ELK学习笔记(一)——使用K8S部署ElasticSearch8.15.0集群

本文主要是介绍ELK学习笔记(一)——使用K8S部署ElasticSearch8.15.0集群,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

一、下载镜像

#1、下载官方镜像
docker pull elasticsearch:8.15.0
#2、打新tag
docker tag elasticsearch:8.15.0 192.168.9.41:8088/new-erp-common/elasticsearch:8.15.0
#3、推送到私有仓库harbor
docker push 192.168.9.41:8088/new-erp-common/elasticsearch:8.15.0

二、优化宿主机配置

部署elasticsearch集群需要先优化宿主机(所有k8s节点都要优化,不优化会部署失败)

vim /etc/sysctl.conf vm.max_map_count=262144 # (用于设置 Linux 系统内核中允许用户态程序的最大内存区域数量。通过设置该参数,可以控制系统中允许映射的内存区域的最大数量,这对于一些需要大量内存映射的应用程序是很有用)sysctl -p #生效配置

三、创建工作目录

下面是搭建ES的目录一览图
在这里插入图片描述

四、准备yaml配置文件

4.1准备ConfigMap配置

创建ConfigMap配置,里面主要配置了elasticsearch.yml需要的配置

$ cat config-map-es.yaml 
apiVersion: v1
kind: ConfigMap
metadata:name: config-map-esnamespace: renpho-erp-common
data:# 下面2行不确定可不可以删除,但因为在elasticsearch.yml中配置了,所以感觉这2行可以删了network.host: "0.0.0.0"cluster.name: "es-cluster"elasticsearch.yml: |#设置集群名称cluster.name: es-cluster#设置网络访问节点【其他节点修改项】network.host: "0.0.0.0"#设置网络访问端口http.port: 9200transport.port: 9300node.roles: [ingest,master,data]#节点发现discovery.seed_hosts: ["elasticsearch-0.elasticsearch.renpho-erp-common.svc.cluster.local","elasticsearch-1.elasticsearch.renpho-erp-common.svc.cluster.local","elasticsearch-2.elasticsearch.renpho-erp-common.svc.cluster.local"]#初始化集群cluster.initial_master_nodes: ["elasticsearch-0","elasticsearch-1","elasticsearch-2"]#启用安全xpack.security.enabled: truexpack.security.enrollment.enabled: true#客户端连接加密xpack.security.http.ssl:enabled: truekeystore.path: /usr/share/elasticsearch/config/local-certs/http.p12truststore.path: /usr/share/elasticsearch/config/local-certs/http.p12#集群内节点连接加密xpack.security.transport.ssl:enabled: trueverification_mode: certificatekeystore.path: /usr/share/elasticsearch/config/local-certs/elastic-certificates.p12truststore.path: /usr/share/elasticsearch/config/local-certs/elastic-certificates.p12#必须set为true,否则kibana报错search.allow_expensive_queries: true#禁用geoip下载ingest.geoip.downloader.enabled: false

4.2准备Service及StatefulSet文件

在 Kubernetes 上搭建 Elasticsearch 集群时,通常会创建两个不同类型的 Service:一个无头服务(Headless Service)和一个普通的有头服务(ClusterIP Service)。这两种服务各有其特定的用途和作用,以下是它们的具体用途和原因:

a. 无头服务(Headless Service)
  • 作用: 无头服务是通过设置 clusterIP: None 创建的,这意味着它不会分配一个单一的集群IP地址。这种服务不会进行负载均衡,而是直接暴露其背后所有的 Pod。
  • 用途: 在 Elasticsearch 集群中,无头服务通常用于节点发现集群的状态维护。通过无头服务,每个 Elasticsearch 节点可以获得集群中其他节点的 IP 地址,从而进行节点间的通信和发现。
  • DNS 记录: 无头服务会为每个 Pod 创建一个独立的 DNS A 记录,这样,Elasticsearch 可以通过这些记录直接访问到其他节点。例如,如果有一个无头服务 elasticsearch-headless,且有三个 Pod(elasticsearch-0, elasticsearch-1, elasticsearch-2),这些 Pod 可以通过 DNS 名称 elasticsearch-0.elasticsearch-headless.namespace.svc.cluster.local 访问彼此。
b. 有头服务(ClusterIP Service)
  • 作用: 有头服务(通常称为 ClusterIP 服务)会分配一个集群内部 IP 地址,并为该地址上的端口提供负载均衡。这意味着,任何请求发送到该服务的 IP 地址时,会被分配到后端的某一个 Pod。
  • 用途: 在 Elasticsearch 集群中,有头服务通常用于外部客户端的连接和访问,例如 Kibana 或其他使用者查询 Elasticsearch 数据的应用程序。它可以提供一个单一的访问点,从而简化外部应用的连接配置。
  • 负载均衡: 通过有头服务,Kubernetes 可以在多个 Elasticsearch 节点之间进行负载均衡,确保请求均匀分布,从而提高查询性能和服务的可用性。
c. 总结
  • 无头服务:用于集群内的节点发现和通信,每个节点可以直接找到其他节点的 IP 地址,便于 Elasticsearch 集群中的主节点选举、数据复制和分片分配。
  • 有头服务:用于提供一个稳定的、负载均衡的外部访问点,让外部应用或用户可以通过一个固定的服务 IP 地址来访问 Elasticsearch 集群,而无需关心背后 Pod 的具体 IP。

通过结合使用无头服务和有头服务,可以既保持集群内部节点间的灵活通信,又提供对外部客户端的统一访问接口,这是在 Kubernetes 上部署 Elasticsearch 集群的常见模式。

$ cat deploy-es2.yaml 
#无头服务
apiVersion: v1
kind: Service
metadata:name: elasticsearchnamespace: renpho-erp-commonlabels:app: elasticsearch
spec:selector:app: elasticsearchclusterIP: Noneports:- port: 9200name: db- port: 9300name: inter
---
#有头服务
apiVersion: v1
kind: Service
metadata:name: es-nodeportnamespace: renpho-erp-commonlabels:app: elasticsearch
spec:selector:app: elasticsearchtype: NodePortports:- port: 9200name: dbnodePort: 30092- port: 9300name: inter
---
apiVersion: apps/v1
kind: StatefulSet
metadata:name: elasticsearchnamespace: renpho-erp-commonlabels:app: elasticsearch
spec:podManagementPolicy: Parallel serviceName: elasticsearchreplicas: 3selector:matchLabels:app: elasticsearchtemplate:metadata:labels:app: elasticsearchspec:containers:- name: elasticsearchimage: renpho.harbor.com/new-erp-common/elasticsearch:8.15.0imagePullPolicy: IfNotPresentsecurityContext: ##开启特权,因为要调整系统内核privileged: trueresources:limits:cpu: 1memory: 2Girequests:cpu: 0.5memory: 500Mi#command: ["/bin/sh","-c"]# args:# - |#   sleep 3600;env:- name: network.hostvalueFrom:configMapKeyRef:name: config-map-eskey: network.host- name: node.namevalueFrom:fieldRef:fieldPath: metadata.nameports:- name: dbcontainerPort: 9200protocol: TCP- name: intercontainerPort: 9300protocol: TCPvolumeMounts:- name: elasticsearch-datamountPath: /usr/share/elasticsearch/datasubPath: es-data- name: elasticsearch-datamountPath: /usr/share/elasticsearch/logssubPath: es-logs- name: elasticsearch-datamountPath: /usr/share/elasticsearch/.cachesubPath: es-cache- name: elasticsearch-datamountPath: /usr/share/elasticsearch/pluginssubPath: es-plugins- name: es-cert-file  #挂载存储目录mountPath: /usr/share/elasticsearch/config/local-certs- name: es-config  #挂载配置文件mountPath: /usr/share/elasticsearch/config/elasticsearch.ymlsubPath: elasticsearch.yml- name: host-time  #挂载本地时区mountPath: /etc/localtimereadOnly: truevolumes:- name: es-configconfigMap:name: config-map-esdefaultMode: 493 #文件权限为-rwxr-xr-x- name: es-cert-filesecret:secretName: es-certificates- name: host-timehostPath: #挂载本地时区path: /etc/localtimetype: ""volumeClaimTemplates:- metadata:name: elasticsearch-dataspec:storageClassName: ssd-nfs-storageaccessModes: [ "ReadWriteMany" ]resources:requests:storage: 50Gi

五、生成elastic集群所需的安全证书

为了方便生成证书,可以借助docker 运行 es 容器,但后进入容器内将证书生成好之后,再拷贝到宿主机备用。

##启动es容器
docker run -it -d --name es 192.168.9.41:8088/new-erp-common/elasticsearch:8.15.0
##进入容器生成证书
docker exec -it es bashelasticsearch@62d07cf8df10:~$ pwd
/usr/share/elasticsearch
5.1生成CA证书
elasticsearch@62d07cf8df10:~$ ./bin/elasticsearch-certutil ca

这里可以选择添加证书密码,如果添加密码的话,后续使用CA证书去生成其他证书都需要先校验密码
默认会在当前目录下(/usr/share/elasticsearch)生成 elastic-stack-ca.p12 这个证书文件,在实际操作中根据自己的实际情况进行调整

5.2使用CA证书生成 transport证书
elasticsearch@62d07cf8df10:~$ ./bin/elasticsearch-certutil cert --ca /usr/share/elasticsearch/elastic-stack-ca.p12

最终会生成1个elastic-certificates.p12的证书文件

5.3使用CA证书生成http证书
elasticsearch@62d07cf8df10:~$ ./bin/elasticsearch-certutil http## Elasticsearch HTTP Certificate UtilityThe 'http' command guides you through the process of generating certificates
for use on the HTTP (Rest) interface for Elasticsearch.This tool will ask you a number of questions in order to generate the right
set of files for your needs.## Do you wish to generate a Certificate Signing Request (CSR)?A CSR is used when you want your certificate to be created by an existing
Certificate Authority (CA) that you do not control (that is, you don't have
access to the keys for that CA). If you are in a corporate environment with a central security team, then you
may have an existing Corporate CA that can generate your certificate for you.
Infrastructure within your organisation may already be configured to trust this
CA, so it may be easier for clients to connect to Elasticsearch if you use a
CSR and send that request to the team that controls your CA.If you choose not to generate a CSR, this tool will generate a new certificate
for you. That certificate will be signed by a CA under your control. This is a
quick and easy way to secure your cluster with TLS, but you will need to
configure all your clients to trust that custom CA.
#是否需要证书认证请求,选n
Generate a CSR? [y/N]n## Do you have an existing Certificate Authority (CA) key-pair that you wish to use to sign your certificate?If you have an existing CA certificate and key, then you can use that CA to
sign your new http certificate. This allows you to use the same CA across
multiple Elasticsearch clusters which can make it easier to configure clients,
and may be easier for you to manage.If you do not have an existing CA, one will be generated for you.
#是否需要选择已存在得证书,选y
Use an existing CA? [y/N]y## What is the path to your CA?Please enter the full pathname to the Certificate Authority that you wish to
use for signing your new http certificate. This can be in PKCS#12 (.p12), JKS
(.jks) or PEM (.crt, .key, .pem) format.
#填入已存在ca证书路径
CA Path: /usr/share/elasticsearch/elastic-stack-ca.p12
Reading a PKCS12 keystore requires a password.
It is possible for the keystore's password to be blank,
in which case you can simply press <ENTER> at the prompt
#输入已存在证书密码,没有的话直接回车
Password for elastic-stack-ca.p12:## How long should your certificates be valid?Every certificate has an expiry date. When the expiry date is reached clients
will stop trusting your certificate and TLS connections will fail.Best practice suggests that you should either:
(a) set this to a short duration (90 - 120 days) and have automatic processes
to generate a new certificate before the old one expires, or
(b) set it to a longer duration (3 - 5 years) and then perform a manual update
a few months before it expires.You may enter the validity period in years (e.g. 3Y), months (e.g. 18M), or days (e.g. 90D)
#证书有效时间
For how long should your certificate be valid? [5y] 7y## Do you wish to generate one certificate per node?If you have multiple nodes in your cluster, then you may choose to generate a
separate certificate for each of these nodes. Each certificate will have its
own private key, and will be issued for a specific hostname or IP address.Alternatively, you may wish to generate a single certificate that is valid
across all the hostnames or addresses in your cluster.If all of your nodes will be accessed through a single domain
(e.g. node01.es.example.com, node02.es.example.com, etc) then you may find it
simpler to generate one certificate with a wildcard hostname (*.es.example.com)
and use that across all of your nodes.However, if you do not have a common domain name, and you expect to add
additional nodes to your cluster in the future, then you should generate a
certificate per node so that you can more easily generate new certificates when
you provision new nodes.
#是否每个节点都需要生成,选n,所有节点共用一个
Generate a certificate per node? [y/N]n## Which hostnames will be used to connect to your nodes?These hostnames will be added as "DNS" names in the "Subject Alternative Name"
(SAN) field in your certificate.You should list every hostname and variant that people will use to connect to
your cluster over http.
Do not list IP addresses here, you will be asked to enter them later.If you wish to use a wildcard certificate (for example *.es.example.com) you
can enter that here.Enter all the hostnames that you need, one per line.When you are done, press <ENTER> once more to move on to the next step.
#输入集群所有节点主机名
#使用 Kubernetes 中 Pod 的 DNS 名称,可以避免 Pod IP 变化带来的问题。
#DNS 名称通常是 <pod-name>.<service-name>.<namespace>.svc.cluster.local 形式的
*.elasticsearch.renpho-erp-common.svc.cluster.local
elasticsearch.renpho-erp-common.svc.cluster.local
elasticsearch.renpho-erp-common
elasticsearchYou entered the following hostnames.- *.elasticsearch.renpho-erp-common.svc.cluster.local- elasticsearch.renpho-erp-common.svc.cluster.local- elasticsearch.renpho-erp-common- elasticsearch#是否正确,选y
Is this correct [Y/n]y#输入集群所有节点ip地址,由于上面使用的是DNS名称,所以这一步不用再输入固定IP地址,直接回车
## Which IP addresses will be used to connect to your nodes?If your clients will ever connect to your nodes by numeric IP address, then you
can list these as valid IP "Subject Alternative Name" (SAN) fields in your
certificate.If you do not have fixed IP addresses, or not wish to support direct IP access
to your cluster then you can just press <ENTER> to skip this step.Enter all the IP addresses that you need, one per line.
When you are done, press <ENTER> once more to move on to the next step.You did not enter any IP addresses.#是否正确,选y
Is this correct [Y/n]y## Other certificate optionsThe generated certificate will have the following additional configuration
values. These values have been selected based on a combination of the
information you have provided above and secure defaults. You should not need to
change these values unless you have specific requirements.Key Name: elasticsearch-0.elasticsearch.renpho-erp-common.svc.cluster.local
Subject DN: CN=elasticsearch-0, DC=elasticsearch, DC=renpho-erp-common, DC=svc, DC=cluster, DC=local
Key Size: 2048
#是否修改证书配置,选n
Do you wish to change any of these options? [y/N]n#输入密码,不想设置密码直接回车。建议为空,省点麻烦,这么多证书认证已经够够的了
## What password do you want for your private key(s)?Your private key(s) will be stored in a PKCS#12 keystore file named "http.p12".
This type of keystore is always password protected, but it is possible to use a
blank password.If you wish to use a blank password, simply press <enter> at the prompt below.
Provide a password for the "http.p12" file:  [<ENTER> for none]## Where should we save the generated files?A number of files will be generated including your private key(s),
public certificate(s), and sample configuration options for Elastic Stack products.These files will be included in a single zip archive.What filename should be used for the output zip file? [/usr/share/elasticsearch/elasticsearch-ssl-http.zip] 
#证书文件保存位置
Zip file written to /usr/share/elasticsearch/elasticsearch-ssl-http.zip#解压缩刚生成得证书zip文件
elasticsearch@62d07cf8df10:~$ unzip elasticsearch-ssl-http.zip
Archive:  elasticsearch-ssl-http.zipcreating: elasticsearch/inflating: elasticsearch/README.txtinflating: elasticsearch/http.p12
...

以上完成后将在/usr/share/elasticsearch下生成一个zip压缩文件。 解压文件,生成一个文件夹,里面包含两个文件夹:
elasticsearch文件夹包含http.p12及elasticsearch.yml的配置参考;
kibana文件夹包含elasticsearch-ca.pem及kibana.yml的配置参考;

5.4生成kibana使用的安全证书

为了方便起见,顺便将kibana使用的安全证书也一起生成。除了之前生成http证书时生成的 elasticsearch-ca.pem 之外还有3个文件

kibana.crt,kibana.key,kibana.csr
下面先生成 kibana.csr,kibana.key

elasticsearch@62d07cf8df10:~$ /usr/share/elasticsearch/bin/elasticsearch-certutil csr -name kibana -dns *.elasticsearch.renpho-erp-common.svc.cluster.local -dns elasticsearch.renpho-erp-common.svc.cluster.local -dns elasticsearch.renpho-erp-common -dns elasticsearch
#执行后默认会生成 csr-bundle.zip
#解压缩后得到kibana.csr ,kibana.key,用它2生成 kibana.crt
elasticsearch@62d07cf8df10:~$ unzip csr-bundle.zip 
Archive:  csr-bundle.zipcreating: kibana/inflating: kibana/kibana.csr       inflating: kibana/kibana.key
# 生成crt文件
elasticsearch@62d07cf8df10:~$ cd kibana/
elasticsearch@62d07cf8df10:~$ openssl x509 -req -in kibana.csr -signkey kibana.key -out kibana.crt
Signature ok
subject=CN = kibana
Getting Private key
elasticsearch@62d07cf8df10:~$ ls -l
total 12
-rw-r--r-- 1 elasticsearch elasticsearch  985 Aug 29 08:32 kibana.crt
-rw-r--r-- 1 elasticsearch elasticsearch 1350 Aug 29 08:30 kibana.csr
-rw-r--r-- 1 elasticsearch elasticsearch 1679 Aug 29 08:30 kibana.key
5.4复制容器内证书到宿主机

在这里插入图片描述
另开一个窗口,使用docker cp将容器内上述生成的证书拷贝到宿主机

#在宿主机执行下列命令
##下面的证书拷贝到es的certs中,供es使用
docker cp es:/usr/share/elasticsearch/elastic-stack-ca.p12 /home/ec2-user/k8s/elk/es/certs/elastic-stack-ca.p12
docker cp es:/usr/share/elasticsearch/elastic-certificates.p12 /home/ec2-user/k8s/elk/es/certs/elastic-certificates.p12
docker cp es:/usr/share/elasticsearch/elasticsearch/http.p12 /home/ec2-user/k8s/elk/es/certs/http.p12##下面的证书拷贝到kibana的certs中,供kibana使用
docker cp es:/usr/share/elasticsearch/kibana/elasticsearch-ca.pem /home/ec2-user/k8s/elk/kibana/certs/elasticsearch-ca.pem
docker cp es:/usr/share/elasticsearch/kibana/kibana.crt /home/ec2-user/k8s/elk/kibana/certs/kibana.crt
docker cp es:/usr/share/elasticsearch/kibana/kibana.csr /home/ec2-user/k8s/elk/kibana/certs/kibana.csr
docker cp es:/usr/share/elasticsearch/kibana/kibana.key /home/ec2-user/k8s/elk/kibana/certs/kibana.key

复制完后,可以将docker容器停掉。

六、开始用K8S部署ES集群

首先,看下es目录下的文件
在这里插入图片描述

6.1将安全证书添加到Secret中
  • elastic-certificates.p12
    • 这个文件是 Elasticsearch 用于节点间加密通信的证书。
  • http.p12
    • 这是 Elasticsearch 用于 HTTP 客户端连接安全访问的证书。
##创建命名空间
kubectl create namespace renpho-erp-common
##执行下列命令创建Secret
kubectl create secret generic es-certificates \--from-file=/home/ec2-user/k8s/elk/es/certs/elastic-certificates.p12 \--from-file=/home/ec2-user/k8s/elk/es/certs/http.p12 \-n renpho-erp-common
##查看Secret
kubectl get secret -n renpho-erp-common

在这里插入图片描述

6.2运行ES集群

依次执行下列命令

#ES配置文件创建
kubectl apply -f config-map-es.yaml
#ES Service,StatefulSet创建
kubectl apply -f delpoy-es2.yaml
#查看运行状态
kubectl get pod -n renpho-erp-common|grep elastic

在这里插入图片描述

浏览器输入:https://192.168.6.220:30092,检查服务是否部署成功
在这里插入图片描述
浏览器输入:192.168.6.220:30092/_cat/nodes?v,检查elasticsearch集群是否正常
在这里插入图片描述
浏览器输入:https://192.168.6.220:30092/_cluster/state/master_node,nodes?pretty,检查elasticsearch集群详情
在这里插入图片描述
到此,使用K8s部署ElasticSearch成功!

部署过程中遇到很多问题,感谢下面博主给出的参考,参考链接

ElasticSearch 8.12.0 K8S部署实践【超详细】【一站式】

Elasticsearch8.11集群部署

k8s集群部署elk

这篇关于ELK学习笔记(一)——使用K8S部署ElasticSearch8.15.0集群的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!



http://www.chinasem.cn/article/1134126

相关文章

vue使用docxtemplater导出word

《vue使用docxtemplater导出word》docxtemplater是一种邮件合并工具,以编程方式使用并处理条件、循环,并且可以扩展以插入任何内容,下面我们来看看如何使用docxtempl... 目录docxtemplatervue使用docxtemplater导出word安装常用语法 封装导出方

Linux换行符的使用方法详解

《Linux换行符的使用方法详解》本文介绍了Linux中常用的换行符LF及其在文件中的表示,展示了如何使用sed命令替换换行符,并列举了与换行符处理相关的Linux命令,通过代码讲解的非常详细,需要的... 目录简介检测文件中的换行符使用 cat -A 查看换行符使用 od -c 检查字符换行符格式转换将

使用Jackson进行JSON生成与解析的新手指南

《使用Jackson进行JSON生成与解析的新手指南》这篇文章主要为大家详细介绍了如何使用Jackson进行JSON生成与解析处理,文中的示例代码讲解详细,感兴趣的小伙伴可以跟随小编一起学习一下... 目录1. 核心依赖2. 基础用法2.1 对象转 jsON(序列化)2.2 JSON 转对象(反序列化)3.

使用Python实现快速搭建本地HTTP服务器

《使用Python实现快速搭建本地HTTP服务器》:本文主要介绍如何使用Python快速搭建本地HTTP服务器,轻松实现一键HTTP文件共享,同时结合二维码技术,让访问更简单,感兴趣的小伙伴可以了... 目录1. 概述2. 快速搭建 HTTP 文件共享服务2.1 核心思路2.2 代码实现2.3 代码解读3.

Elasticsearch 在 Java 中的使用教程

《Elasticsearch在Java中的使用教程》Elasticsearch是一个分布式搜索和分析引擎,基于ApacheLucene构建,能够实现实时数据的存储、搜索、和分析,它广泛应用于全文... 目录1. Elasticsearch 简介2. 环境准备2.1 安装 Elasticsearch2.2 J

使用C#代码在PDF文档中添加、删除和替换图片

《使用C#代码在PDF文档中添加、删除和替换图片》在当今数字化文档处理场景中,动态操作PDF文档中的图像已成为企业级应用开发的核心需求之一,本文将介绍如何在.NET平台使用C#代码在PDF文档中添加、... 目录引言用C#添加图片到PDF文档用C#删除PDF文档中的图片用C#替换PDF文档中的图片引言在当

Java中List的contains()方法的使用小结

《Java中List的contains()方法的使用小结》List的contains()方法用于检查列表中是否包含指定的元素,借助equals()方法进行判断,下面就来介绍Java中List的c... 目录详细展开1. 方法签名2. 工作原理3. 使用示例4. 注意事项总结结论:List 的 contain

C#使用SQLite进行大数据量高效处理的代码示例

《C#使用SQLite进行大数据量高效处理的代码示例》在软件开发中,高效处理大数据量是一个常见且具有挑战性的任务,SQLite因其零配置、嵌入式、跨平台的特性,成为许多开发者的首选数据库,本文将深入探... 目录前言准备工作数据实体核心技术批量插入:从乌龟到猎豹的蜕变分页查询:加载百万数据异步处理:拒绝界面

Android中Dialog的使用详解

《Android中Dialog的使用详解》Dialog(对话框)是Android中常用的UI组件,用于临时显示重要信息或获取用户输入,本文给大家介绍Android中Dialog的使用,感兴趣的朋友一起... 目录android中Dialog的使用详解1. 基本Dialog类型1.1 AlertDialog(

Python使用自带的base64库进行base64编码和解码

《Python使用自带的base64库进行base64编码和解码》在Python中,处理数据的编码和解码是数据传输和存储中非常普遍的需求,其中,Base64是一种常用的编码方案,本文我将详细介绍如何使... 目录引言使用python的base64库进行编码和解码编码函数解码函数Base64编码的应用场景注意