elasticsearch集群设置账号密码

ES7.7以后的版本将安全认证功能免费开放了。并将X-pack插件集成了到了开源的ElasticSearch版本中。

1. 生成证书

切换到elastsearch的目录下，使用下列命令生成证书

bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""

 

2.修改配置文件，启用x-pack

vi conf/elasticsearch.yaml

xpack.security.enabled: true

xpack.security.transport.ssl.enabled: true

xpack.security.transport.ssl.verification_mode: certificate

xpack.security.transport.ssl.keystore.path: elastic-certificates.p12

xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

 

3.重启elasticsearch

./bin/elasticsearch -d  (这一步非常重要,必须启动才能新增用户名和密码);

4. 设置密码：

./elasticsearch-setup-passwords interactive

 

zftestest#2022

Changed password for user [apm_system]

Changed password for user [kibana_system]

Changed password for user [kibana]

Changed password for user [logstash_system]

Changed password for user [beats_system]

Changed password for user [remote_monitoring_user]

Changed password for user [elastic]

 

 

5.验证：

打开浏览器，输入我们的elasticsearch的网址，然后会弹出一个输入框，让我们输入账号和密码。

6.后续修改密码：

如果你觉得之前用户的密码设置的太简单了，你想修改密码可以采用如下方式:

curl -XPOST -u elastic "localhost:9200/_security/user/elastic/_password" -H 'Content-Type: application/json' -d'{"password" : "abcd1234"}'

 

7.修改kibana配置文件,config下的kibana.yml,添加如下内容

elasticsearch.username: “elastic”

elasticsearch.password: “password”

 

 

 

打开config/logstash.yml，添加下面一行代码：

xpack.monitoring.enabled: true

xpack.monitoring.elasticsearch.username: elastic

xpack.monitoring.elasticsearch.password: password

xpack.monitoring.elasticsearch.hosts: ["http://127.0.0.1:9200"]

 

output {

 

if [type]=="user" {

elasticsearch {

hosts => "127.0.0.1:9200"

user => “elastic”

password => “password”

# index名

index => "user"

# type名

document_type => "_doc"

# 需要关联的数据库中有有一个id字段，对应索引的id号

document_id => "%{id}"

}

stdout {

codec => json_lines

}

 

}

}