一、关于Curator
curator允许对索引和快照执行许多不同的操作,常用操作包括:
- 从别名添加或删除索引
- 更改分片路由分配更改分片路由分配
- 关闭索引关闭索引
- 创建索引创建索引
- 删除索引删除索引
- 删除快照删除快照
- 打开被关闭的索引打开被关闭的索引
curator版本
Curator版本关系
二、安装&卸载curator
1.本人使用的安装方式(centos7环境下)
- 下载对应的curator包 下载地址:
Elasticsearch Curator 5.8.3 RHEL/CentOS 7 Binary Package (RPM)
Elasticsearch Curator 5.8.3 RHEL/CentOS 6 Binary Package (RPM) 在elasticsearch集群所在的机器上安装curator
rpm -ivh elasticsearch-curator-5.8.3-1.x86_64.rpm验证是否安装成功
curator --version如果出现如下错误:
Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment. Consult http://click.pocoo.org/python... mitigation steps.
This system lists a couple of UTF-8 supporting locales that
you can pick from. The following suitable locales where
discovered: en_AG.utf8, en_AU.utf8, en_BW.utf8, en_CA.utf8, en_DK.utf8, en_GB.utf8, en_HK.utf8, en_IE.utf8, en_IN.utf8, en_NG.utf8, en_NZ.utf8, en_PH.utf8, en_SG.utf8, en_US.utf8, en_ZA.utf8, en_ZM.utf8, en_ZW.utf8
解决方式:
##执行前运行
export LC_ALL=en_US.utf-8
export LANG=en_US.utf-82.官方安装步骤
3.使用docker镜像安装
卸载curator
rpm -e elasticsearch-curator参考:ElasticSearch-curator 安装与卸载
三、使用curator管理索引
1.curator运行
## 指定配置文件config_file.yml,和需要执行的脚本文件action_file.yml
curator --config /config/config_file.yml /config/action_file.yml- 参考config_file.yml
版本不同配置文件也有很大差别,请参考官方文档:官方配置文件地址
---
# Remember, leave a key empty if there is no value. None will be a string,
# not a Python "NoneType"
client:
hosts:
- 127.0.0.1
port: 9200
url_prefix:
use_ssl: False
certificate:
client_cert:
client_key:
ssl_no_validate: True
username: 'elastic'
password: '123456'
# http_auth: elastic:123456
timeout: 120
master_only: True
logging:
loglevel: INFO
logfile:
logformat: default
#blacklist: ['elasticsearch', 'urllib3']- 参考action_file.yml
具体管理执行命令参考官方:官方管理action_file
actions:
1:
action: delete_indices
description: >-
Delete indices older than ${UNIT_COUNT:1} ${UNIT:months} (based on index name), for logstash-
prefixed indices. Ignore the error if the filter does not result in an
actionable list of indices (ignore_empty_list) and exit cleanly.
options:
ignore_empty_list: True
timeout_override:
continue_if_exception: True
disable_action: False
filters:
- filtertype: pattern
kind: prefix
value: logstash-
exclude:
- filtertype: age
source: name
direction: older
timestring: '%Y.%m.%d'
unit: ${UNIT:months}
unit_count: ${UNIT_COUNT:1}
exclude:
# 2:
# action: delete_indices
# description: >-
# Delete indices older than ${UNIT_COUNT:1} ${UNIT:months} (based on index name), for filebeat-
# prefixed indices. Ignore the error if the filter does not result in an
# actionable list of indices (ignore_empty_list) and exit cleanly.
# options:
# ignore_empty_list: True
# timeout_override:
# continue_if_exception: True
# disable_action: False
# filters:
# - filtertype: pattern
# kind: prefix
# value: filebeat-
# exclude:
# - filtertype: age
# source: name
# direction: older
# timestring: '%Y.%m.%d'
# unit: ${UNIT:months}
# unit_count: ${UNIT_COUNT:1}
# exclude:2.定时执行(linux)
crontab命令用于设置周期性被执行的指令。该命令从标准输入设备读取指令,并将其存放于“crontab”文件中,以供之后读取和执行
- 编写sh脚本:curator-delete-index.sh
#!/bin/sh
/usr/local/bin/curator --config /home/soft/elk/config.yml /home/soft/elk/action.yml
echo "delete index success"
#最好使用命令的全路径名,否则可能找不到- chmod 777 /home/elk/curator-delete-index.sh
- 创建定时任务:crontab
1. crontab -e #打开了vi,输入:
30 16 * * * /home/elk/curator-delete-index.sh #之后保存退出vi
2. crontab -l #查看所有的root用户的定时任务参考文档:ES Curator的使用及其配置
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。