我正在使用Elasticsearch版本6.2.4,它的插件是searchguard 6.2.4-12,s3-repository-plugin。 使用设置
在elasticsearch.yml中为searchguard禁用SSLsearchguard.ssl.http.enabled: false
使用设置:
为serarchguard上的任何用户启用快照恢复searchguard.enable_snapshot_restore_privilege: true
出于测试目的,我创建了索引:
curl -uUSERNAME:PASSWORD -X PUT "localhost:9200/filebeat-2018.04.11" -H 'Content-Type: application/json' -d'
{
"settings" : {
"index" : {
"number_of_shards" : 3,
"number_of_replicas" : 2
}
}
}
'
这个成功创建的索引。 然后我使用这个脚本创建它的快照:
daysagoyear=$(date --date="30 days ago" +'%Y')
daysagomonth=$(date --date="30 days ago" +'%m')
daysagoday=$(date --date="30 days ago" +'%d')
INDEX_PREFIXES='filebeat-'
es_username="USERNAME"
es_password="PASSWORD"
indices=`curl -u "$es_username":"$es_password" localhost:9200/_cat/indices?v|grep $INDEX_PREFIXES|awk '{print $3}'`
for index in $indices
do
index_date=`echo "$index"|cut -d "-" -f2`
index_date=`echo "$index_date"|tr . -`
index_date_yr=`date -d $index_date "+%Y"`
index_date_mon=`date -d $index_date "+%m"`
index_date_day=`date -d $index_date "+%d"`
delete=0
SNAPSHOT_NAME=${INDEX_PREFIXES}${index_date}"-snapshot"
bucket_name="elklogsireland"
if [ "$daysagoyear" -gt "$index_date_yr" ]
then
delete=1
elif [ "$daysagoyear" -eq "$index_date_yr" -a "$daysagomonth" -gt "$index_date_mon" ]
then
delete=1
elif [ "$daysagoyear" -eq "$index_date_yr" -a "$daysagomonth" -eq "$index_date_mon" -a "$daysagoday" -ge "$index_date_day" ]
then
delete=1
fi
if [ $delete -eq 1 ]
then
echo "Creating snapshot of $index ..."
# Setting Base Path for S3 Bucket
#curlsettingstring="-d \'{\"type\": \"s3\", \"settings\": {\"bucket\": \"${bucket_name}\", \"base_path\": \"${index_date}\" }}\'"
curl -u $es_username:$es_password -XPUT "localhost:9200/_snapshot/$bucket_name" -H 'Content-Type: application/json' -d '{
"type": "s3",
"settings": {
"bucket": "'$bucket_name'",
"base_path": "'${INDEX_PREFIXES}${index_date}'"
}
}'
curl -u $es_username:$es_password -XPUT "http://localhost:9200/_snapshot/$bucket_name/$SNAPSHOT_NAME?wait_for_completion=true" -H 'Content-Type: application/json' -d '{
"indices": "'${index}'",
"ignore_unavailable": "true",
"include_global_state": false
}'
if [ $? -eq 0 ];then
echo "Removing $index ...."
curl -u $es_username:$es_password -XDELETE "http://localhost:9200/$index"
else
echo "$(date +"%Y-%m-%d:%H:%M:%S") ---- Unable to form snapshot $SNAPSHOT_NAME on s3" >> /var/log/messages
fi
fi
done
此脚本旨在创建30天旧索引的快照,并将它们上传到s3存储桶,然后将其删除。在进程中,它将索引快照文件上载到以索引命名的s3上的文件夹。 它运行成功,并将快照文件上传到s3存储桶。 现在当我恢复它时,我正在运行脚本:
if [ $# -lt 1 ]
then
echo "Missing argument. Please provide index name."
exit 1
fi
es_username="USERNAME"
es_password="PASSWORD"
bucket_name="elklogsireland"
index_name=$1
echo "Index Name: ${index_name}"
curl -u $es_username:$es_password -XPOST "localhost:9200/_snapshot/${bucket_name}/${index_name}-snapshot/_restore" -H 'Content-Type: application/json' -d '{
"indices": "'$index_name'",
"ignore_unavailable": "true",
"include_global_state": false
}'
它在参数中使用索引名称。 当我运行它后,返回:
{"snapshot":{"snapshot":"filebeat-2018-04-10-snapshot","indices":[],"shards":{"total":0,"failed":0,"successful":0}}}
并且索引没有实际形成。请告诉我缺少什么以及需要做些什么。