1.服务器设置
1).需要在配置文件中开启x-pack验证, 修改config目录下面的elasticsearch.yml文件,在里面添加如下内容,并重启.
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
2).执行设置用户名和密码的命令,这里需要为4个用户分别设置密码,elastic, kibana, logstash_system,beats_system
bin/elasticsearch-setup-passwords interactive
执行上述命令后,出现下如下对话框,为默认角色设置密码。
Initiating the setup of passwords for reserved users elastic,kibana,logstash_system,beats_system.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
passwords must be at least [6] characters long
Try again.
Enter password for [elastic]:
Reenter password for [elastic]:
Passwords do not match.
Try again.
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [elastic]
3).在elasticsearch head中验证。打开es head,出现密码登录框,设置成功。
2. elasticsearch-dsl中设置
如下设置后,每次请求ES服务器都会自动带上用户名、密码。
# 方法1:
es = Elasticsearch(hosts=["http://username:password@10.73.18.240:9200"])
# 方法2
connections.create_connection(hosts=["http://username:password@10.73.18.240:9200"])
3. 心得
- elasticsearch-dsl 5.x兼容elasticsearch 6.x。
- 密码设置很简单,没那么复杂。很多东西也很简单,但是网络的教程写得过于复杂。