1、生成ssl通信证书
bin/elasticsearch-certutil ca
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
2、elasticsearch.yml配置文件
cluster.name: center # 集群名
node.name: centerES01 # 节点名
network.host: 0.0.0.0
http.port: 9200 # 端口
transport.port: 9300
# 使用一组符合主节点条件的初始节点引导集群
cluster.initial_master_nodes: ["centerES01"]
# 节点发现
discovery.seed_hosts: ["centerES01","centerES02","centerES03"]
# 在集群中设置节点角色
node.master: true # 是否为主节点
node.data: true # 是否存储数据
node.ingest: true # 是否允许节点进行数据摄取
xpack.ml.enabled: false
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /home/es/elasticsearch/config/sslkey/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /home/es/elasticsearch/config/sslkey/elastic-certificates.p12
xpack.security.transport.ssl.keystore.password: 123456
xpack.security.transport.ssl.truststore.password: 123456
ingest.geoip.downloader.enabled: false
3、配置elastic密码
在保证ES成功启动后。在bin目录下执行./elasticsearch-setup-passwords interactive
按照提示输入密码。
建议密码一致。
4、在浏览器中访问
ip:9200/_cat/nodes?v