娃哈哈好喝如果elasticsearch部署在公网,很有必要做访问控制,如果被别人撞库了就好玩了。
1、需要在配置文件中开启x-pack验证
修改config目录下面的elasticsearch.yml文件,在里面添加如下内容
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
保存重启服务。
2、设置密码
需要借助elasticsearch提供的工具。如果你是yum安装可以参照下面的这个路径
[root@nginx bin]# pwd
/usr/share/elasticsearch/bin
[root@nginx bin]#
[root@nginx bin]# ./elasticsearch-setup-passwords interactive
如果出现这样的错误:
Unexpected response code [503] from calling PUT http://192.168.6.10:9200/_security/user/apm_system/_password?pretty
Cause: Cluster state has not been recovered yet, cannot write to the [null] index
Possible next steps:
* Try running this tool again.
* Try running with the --verbose parameter for additional messages.
* Check the elasticsearch logs for additional error details.
* Use the change password API manually.
不要慌,这个坑我也踩了,解决办法很简单,删除集群的信息,重启服务搞定,集群信息默认在这里:
[root@server1 elasticsearch]# pwd
/var/lib/elasticsearch
[root@server1 elasticsearch]# ls
nodes
[root@server1 elasticsearch]#
将nodes删除重启服务即可,放心数据是不会丢的,这只是保存集群节点信息,服务重启后会自动又生成。
3、修改密码的方法
curl -H "Content-Type:application/json" -XPOST -u elastic 'http://192.168.6.10:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'