ElasticSearch Xpack集群认证和elasticsearch-head配置

#ES集群配置

- node.name : 各节点需要修改
- node.attr.rack: 各节点需要修改
- #bootstrap.memory_lock: true  ：建议注释，开启会出现

cluster.name: Elasticsearch-Cluster
node.name: node-111
node.attr.rack: r111
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
#bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["192.168.0.14:9300","192.168.0.111:9300","192.168.0.153:9300"]
cluster.initial_master_nodes: ["192.168.0.111","192.168.0.14","192.168.0.153"]

#Xpack集群认证

部署参考链接

RPM包安装路径为 /usr/share/elasticsearch

• 第一步 (一路回车,可不设密码)

  bin/elasticsearch-certutil ca
  

• 第二步 (一路回车,可不设密码)

  bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
  

• 第三步 拷贝至/etc/elasticsearch下（会在/usr/share/elasticsearch 目录下生成2个文件 p12结尾的文件）

  cp /usr/share/elasticsearch/*.p12 /etc/elasticsearch
  chown elasticsearch.elasticsearch /etc/elasticsearch/*.p12
  

• 第四步 修改配置文件

  [root@VM_0_111_centos ~]# vim /etc/elasticsearch/elasticsearch.yml 
  
  cluster.name: Elasticsearch-Cluster
  node.name: node-111
  node.attr.rack: r111
  path.data: /var/lib/elasticsearch
  path.logs: /var/log/elasticsearch
  #bootstrap.memory_lock: true
  network.host: 0.0.0.0
  http.port: 9200
  discovery.seed_hosts: ["192.168.0.14:9300","192.168.0.111:9300","192.168.0.153:9300"]
  cluster.initial_master_nodes: ["node-14","node-111","node-153"]
  
  
  # xpack配置 设置集群互信通信端口9300
  transport.port: 9300
  #head
  http.cors.enabled: true
  http.cors.allow-origin: "*"
  # xpack + head
  http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type  
  # 开启X-Pack的安全认证
  xpack.security.enabled: true
  # 开启X-Pack的集群内互信安全认证，与上面安全认证开关同步必开
  xpack.security.transport.ssl.enabled: true
  # 验证模式为证书模式
  xpack.security.transport.ssl.verification_mode: certificate
  # 配置证书路径
  xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
  xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
  
  
  #head配置
  http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
  

• 第五步 重启elasticsearch

  systemctl restart elasticsearch
  

• 第六步 设置用户密码

  # cd /usr/share/elasticsearch
  bin/elasticsearch-setup-passwords interactive  #y,y之后 可设置相同密码
  

• 第七步 验证

  curl -uelastic:设置的密码 -XGET http://你的ip:9200/_cluster/health?pretty
  

#elasticsearch-head配置

部署参考链接

• Node js 安装

  curl --silent --location https://rpm.nodesource.com/setup_10.x | bash -
  yum install -y nodejs
  npm config set registry https://registry.npm.taobao.org/
  npm config get registry
  

• 安装elasticsearch-head

  yum install -y git bzip2
  git clone https://github.com/mobz/elasticsearch-head.git
  cd elasticsearch-head/
  npm install 
  

• 启动访问

  #启动
  nohup npm start &
  #访问
  http://ip:9100
  #认证访问
  http://ip:9100/?auth_user=elastic&auth_password=密码
  

#报错相关

• 集群状态为red

  

  解决:

  查看索引

  curl -XGET "http://localhost:9200/_cat/indices?v"

  删除red状态的索引

  curl -XDELETE http://localhost:9200/索引名

#集群命令

• 检查集群状态

  #没设置密码
  curl -XGET "http://localhost:9200/_cluster/health?pretty=true"
  #设置密码
  curl -XGET -uelastic:elastic "http://localhost:9200/_cluster/health?pretty=true"
  

• 查看索引状态

  curl -XGET "http://localhost:9200/_cat/indices?v"
  

参考

• https://www.zhangbj.com/p/283.html
• https://www.cnblogs.com/hankuikui/p/7989927.html