1、生成证书
cd /usr/share/elasticsearch/bin
./elasticsearch-certutil ca
默认回车
2、生成的/usr/share/elasticsearch/elastic-stack-ca.p12文件拷贝到每个节点的/etc/elasticsearch目录下
3、修改vim /etc/elasticsearch/elasticsearch.yml
增加以下配置
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: elastic-stack-ca.p12
修改.p12用户权限
cd /etc/elasticsearch
chown -R root:elasticsearch elastic-stack-ca.p12
chmod -R 777 elastic-stack-ca.p12
重启elasticsearch
systemctl restart elasticsearch
查看日志
tailf -200 /var/log/elasticsearch/uyes.log
4、配置密码
cd /usr/share/elasticsearch/bin
./elasticsearch-setup-passwords interactive
5、重启es各节点服务
6、修改kibana.yml
添加配置
elasticsearch.username: "elastic"
elasticsearch.password: "xxx"
遇到问题1:
Likely root cause: java.nio.file.AccessDeniedException: /etc/elasticsearch/elasticsearch.keystore.tmp
解决:
chmod -R 777 /etc/elasticsearch
然后重启服务