -sha256 -out node.pem -days 36500
# Cleanup
rm -rf admin-key-temp.pem
rm -rf admin.csr
rm -rf node-key-temp.pem
rm -rf node.csr
/mysh/main/sync cp1 cs3d5_esd501 cs3d5_esd50[23] /web/es/config/certs/admin-key.pem /web/es/config/certs/admin-key.pem
/mysh/main/sync cp1 cs3d5_esd501 cs3d5_esd50[23] /web/es/config/certs/admin.pem /web/es/config/certs/admin.pem
/mysh/main/sync cp1 cs3d5_esd501 cs3d5_esd50[23] /web/es/config/certs/root-ca.pem /web/es/config/certs/root-ca.pem
/mysh/main/sync cp1 cs3d5_esd501 cs3d5_esd50[23] /web/es/config/certs/node-key.pem /web/es/config/certs/node-key.pem
/mysh/main/sync cp1 cs3d5_esd501 cs3d5_esd50[23] /web/es/config/certs/node.pem /web/es/config/certs/node.pem
#验证
curl -XGET https://cs3d5_esd501:5200 -u 'admin:admin' --insecure
curl -XGET https://localhost:5200/_cat/plugins?v -u 'admin:admin' --insecure
curl -XGET https://localhost:5200/_cat/nodes?v -u 'admin:admin' --insecure
----------------------
安装
cmd="svn up /mysh; cd /mysh/sys; ./other_install.sh jdk11; ./other_install.sh dashboards;"
s cs3d5_esd501 "$cmd"
rsync /mysh/etc/es/config/opensearch_dashboards.yml /web/dashboards/config/opensearch_dashboards.yml
#其他指令整理
./securityadmin.sh
-icl \
-nhnv \
-cacert ../../../config/certs/root-ca.pem \
-cert ../../../config/certs/admin.pem \
-key ../../../config/certs/admin-key.pem \
-p 5300
参考文档
网友评论