ElasticSearch 6.5.1 添加用户名和密码

需求

设置ElasticSearch的用户名和密码，禁止非法用户访问。

程序版本

elasticsearch-6.5.1
kibana-6.5.1-linux-x86_64

流程

1. 无验证模式下启动es

2. 生成license

curl -H “Content-Type:application/json” -XPOST http://${ip}:9200/_xpack/license/start_trial?acknowledge=true

3. 修改elasticsearch.yml配置文件

xpack.security.enabled: true
http.cors.enabled: true
http.cors.allow-origin: “*”
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type

4. 重启ES

5. 设置初始密码

执行./elasticsearch-setup-passwords auto，出现以下内容：

Your cluster health is currently RED.
This means that some cluster data is unavailable and your cluster is not fully functional.

It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.

Do you want to continue with the password setup process [y/N]y

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y


Changed password for user apm_system
PASSWORD apm_system = sBDDWGcsyU0TBAU06XfC

Changed password for user kibana
PASSWORD kibana = oR9c9ukI4PxEU96G3wAL

Changed password for user logstash_system
PASSWORD logstash_system = yEWme53Vus5161arv2IU

Changed password for user beats_system
PASSWORD beats_system = f9tz8kr1wUWdxkTV3JlA

Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = AuImHAVfsqnqptCv7L7x

Changed password for user elastic
PASSWORD elastic = hE2ZIl3DP8T5ZBU9o4u7

6. 修改密码

执行 curl -XPOST http://${ip}:9200/_xpack/security/user/elastic/_password?pretty -H “Content-Type:application/json” -d ‘{ “password” : “your password”}’ -u elastic

输入上边生成的密码：hE2ZIl3DP8T5ZBU9o4u7

执行完后出现以下结果代表修改成功
Enter host password for user ‘elastic’:
{ }

7. 修改kibana的kibana.yml配置，添加es用户名和密码

elasticsearch.username: “elastic”
elasticsearch.password: “your password”

结果验证

登录kibana，输入es的用户名和密码，可以查看当前用户和添加/修改用户信息。

附件

stop.sh脚本

#!/bin/bash
ps -ef |grep Elasticsearch |grep -v grep
pid=`ps -ef |grep Elasticsearch |grep -v grep |awk '{print $2}'`
if [ -z $pid ]; then
echo no program...
else
kill -9 $pid
fi

start.sh脚本

#!/bin/bash
su elk -l -c "cd /{dir}/elasticsearch-6.5.1/bin && ./elasticsearch -d"

其他

es的验证信息是保存到本地文件的，和数据目录一样。所以，如果需要重新部署环境，把数据目录删除，然后按照上述步骤重新设置验证信息即可。

最后

以上就是细心大炮为你收集整理的ElasticSearch 6.5.1 添加用户名和密码的全部内容，希望文章能够帮你解决ElasticSearch 6.5.1 添加用户名和密码所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错，欢迎将靠谱客网站推荐给程序员好友。