Elasticsearch kubernetes memory lock

这可以通过使用自定义图像入口点来解决。

您首先需要创建一个基于官方弹性映像的自定义弹性映像，

自定义入口点将更改内存限制，如下所示:

#!/bin/bash
# Set memlock limit
ulimit -u unlimited
# Call original entrypoint script
exec /docker-entrypoint.sh "${@}"

这是我在on-promise Kubernetes中的elasticsearch解决方案:

apiVersion: apps/v1
kind: Deployment
metadata:
name: elasticsearch
namespace: elasticsearch
labels:
app: elasticsearch
spec:
replicas: 1
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
initContainers:
- name: init-limit
image: busybox:1.27.2
command:
[
"sh",
"-c",
"ulimit -Hl unlimited && ulimit -Sl unlimited && ulimit -n 65536 && id",
]
securityContext:
runAsNonRoot: false
runAsUser: 0
capabilities:
add: ["IPC_LOCK", "SYS_RESOURCE"]
- name: init-chown
image: busybox:1.27.2
command:
[
"sh",
"-c",
'chown -R 1000:1000 /usr/share/elasticsearch/data && echo "done"',
]
securityContext:
privileged: true
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: elastic-data-volume
containers:
# container elasticsearch
- image: docker.elastic.co/elasticsearch/elasticsearch:7.7.0
name: elasticsearch
imagePullPolicy: Always
ports:
- containerPort: 9200
- containerPort: 9300
securityContext:
privileged: true
env:
- name: http.host
value: "0.0.0.0"
- name: transport.host
value: "0.0.0.0"
- name: network.bind_host
value: "0.0.0.0"
- name: xpack.security.enabled
value: "false"
- name: xpack.monitoring.enabled
value: "false"
- name: cluster.name
value: elasticsearch
- name: bootstrap.memory_lock
value: "true"
- name: discovery.type
value: "single-node"
- name: ES_JAVA_OPTS
value: "-Djava.net.preferIPv4Stack=true -Xms512m -Xmx512m"
- name: MAX_LOCKED_MEMORY
value: unlimited
- name: LimitMEMLOCK
value: infinity
- name: UsePAM
value: "yes"
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: elastic-data-volume

PS:必须添加Service,PersistentVolume和PersistentVolumeClaim

希望这可以帮助一些人!