项目场景:
项目使用spring-boot-starter-data-elasticsearch集成操作es,现在需要给es新增密码配置并成功连接es,项目版本写法比较老,代码耦合太多,无法升级high-level-client,只能配置transport连接
ES版本:6.8.23
springboot版本:2.0.1.RELEASE
1.配置ES
1.1 生成证书
在es项目目录bin中,运行命令
./elasticsearch-certutil ca
./elasticsearch-certutil cert --ca elastic-stack-ca.p12
会生成两个证书
elastic-cerificates.p12
elastic-stack-ca.p12
将两个文件移动到es中config文件夹
1.2 配置密码
编辑es配置文件elasticsearch.yml,新增以下配置
xpack.security.enabled: true #开启密码配置
xpack.security.transport.ssl.enabled: true #开启ssl连接
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /es/elasticsearch-6.8.23/config/elastic-certificates.p12 #证书路径
xpack.security.transport.ssl.truststore.path: /es/elasticsearch-6.8.23/config/elastic-certificates.p12 #证书路径
在es中bin目录,运行命令
./elasticsearch-setup-passwords interactive
会让你输入多个内置账户的密码,自己记录一下。这里同时修改证书路径,1.1中生成的p12证书绝对路径;
注意:这里ssl必须设置为开启状态,否则es将无法启动,报错[ Transport SSL must be enabled…]
2.java配置
2.1 java配置类
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.elasticsearch.client.Client;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.xpack.client.PreBuiltXPackTransportClient;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.elasticsearch.core.ElasticsearchTemplate;
import org.springframework.util.Assert;
import java.net.InetAddress;
@Slf4j
@Configuration
public class ElasticsearchConfig {
//连接信息改成自己的
@Value("${elasticsearch.clusterName}")
private String clusterName;
@Value("${elasticsearch.clusterNodes}")
private String clusterNodes;
//用户名:密码
@Value("${elasticsearch.clusterPassword}")
private String clusterPassword;
@Value("${elasticsearch.certPath}")
private String certPath;
static final String COLON = ":";//分号
static final String COMMA = ",";//逗号
@Bean
public Client client() throws Exception {
Settings settings = Settings.builder()
.put("cluster.name", clusterName)
.put("xpack.security.user", clusterPassword)
.put("xpack.security.enabled", true)
.put("xpack.security.transport.ssl.keystore.path", certPath)
.put("xpack.security.transport.ssl.truststore.path", certPath)
.put("xpack.security.transport.ssl.verification_mode", "certificate")
.put("xpack.security.transport.ssl.enabled", true)
.build();
PreBuiltXPackTransportClient client = new PreBuiltXPackTransportClient(settings);
for (String clusterNode : StringUtils.split(clusterNodes, COMMA)) {
String hostName = StringUtils.substringBeforeLast(clusterNode, COLON);
String port = StringUtils.substringAfterLast(clusterNode, COLON);
Assert.hasText(hostName, "[Assertion failed] missing host name in 'clusterNodes'");
Assert.hasText(port, "[Assertion failed] missing port in 'clusterNodes'");
log.info("adding transport node : " + clusterNode);
client.addTransportAddress(new TransportAddress(InetAddress.getByName(hostName), Integer.parseInt(port)));
}
return client;
}
@Bean
public ElasticsearchTemplate elasticsearchTemplate() throws Exception {
ElasticsearchTemplate elasticsearchTemplate;
try {
elasticsearchTemplate = new ElasticsearchTemplate(client());
return elasticsearchTemplate;
} catch (Exception e) {
e.printStackTrace();
return new ElasticsearchTemplate(client());
}
}
}
配置文件
elasticsearch.clusterName=my-application
elasticsearch.clusterNodes=192.168.223.132:9300
elasticsearch.clusterPassword=elastic:123456
elasticsearch.certPath=/es/elasticsearch-6.8.23/config/elastic-certificates.p12
2.2 依赖版本不对
由于es和spring-data的依赖版本不一致,导致ElasticsearchConfig中许多类没有,这里是spring-data与es的版本对应关系
重新配置依赖,需要引入transport和x-pack依赖
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>6.8.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-elasticsearch</artifactId>
<version>2.1.18.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-elasticsearch</artifactId>
<version>3.2.13.RELEASE</version>
</dependency>
<dependency>
<groupId>javax.jms</groupId>
<artifactId>javax.jms-api</artifactId>
<version>2.0.1</version>
</dependency>
<dependency>
<groupId>org.elasticsearch.plugin</groupId>
<artifactId>transport-netty4-client</artifactId>
<version>6.8.0</version>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>transport</artifactId>
<version>6.8.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.elasticsearch.client/x-pack-transport -->
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>x-pack-transport</artifactId>
<version>6.8.11</version>
</dependency>
<dependency>
<groupId>com.unboundid</groupId>
<artifactId>unboundid-ldapsdk</artifactId>
<version>3.2.0</version>
</dependency>
需要修改spring-boot版本为2.1.18
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.18.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->