ElasticSearch 相关命令
[!TIP]
本篇文章是自己的学习笔记,方便以后查阅,内容不一定正确。
1.索引
# 1.创建索引,三个主分片,一个副本分片
# 请求
PUT /employee
{
"settings" : {
"number_of_shards" : 3,
"number_of_replicas" : 1
}
}
# 返回
{
"acknowledged" : true,
"shards_acknowledged" : true,
"index" : "employee"
}
# 2.查看索引
# 请求
GET employee
# 返回
{
"my_index" : {
"aliases" : { },
"mappings" : { },
"settings" : {
"index" : {
"creation_date" : "1753837064480",
"number_of_shards" : "3",
"number_of_replicas" : "1",
"uuid" : "ISAhoqR-QjOEdoClIDCdWg",
"version" : {
"created" : "7080099"
},
"provided_name" : "employee"
}
}
}
}
2.数据
2.1新增数据
# 添加数据
POST /employee/_doc/1
{
"first_name" : "John",
"last_name" : "Smith",
"age" : 25,
"about" : "I love to go rock climbing",
"interests": [ "sports", "music" ]
}
2.2查询数据
# 检索索引
GET /employee/_doc/1
# 返回
{
"_index" : "employee",
"_type" : "_doc",
"_id" : "1",
"_version" : 2,
"_seq_no" : 1,
"_primary_term" : 1,
"found" : true,
"_source" : {
"first_name" : "John",
"last_name" : "Smith",
"age" : 25,
"about" : "I love to go rock climbing",
"interests" : [
"sports",
"music"
]
}
}
# 查看所有数据
GET employee/_search
# 带条件查询
GET employee/_search?q=last_name:Smith
## 使用查询表达式
GET /employee/_search
{
"query" : {
"match" : {
"last_name" : "Smith"
}
}
}
2.3复杂查询
# 查询last_name为Smith,并且年龄大于30的
GET /employee/_search
{
"query": {
"bool": {
"must": [
{
"match": {
"last_name" : "Smith"
}
}
],
"filter": [
{
"range": {
"age": {
"gt": 30
}
}
}
]
}
}
}
# 搜索下所有喜欢攀岩(rock climbing)的员工,模糊匹配,返回包含所有关键词的员工
GET /employee/_search
{
"query": {
"match": {
"about": "rock albums"
}
}
}
# 搜索下所有喜欢攀岩(rock climbing)的员工,精准匹配字符串rock climbing
GET /employee/_search
{
"query": {
"match_phrase": {
"about": "rock climbing"
}
}
}
# 高亮索引
GET /employee/_search
{
"query": {
"match_phrase": {
"about": "rock climbing"
}
},
"highlight": {
"fields": {
"about": {}
}
}
}
# 查询聚合,查看员工的兴趣有哪些,并统计
GET /employee/_search
{
"aggs": {
"interests_type": {
"terms": { "field": "interests.keyword"}
}
}
}
# 单字段精确匹配
GET /employee/_search
{
"query": {
"term": {
"last_name.keyword": {
"value": "Smith"
}
}
}
}
# 返回字段只需要last_name和age
GET /employee/_search
{
"_source": ["last_name","age"]
}
| 关键字 | 描述 |
|---|---|
| must(and) | 相当于where 字段名1=值1 and 字段名2=值3 |
| must_not(not) | 不等于 |
| should(or) | 相当于where 字段名1=值1 or 字段名2=值3 |
| filter | range:区间, gt:大于,gte:大于等于,lt:小于,lte:小于等于 |
# 多条件复合查询
# 查询last_name=Smith and age>=10 and age<=30
GET /employee/_search
{
"query": {
"bool": {
"must": [
{
"match": {
"last_name.keyword": "Smith"
}
},
{
"match": {
"about": "rock"
}
}
],
"filter": [
{
"range": {
"age": {
"gte": 10,
"lte": 30
}
}
}
]
}
}
}
# 查询并且排序,about字段有to,并且按照age降序排序
GET /employee/_search
{
"query": {
"match": {
"about": "to"
}
},
"sort": [
{
"age": {
"order": "desc"
}
}
]
}
# 分页查询
GET /employee/_search
{
"from": 0,
"size": 1
}
2.4 删除数据
# 条件删除
DELETE /employee/_doc/1
# 条件删除
POST /employee/_delete_by_query?slices=10&wait_for_completion=false&scroll_size=1000
{
"query":{
}
}
# 返回
{
"task": "abcdefg:12345" // 用此 ID 查看任务进度
}
# 查看任务状态
GET _tasks/abcdefg:12345
# 参数 作用
# conflicts=proceed 遇到版本冲突时继续执行(默认会中止)
# refresh=true 删除后立即刷新索引(使变更可见)
# wait_for_completion=false 异步执行,返回任务 ID(适合大批量删除)
# scroll_size=1000 每次批量删除的文档数(默认 1000,可根据性能调整)
# slices=10 将任务拆分为多个子任务并行执行
# requests_per_second=100 添加限速(每秒 100 个操作)
# 任务恢复
# 列出所有任务
GET _tasks?actions=*delete*&detailed
# 取消任务
POST _tasks/<task_id>/_cancel
2.5更新数据
# 单个查询更新,更新部分字段
POST /employee/_update/1
{
"doc": {
"age":25
}
}
# 批量查询更新,将满足条件的年龄都改为28岁
POST /employee/_update_by_query
{
"query": {
"match": {
"about": "rock albums"
}
},
"script": {
"source": "ctx._source.age = 28",
"lang": "painless"
}
}
# 按照ID整个更新
POST /employee/_doc/3
{
"first_name" : "Douglas",
"last_name" : "Fir",
"age" : 35,
"about": "I like to build cabinets",
"interests": [ "forestry" ]
}
2.6 文档复制
# 将文档从一个索引复制到另一个索引
POST _reindex
{
"source": { "index": "orders_v1" },
"dest": { "index": "orders_v2" }
}
# 选择性复制文档
POST _reindex
{
"source": {
"index": "logs",
"query": {
"range": { "timestamp": { "gte": "2024-01-01" } } // 只复制2024年的数据
}
},
"dest": { "index": "logs_2024" }
}
# 异步执行(返回任务ID)
POST _reindex?wait_for_completion=false&slices=10
{
"source": { "index": "large_index" },
"dest": { "index": "large_index_new" }
}
# 查看任务进度
GET _tasks/<任务ID>
# 常见错误及解决方案
# 错误类型 解决方法
# 版本冲突(version_conflict) 添加 conflicts=proceed 参数
# 字段类型不匹配 使 用 script 转换字段类型
# 网络中断 使用 wait_for_completion=false 异步执行,通过任务API恢复
# 内存不足 减小 size 或增加 slices
3.ES集群
# 查看集群启动是否成功,请求单个节点
curl 'http://localhost:9200/?pretty'
# 返回
{
"name" : "node-1",
"cluster_name" : "cluster-es",
"cluster_uuid" : "5QYodmSnRgukp_EMKeU5TQ",
"version" : {
"number" : "7.8.0",
"build_flavor" : "default",
"build_type" : "zip",
"build_hash" : "757314695644ea9a1dc2fecd26d1a43856725e65",
"build_date" : "2020-06-14T19:35:50.234439Z",
"build_snapshot" : false,
"lucene_version" : "8.5.1",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
# 使用 HTTPS 和认证(如果启用了安全功能)
curl -u username:password 'https://<集群地址>:9200/?pretty'
# 查看集群的健康状态
# 请求
curl 'http://hadoop102:9200/_cluster/health?pretty'
# 返回
{
"cluster_name" : "cluster-es",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 3,
"number_of_data_nodes" : 3,
"active_primary_shards" : 25,
"active_shards" : 50,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}
# 使用kibana
GET _cluster/health?pretty
# 查看集群中文档的数量
# 请求返回
curl -XGET 'http://hadoop102:9200/_count?pretty' -H "Content-Type: application/json" -d '
{
"query": {
"match_all": {}
}
}
'
# 返回
{
"count" : 365,
"_shards" : {
"total" : 23,
"successful" : 23,
"skipped" : 0,
"failed" : 0
}
}
# 使用kibana
GET /_count
{
"query": {
"match_all": {}
}
}
# 更详细的集群信息
GET _cluster/health?level=indices
# 阻塞 (不给你的程序返回控制权)住直到 cluster-health 变成 green
GET _cluster/health?wait_for_status=green
# 检测所有节点
GET _nodes/stats
# 集群统计
GET _cluster/stats
# 索引统计
GET my_index/_stats
GET my_index,another_index/_stats
GET _all/_stats
# 等待中的任务
GET _cluster/pending_tasks
# GET /_cat API
/_cat/allocation
/_cat/shards
/_cat/shards/{index}
/_cat/master
/_cat/nodes
/_cat/indices
/_cat/indices/{index}
/_cat/segments
/_cat/segments/{index}
/_cat/count
/_cat/count/{index}
/_cat/recovery
/_cat/recovery/{index}
/_cat/health
/_cat/pending_tasks
/_cat/aliases
/_cat/aliases/{alias}
/_cat/thread_pool
/_cat/plugins
/_cat/fielddata
/_cat/fielddata/{fields}
4.ES集群启停脚本
#!/bin/bash
if [ $# -lt 1 ]
then
echo "No Args Input..."
exit ;
fi
case $1 in
"start")
echo " =================== 启动 elasticsearch集群 ==================="
echo " --------------- 启动 hadoop102 elasticsearch ---------------"
nohup ssh hadoop102 "cd /opt/module/elasticsearch-7.8.0; bin/elasticsearch -d"> ES.log 2>&1 &
echo " --------------- 启动 hadoop103 elasticsearch ---------------"
nohup ssh hadoop103 "cd /opt/module/elasticsearch-7.8.0; bin/elasticsearch -d"> ES.log 2>&1 &
echo " --------------- 启动 hadoop104 elasticsearch ---------------"
nohup ssh hadoop104 "cd /opt/module/elasticsearch-7.8.0; bin/elasticsearch -d"> ES.log 2>&1 &
;;
"stop")
echo " =================== 关闭 elasticsearch集群 ==================="
echo " --------------- 关闭 hadoop104 elasticsearch ---------------"
ssh hadoop104 "ps -ef 2>/dev/null | grep -v grep | grep -i org.elasticsearch.bootstrap.Elasticsearch | awk '{print $2}'|xargs kill -9" > /dev/null 2>&1
echo " --------------- 关闭 hadoop103 elasticsearch ---------------"
ssh hadoop103 "ps -ef 2>/dev/null | grep -v grep | grep -i org.elasticsearch.bootstrap.Elasticsearch | awk '{print $2}'|xargs kill -9" > /dev/null 2>&1
echo " --------------- 关闭 hadoop102 elasticsearch ---------------"
ssh hadoop102 "ps -ef 2>/dev/null | grep -v grep | grep -i org.elasticsearch.bootstrap.Elasticsearch | awk '{print $2}'|xargs kill -9" > /dev/null 2>&1
;;
*)
echo "Input Args Error..."
;;
esac
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
