Amazon Elasticsearch Service (Amazon ES) 是一种托管服务,可以让您轻松在AWS云中部署、操作和扩展 Elasticsearch 集群。Elasticsearch 是一款流行的开源搜索和分析引擎,适用于日志分析、实时应用程序监控、点击流分析等使用案例。借助 Amazon ES,您可以直接访问 Elasticsearch API,让现有代码和应用程序与服务无缝协作。Amazon ES 为您的 Elasticsearch 集群预置所有资源并启动集群。它还自动检测和替换失败的 Elasticsearch 节点,减少与自管理基础设施相关的开销。您只需调用一次 API 或在控制台中单击几下就可扩展集群。

一.Amazon ES域入门

1.创建Amazon ES域

详细配置请参见文档创建和配置ElasticSearch

1.1 使用Console创建Amazon ES域
  • 进入ElasticSearch服务并选择Create Elasticsearch domain
  • Step1: Choose deployment type 选择后点击Next
    • Deployment type: Development and testing [根据情况选择即可]
    • Version: 6.7 [选最新的即可]
  • Step 2: Configure cluster 选择后点击Next
    • Elasticsearch domain name:test-domain [编写自定义ElasticSearch域名即可]
    • Instance type实例类型: 选择t2.small.elasticsearch用于测试即可
    • Number of instances实例数:选择1 [根据情况选择]
    • Dedicated master instances 用于提高域的稳定性,不必选择
    • Storage存储[为数据节点选择存储类型。如果选择EBS存储类型,请将每个节点的EBS存储大小乘以群集中的数据节点数,以计算群集可用的总存储量。存储设置不适用于群集中的任何专用主节点]
      • EBS volume type (EBS 卷类型):General Purpose (SSD) (通用型 (SSD))
      • EBS volume size (EBS 卷大小):为每个数据节点键入外部存储的大小 (GiB),选择默认10
    • Enable encryption at rest可以不选择加密
    • Automated snapshot start hour(自动快照开始时间) 选择默认即可
  • Step 3: Set up access设置访问权限
    • 为简单起见,建议使用基于 IP 的访问策略。在Set up access (设置访问权限)页面上的Network configuration (网络配置)部分中,选择Public access (公有访问权限)。
    • 目前可以忽略Kibana authentication(Kibana 身份验证)
    • Set the domain access policy to (将域访问策略设置为),选择Allow access to the domain from specific IP(s) (允许从特定 IP 访问域),然后输入公有 IP 地址
  • Step 4: Review 检查一下所有的配置,没问题点击Confirm
  • 注意:初始化新域大约需要十分钟时间。初始化您的域后,您可以上传数据和更改域。
1.2 使用AWS CLI创建Amazon ES域
aws es create-elasticsearch-domain --domain-name movies --elasticsearch-version 6.0 --elasticsearch-cluster-config InstanceType=t2.small.elasticsearch,InstanceCount=1 --ebs-options EBSEnabled=true,VolumeType=standard,VolumeSize=10 --access-policies '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":"*"},"Action":["es:*"],"Condition":{"IpAddress":{"aws:SourceIp":["your_ip_address"]}}}]}'

  • 上述命令使用 Elasticsearch 版本 6.0 创建一个名为movies的域。它指定一个t2.small.elasticsearch实例类型的实例。此实例类型需要 EBS 存储,因此它指定了一个 10GiB 的卷。最后,此命令应用基于 IP 的访问策略来将对域的访问限制为单个 IP 地址。

  • 并可以使用下述命令查询新域

    aws es describe-elasticsearch-domain --domain movies

1.2 将数据上传到Amazon ES域以便编制索引
  • 可以通过命令行使用 Elasticsearch 索引和批量处理 API 将数据上传到 Amazon Elasticsearch Service 域以便编制索引

    • 使用索引 API 添加或更新单个 Elasticsearch 文档
    • 使用批量 API 添加或更新同一 JSON 文件中所述的多个 Elasticsearch 文档
  • 编制索引流程
    • 上传单个文档到 Amazon ES 域【运行以下命令将单个文档添加到movies域】
      curl -XPUT es_endpoint/domain_name/_doc/1 -d '{"director": "Burton, Tim", "genre": ["Comedy","Sci-Fi"], "year": 1996, "actor": ["Jack Nicholson","Pierce Brosnan","Sarah Jessica Parker"], "title": "Mars Attacks!"}' -H 'Content-Type: application/json'
    • 上传包含多个文档的 JSON 文件到 Amazon ES 域
      • 创建名为bulk_movies.json的文件。将以下内容复制并粘贴到其中,并添加一个尾部换行
        { "index" : { "_index": "domain_name", "_type" : "_doc", "_id" : "2" } } {"director": "Frankenheimer, John", "genre": ["Drama", "Mystery", "Thriller"], "year": 1962, "actor": ["Lansbury, Angela", "Sinatra, Frank", "Leigh, Janet", "Harvey, Laurence", "Silva, Henry", "Frees, Paul", "Gregory, James", "Bissell, Whit", "McGiver, John", "Parrish, Leslie", "Edwards, James", "Flowers, Bess", "Dhiegh, Khigh", "Payne, Julie", "Kleeb, Helen", "Gray, Joe", "Nalder, Reggie", "Stevens, Bert", "Masters, Michael", "Lowell, Tom"], "title": "The Manchurian Candidate"} { "index" : { "_index": "domain_name", "_type" : "_doc", "_id" : "3" } } {"director": "Baird, Stuart", "genre": ["Action", "Crime", "Thriller"], "year": 1998, "actor": ["Downey Jr., Robert", "Jones, Tommy Lee", "Snipes, Wesley", "Pantoliano, Joe", "Jacob, Irène", "Nelligan, Kate", "Roebuck, Daniel", "Malahide, Patrick", "Richardson, LaTanya", "Wood, Tom", "Kosik, Thomas", "Stellate, Nick", "Minkoff, Robert", "Brown, Spitfire", "Foster, Reese", "Spielbauer, Bruce", "Mukherji, Kevin", "Cray, Ed", "Fordham, David", "Jett, Charlie"], "title": "U.S. Marshals"} { "index" : { "_index": "domain_name", "_type" : "_doc", "_id" : "4" } } {"director": "Ray, Nicholas", "genre": ["Drama", "Romance"], "year": 1955, "actor": ["Hopper, Dennis", "Wood, Natalie", "Dean, James", "Mineo, Sal", "Backus, Jim", "Platt, Edward", "Ray, Nicholas", "Hopper, William", "Allen, Corey", "Birch, Paul", "Hudson, Rochelle", "Doran, Ann", "Hicks, Chuck", "Leigh, Nelson", "Williams, Robert", "Wessel, Dick", "Bryar, Paul", "Sessions, Almira", "McMahon, David", "Peters Jr., House"], "title": "Rebel Without a Cause"}
      • 运行以下命令以将该文件上传到movies域
        curl -XPOST es_endpoint/_bulk --data-binary @bulk_movies.json -H 'Content-Type: application/json'
1.3 在 Amazon ES 域中搜索文档

要在 Amazon Elasticsearch Service 域中搜索文档,请使用 Elasticsearch 搜索 API。也可以使用Kibana在域中搜索文档。

  • 从命令行搜索文档

    • 运行以下命令在movies域中搜索单词mars:
      curl -XGET 'elasticsearch_domain_endpoint/movies/_search?q=mars'
    • 返回的内容如下
      {"took":8,"timed_out":false,"_shards":{"total":5,"successful":5,"skipped":0,"failed":0},"hits":{"total":1,"max_score":0.2876821,"hits":[{"_index":"dhrm-expensereport","_type":"_doc","_id":"1","_score":0.2876821,"_source":{"director": "Burton, Tim", "genre": ["Comedy","Sci-Fi"], "year": 1996, "actor": ["Jack Nicholson","Pierce Brosnan","Sarah Jessica Parker"], "title": "Mars Attacks!"}}]}}%
    • 从结果可以看出返回的是包含mars的document
1.4 删除 Amazon ES 域
  • 在console中选择Delete domain (删除域)选项
  • 或使用Cli删除aws es delete-elasticsearch-domain --domain-name movies

二.Amazon Elasticsearch Service 访问控制

Amazon Elasticsearch Service 提供了多种方式来控制对您的域的访问。本部分介绍了各种策略类型,其彼此交互的方式,以及如何创建您自己的自定义策略。

1.基于资源的策略