• ES定期清理索引

    ES定期清理索引

    1、curator安装

    下载上传rpm包

    官方下载地址
    选择 YUM repository,下载rpm安装包并上传到对应主机。
    在这里插入图片描述

    安装rpm包

    [root@test-hunteron-elk ~]# ls
elasticsearch-curator-5.8.3-1.x86_64.rpm  
[root@test-hunteron-elk ~]# rpm -ivh elasticsearch-curator-5.8.3-1.x86_64.rpm

    • 1
    • 2
    • 3

    默认的安装路径:/opt/elasticsearch-curator

    [root@test-hunteron-elk ~]# cd /opt/elasticsearch-curator
[root@test-hunteron-elk elasticsearch-curator]# ll
total 9288
-rw-r--r--  1 root root  263774 Jan 13  2021 cacert.pem
-rwxr-xr-x  1 root root 3075432 Jan 13  2021 curator
-rwxr-xr-x  1 root root 3075432 Jan 13  2021 curator_cli
-rwxr-xr-x  1 root root 3075432 Jan 13  2021 es_repo_mgr
drwxr-xr-x 38 root root    4096 Aug 16 15:13 lib

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8

    2、添加配置文件

    curator中需要使用到两个配置文件:
  config.yml(用于连接es的配置)
  action.yml(用于表明要做哪些操作)。
文件名可以自定义,因为在命令中会指定这些配置文件。
这里我把配置文件写在了elasticsearch-curator目录下 。

    • 1
    • 2
    • 3
    • 4
    • 5

    创建logfile目录

    新建log文件,后面配置文件中会用到,用来指定存放清理索引的日志。

    [root@test-hunteron-elk log]# pwd
/opt/elasticsearch-curator/log
[root@test-hunteron-elk log]# ls
curator.log

    • 1
    • 2
    • 3
    • 4

    创建my-config.yml

    [root@test-hunteron-elk elasticsearch-curator]# cat my-config.yml
---
# Remember,leave a key empty if there is no value.  None will be a string,
# not a Python "NoneType"
client:
  hosts:
    - 172.20.10.13
  port: 9200
  url_prefix:
  use_ssl: False
  certificate:
  client_cert:
  client_key:
  ssl_no_validate: False
  http_auth: elastic:elastic
  timeout: 30
  master_only: False

logging:
  loglevel: INFO
  logfile: /opt/elasticsearch-curator/log/curator.log
  logformat: default
  blacklist: ['elasticsearch', 'urllib3']

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21
    • 22
    • 23

    创建my-action.yml

    清理7天前的索引

    [root@test-hunteron-elk elasticsearch-curator]# cat my-action.yml
---
# Remember, leave a key empty if there is no value.  None will be a string,
# not a Python "NoneType"
#
# Also remember that all examples have 'disable_action' set to True.  If you
# want to use this action as a template, be sure to set this to False after
# copying it.
actions:
  1:
    action: delete_indices
    description: “删除7天前的索引”
    options:
      ignore_empty_list: True
      timeout_override: 300
      continue_if_exception: False
      disable_action: False
    filters:
    - filtertype: pattern
      kind: timestring
      value: 'logstash-%Y.%m.%d'
    - filtertype: age
      source: name
      direction: older
      timestring: '%Y.%m.%d'
      unit: days
      unit_count: 7

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21
    • 22
    • 23
    • 24
    • 25
    • 26
    • 27

    配置相关解释可参考阿里云Curator操作指南
    参考文章:「Curator」- 删除五天前日志索引

    3、测试

    先查看一下现有的Index:
    浏览器访问:http://172.20.10.13:9200/_cat/indices
    在这里插入图片描述使用 –dry-run 测试,根据日志输出进行调整:

    [root@test-hunteron-elk elasticsearch-curator]# curator  --config my-config.yml --dry-run my-action.yml
[root@test-hunteron-elk elasticsearch-curator]# /opt/elasticsearch-curator/curator   --config  /opt/elasticsearch-curator/my-config.yml  /opt/elasticsearch-curator/my-action.yml

    • 1
    • 2

    再次访问http://172.20.10.13:9200/_cat/indices 查看索引是否清理 没有清理建议查看日志cat /opt/elasticsearch-curator/log/curator.log排查报错原因

    [root@test-hunteron-elk elasticsearch-curator]# cat /opt/elasticsearch-curator/log/curator.log
2022-08-16 15:43:12,117 INFO      Preparing Action ID: 1, "delete_indices"
2022-08-16 15:43:12,118 INFO      Creating client object and testing connection
2022-08-16 15:43:12,120 INFO      Instantiating client object
2022-08-16 15:43:12,120 INFO      Testing client connectivity
2022-08-16 15:43:12,124 ERROR     HTTP 401 error: missing authentication credentials for REST request [/]
2022-08-16 15:43:12,125 CRITICAL  Curator cannot proceed. Exiting.
2022-08-16 15:44:10,604 INFO      Preparing Action ID: 1, "delete_indices"
2022-08-16 15:44:10,604 INFO      Creating client object and testing connection
2022-08-16 15:44:10,605 INFO      Instantiating client object
2022-08-16 15:44:10,606 INFO      Testing client connectivity
2022-08-16 15:44:10,611 ERROR     HTTP 401 error: missing authentication credentials for REST request [/]
2022-08-16 15:44:10,611 CRITICAL  Curator cannot proceed. Exiting.
# 注:我当时没有添加用户名密码认证导致报错
# 只需要将my-config.yml里 http_auth: 后面添加elasticsearch的账号密码即可

    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15

    4、添加定时任务

    crontab -e 创建计划任务

    # 每天0点定时清理
[root@test-hunteron-elk elasticsearch-curator]# crontab -l
0 0 * * *  /opt/elasticsearch-curator/curator   --config  /opt/elasticsearch-curator/my-config.yml  /opt/elasticsearch-curator/my-action.yml

    • 1
    • 2
    • 3
  • 相关阅读:
    程序员对外合作保密协议
    根据语义切分视频
    剪绳子(进阶版)
    拆分Nim游戏 - SG定理
    深度学习框架大战:究竟选择TensorFlow还是PyTorch?
    【仿牛客网笔记】Spring Boot实践,开发社区登录模块-账号设置,检查登录
    USB转串口芯片GP232RL 完全兼容替代FT232RL SSOP28
    Process assessment techniques-3
    static
    (c语言进阶)字符串函数、字符分类函数和字符转换函数
  • 原文地址:https://blog.csdn.net/qq_40887651/article/details/126369825