Elasticsearch7开启x-pack验证
前言
在Elasticsearch7.3,x-pack已经作为默认的插件集成在Elasticsearch里面了,所以无需在bin/elasticsearch-plugin install x-pack
了,直接在配置文件中启用就可以了。
[root@localhost bin]# ./elasticsearch-plugin install x-pack
ERROR: this distribution of Elasticsearch contains X-Pack by default
开启x-pack
参考官方文档,开启x-pack只需要在elasticsearch的配置文件elasticsearch.yml文件中新增如下配置即可:
开启x-pack安全验证(老版本)
xpack.security.audit.enabled: true
xpack.license.self_generated.type: basic
# 如果是basic license的话需要加入下面这一行,不然的话restart elasticsearch之后会报错。
xpack.security.transport.ssl.enabled: true
开启x-pack安全验证(7.9.2)
Verify that the xpack.security.enabled
setting is true on each node in your cluster. If you are using basic or trial licenses, the default value is false. For more information, see Security settings.
官方说licenses是basic的话xpack.security.enabled是false的,需要手动打开。
xpack.security.enabled:true
启用trial license(30天试用)
[root@es01 elasticsearch]# curl -H "Content-Type:application/json" -XPOST http://172.30.255.251:9200/_xpack/license/start_trial?acknowledge=true
{"acknowledged":true,"trialbin/elasticsearch-plugin install heartbeat
设置密码
[root@elk elasticsearch]# bin/elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users
elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
密码设置完成后需要在相对应的服务中增加elasticsearch的账号密码,例如kibana、logstash。
kibana设置:
elasticsearch.username: "elastic"
elasticsearch.password: "123456"
测试
curl -XGET -u "elastic:123456" http://192.168.115.211:9200/_cat/indices
green open .kibana_task_manager aA2f1cDOSU6nqCx9P-hFPQ 1 0 2 4 45.1kb 45.1kb
green open .security-7 kLzahwFyQ2aep2EzmrdLrQ 1 0 44 0 88.2kb 88.2kb
yellow open con_error ku-d1jaQQ8q9eNLSYZAKow 1 1 63023 6368 47mb 47mb
yellow open alive_ip p9EgMpYEQLabuke05CBMKA 1 1 6538723 1279843 706.5mb 706.5mb
green open .kibana_1 qc9bm_m7TqiH53JHGxXXww 1 0 19 4 83.6kb 83.6kb
- 修订时间:2020年10月21日
- 上一篇: pycharm不自动提示代码
- 下一篇: Grafana重置admin密码