Elasticsearch 配置用户名和密码

最新推荐文章于 2024-09-30 17:24:32 发布

weixin_43315211

最新推荐文章于 2024-09-30 17:24:32 发布

阅读量6w

点赞数 8

分类专栏： Elasticsearch 文章标签： Elasticsearch 用户和密码

本文链接：https://blog.csdn.net/weixin_43315211/article/details/99677072

版权

Elasticsearch 专栏收录该内容

12 篇文章 1 订阅

订阅专栏

启动 Elasticsearch 程序

[elastic@console bin]$ ./elasticsearch -d
    future versions of Elasticsearch will require Java 11; your Java version from [/usr/java/jdk1.8.0_181/jre] does not meet this requirement

创建密码

[elastic@console bin]$ ./elasticsearch-setup-passwords interactive
future versions of Elasticsearch will require Java 11; your Java version from [/usr/java/jdk1.8.0_181/jre] does not meet this requirement

Unexpected response code [500] from calling GET http://192.168.108.126:9200/_security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.

ERROR: X-Pack Security is disabled by configuration.

需要设置 X-Pack

[elastic@console bin]$ vim ../config/elasticsearch.yml
	http.cors.enabled: true
	http.cors.allow-origin: "*"
	http.cors.allow-headers: Authorization
	xpack.security.enabled: true
	xpack.security.transport.ssl.enabled: true

添加密码

[elastic@console bin]$ ./elasticsearch-setup-passwords interactive
future versions of Elasticsearch will require Java 11; your Java version from [/usr/java/jdk1.8.0_181/jre] does not meet this requirement
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
Reenter password for [elastic]:
Passwords do not match.
Try again.
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

修改kibana

[root@console bin]# vim ../config/kibana.yml
	elasticsearch.username: "elastic"
	elasticsearch.password: "passwd"

修改密码

POST /_security/user/elastic/_password
{
  "password": "123456"
}

修改密码之后，需要重新设置kibana的配置文件，才可以重新使用kibana

java 连接认证

package elasticSearch.highLevelClient;

import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
import org.elasticsearch.client.RestClient;
import org.elasticsearch.client.RestClientBuilder;
import org.elasticsearch.client.RestHighLevelClient;
import org.elasticsearch.client.XPackClient;

import java.io.IOException;

/**
 * @author [tu.tengfei]
 * @description
 * @date 2019/8/10
 */
public class ESHighClient {
    public static RestHighLevelClient client;
    public static void getESClient(){

//        client = new RestHighLevelClient(RestClient.builder(
//                new HttpHost("slave01", 9200, "http"),
//                new HttpHost("master01", 9200, "http")
//        ));

        //需要用户名和密码的认证
        final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
        credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic", "passwd"));
        RestClientBuilder restClientBuilder = RestClient.builder(new HttpHost("192.168.108.126", 9200, "http"))
                .setHttpClientConfigCallback(new RestClientBuilder.HttpClientConfigCallback() {
                    @Override
                    public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpAsyncClientBuilder) {
                        return httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
                    }
                });
        client = new RestHighLevelClient(restClientBuilder);
    }

    public static void clientClose(){
        if (client!=null){
            try {
                client.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }
}