The Google Compute Engine Discovery plugin uses the GCE API to identify the addresses of seed hosts.
Google Compute Engine VM discovery allows to use the google APIs to perform automatic discovery of seed hosts. Here is a simple sample configuration:
cloud:
gce:
project_id: <your-google-project-id>
zone: <your-zone>
discovery:
seed_providers: gceThe following gce settings (prefixed with cloud.gce) are supported:
project_id-
Your Google project id. By default the project id will be derived from the instance metadata.
Note: Deriving the project id from system properties or environment variables (`GOOGLE_CLOUD_PROJECT` or `GCLOUD_PROJECT`) is not supported.
zone-
helps to retrieve instances running in a given zone. It should be one of the GCE supported zones. By default the zone will be derived from the instance metadata. See also Using GCE zones.
retry-
If set to
true, client will use ExponentialBackOff policy to retry the failed http request. Defaults totrue. max_wait-
The maximum elapsed time after the client instantiating retry. If the time elapsed goes past the
max_wait, client stops to retry. A negative value means that it will wait indefinitely. Defaults to0s(retry indefinitely). refresh_interval-
How long the list of hosts is cached to prevent further requests to the GCE API.
0sdisables caching. A negative value will cause infinite caching. Defaults to0s.
|
Important
|
Binding the network host
It’s important to define You can use {ref}/modules-network.html[core network host settings] or gce specific host settings: |
When the discovery-gce plugin is installed, the following are also allowed
as valid network host settings:
| GCE Host Value | Description |
|---|---|
|
The private IP address of the machine for a given network interface. |
|
The hostname of the machine. |
|
Same as |
Examples:
# get the IP address from network interface 1
network.host: _gce:privateIp:1_
# Using GCE internal hostname
network.host: _gce:hostname_
# shortcut for _gce:privateIp:0_ (recommended)
network.host: _gce_Before starting, you need:
-
Your project ID, e.g.
es-cloud. Get it from Google API Console. -
To install Google Cloud SDK
If you did not set it yet, you can define your default project you will work on:
gcloud config set project es-cloudIf you haven’t already, login to Google Cloud
gcloud auth loginThis will open your browser. You will be asked to sign-in to a Google account and authorize access to the Google Cloud SDK.
gcloud compute instances create myesnode1 \
--zone <your-zone> \
--scopes compute-rwWhen done, a report like this one should appears:
Created [https://www.googleapis.com/compute/v1/projects/es-cloud-1070/zones/us-central1-f/instances/myesnode1].
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
myesnode1 us-central1-f n1-standard-1 10.240.133.54 104.197.94.25 RUNNINGYou can now connect to your instance:
# Connect using google cloud SDK
gcloud compute ssh myesnode1 --zone europe-west1-a
# Or using SSH with external IP address
ssh -i ~/.ssh/google_compute_engine 192.158.29.199|
Important
|
Service Account Permissions
It’s important when creating an instance that the correct permissions are set. At a minimum, you must ensure you have: Failing to set this will result in unauthorized messages when starting Elasticsearch. See Machine Permissions. |
Once connected, {ref}/install-elasticsearch.html[install {es}].
Install the plugin:
# Use Plugin Manager to install it
sudo bin/elasticsearch-plugin install discovery-gceOpen the elasticsearch.yml file:
sudo vi /etc/elasticsearch/elasticsearch.ymlAnd add the following lines:
cloud:
gce:
project_id: es-cloud
zone: europe-west1-a
discovery:
seed_providers: gceStart Elasticsearch:
sudo systemctl start elasticsearchIf anything goes wrong, you should check logs:
tail -f /var/log/elasticsearch/elasticsearch.logIf needed, you can change log level to trace by opening log4j2.properties:
sudo vi /etc/elasticsearch/log4j2.propertiesand adding the following line:
# discovery
logger.discovery_gce.name = discovery.gce
logger.discovery_gce.level = traceIn order to build a cluster on many nodes, you can clone your configured instance to new nodes. You won’t have to reinstall everything!
First create an image of your running instance and upload it to Google Cloud Storage:
# Create an image of your current instance
sudo /usr/bin/gcimagebundle -d /dev/sda -o /tmp/
# An image has been created in `/tmp` directory:
ls /tmp
e4686d7f5bf904a924ae0cfeb58d0827c6d5b966.image.tar.gz
# Upload your image to Google Cloud Storage:
# Create a bucket to hold your image, let's say `esimage`:
gsutil mb gs://esimage
# Copy your image to this bucket:
gsutil cp /tmp/e4686d7f5bf904a924ae0cfeb58d0827c6d5b966.image.tar.gz gs://esimage
# Then add your image to images collection:
gcloud compute images create elasticsearch-2-0-0 --source-uri gs://esimage/e4686d7f5bf904a924ae0cfeb58d0827c6d5b966.image.tar.gz
# If the previous command did not work for you, logout from your instance
# and launch the same command from your local machine.As you have now an image, you can create as many instances as you need:
# Just change node name (here myesnode2)
gcloud compute instances create myesnode2 --image elasticsearch-2-0-0 --zone europe-west1-a
# If you want to provide all details directly, you can use:
gcloud compute instances create myesnode2 --image=elasticsearch-2-0-0 \
--zone europe-west1-a --machine-type f1-micro --scopes=compute-rwYou can use Google Cloud Console or CLI to manage your instances:
# Stopping and removing instances
gcloud compute instances delete myesnode1 myesnode2 \
--zone=europe-west1-a
# Consider removing disk as well if you don't need them anymore
gcloud compute disks delete boot-myesnode1 boot-myesnode2 \
--zone=europe-west1-acloud.gce.zone helps to retrieve instances running in a given zone. It should be one of the
GCE supported zones.
The GCE discovery can support multi zones although you need to be aware of network latency between zones.
To enable discovery across more than one zone, just enter add your zone list to cloud.gce.zone setting:
cloud:
gce:
project_id: <your-google-project-id>
zone: ["<your-zone1>", "<your-zone2>"]
discovery:
seed_providers: gceThe GCE discovery can also filter machines to include in the cluster based on tags using discovery.gce.tags settings.
For example, setting discovery.gce.tags to dev will only filter instances having a tag set to dev. Several tags
set will require all of those tags to be set for the instance to be included.
One practical use for tag filtering is when a GCE cluster contains many nodes that are not master-eligible {es} nodes. In this case, tagging the GCE instances that are running the master-eligible {es} nodes, and then filtering by that tag, will help discovery to run more efficiently.
Add your tag when building the new instance:
gcloud compute instances create myesnode1 --project=es-cloud \
--scopes=compute-rw \
--tags=elasticsearch,devThen, define it in elasticsearch.yml:
cloud:
gce:
project_id: es-cloud
zone: europe-west1-a
discovery:
seed_providers: gce
gce:
tags: elasticsearch, devBy default, Elasticsearch GCE plugin assumes that you run Elasticsearch on 9300 default port.
But you can specify the port value Elasticsearch is meant to use using google compute engine metadata es_port:
Add --metadata es_port=9301 option:
# when creating first instance
gcloud compute instances create myesnode1 \
--scopes=compute-rw,storage-full \
--metadata es_port=9301
# when creating an instance from an image
gcloud compute instances create myesnode2 --image=elasticsearch-1-0-0-RC1 \
--zone europe-west1-a --machine-type f1-micro --scopes=compute-rw \
--metadata es_port=9301If you don’t want to repeat the project id each time, you can save it in the local gcloud config
gcloud config set project es-cloudIf you have created a machine without the correct permissions, you will see 403 unauthorized error messages. To change machine permission on an existing instance, first stop the instance then Edit. Scroll down to Access Scopes to change permission. The other way to alter these permissions is to delete the instance (NOT THE DISK). Then create another with the correct permissions.
- Creating machines with gcloud
-
Ensure the following flags are set:
--scopes=compute-rw - Creating with console (web)
-
When creating an instance using the web console, scroll down to Identity and API access.
Select a service account with the correct permissions or choose Compute Engine default service account and select Allow default access for Access scopes.
- Creating with knife google
-
Set the service account scopes when creating the machine:
knife google server create www1 \ -m n1-standard-1 \ -I debian-8 \ -Z us-central1-a \ -i ~/.ssh/id_rsa \ -x jdoe \ --gce-service-account-scopes https://www.googleapis.com/auth/computeOr, you may use the alias:
--gce-service-account-scopes compute-rw
Integrations tests in this plugin require working GCE configuration and therefore disabled by default. To enable tests prepare a config file elasticsearch.yml with the following content:
cloud:
gce:
project_id: es-cloud
zone: europe-west1-a
discovery:
seed_providers: gceReplace project_id and zone with your settings.
To run test:
mvn -Dtests.gce=true -Dtests.config=/path/to/config/file/elasticsearch.yml clean test