ElasticSearch添加x-pack认证

1.配置ElasticSearch

编辑elasticsearch.yml

# 集群名
cluster.name: hp-application
# 节点名
node.name: Mcgrady
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
xpack.security.enabled: true

xpack.security.transport.ssl.enabled: true
# 允许外网访问
network.host: 0.0.0.0
# 设置network.host后必须添加如下配置，否则报错
cluster.initial_master_nodes: ["Mcgrady"]

设置访问密码
在bin目录下使用如下命令elasticsearch-setup-passwords interactive修改预置账号的密码
根据提示设置多组密码后完成配置

elastic：超级管理员账号
kibana：Kibana访问专用账号logstash_system：Logstash访问专用账号
beats_system：FileBeat访问专用账号apm_system：APM系统专用账号
remote_monitoring_user：远程监控账号

2.配置Kibana

编辑kibana.yml

elasticsearch.hosts: ["http://localhost:9200"]
elasticsearch.username: "elastic"
elasticsearch.password: "Zssy2020."

3.客户端使用

Kibana
重启ElasticSearch、Kianaba后访问Kiabana要求输入密码

SpringBoot ElasticSearch high level search API

elasticsearch:
  cluster-name: elasticsearch
  cluster-nodes:
    - 192.168.0.113:9200
  account:
    username: elastic
    password: Zssy2020.
  index:
    number-of-replicas: 0
    number-of-shards: 3

@Configuration
@EnableConfigurationProperties(ElasticsearchProperties.class)
public class ElasticsearchConfig {

    @Autowired
    private ElasticsearchProperties elasticsearchProperties;

    private final List httpHosts = new ArrayList<>();

    @Bean(destroyMethod = "close")
    @ConditionalOnMissingBean
    public RestHighLevelClient restHighLevelClient() {
        List clusterNodes = elasticsearchProperties.getClusterNodes();
        if (clusterNodes.isEmpty()) {
            throw new RuntimeException("集群节点不允许为空");
        }
        clusterNodes.forEach(node -> {
            try {
                String[] parts = StringUtils.split(node, ":");
                Assert.notNull(parts, "Must defined");
                Assert.state(parts.length == 2, "Must be defined as 'host:port'");
                httpHosts.add(new HttpHost(parts[0], Integer.parseInt(parts[1]), elasticsearchProperties.getSchema()));
            } catch (Exception e) {
                throw new IllegalStateException("Invalid ES nodes " + "property '" + node + "'", e);
            }
        });
        RestClientBuilder builder = RestClient.builder(httpHosts.toArray(new HttpHost[0]));
        return getRestHighLevelClient(builder, elasticsearchProperties);
    }

    /**
     * get restHistLevelClient
     */
    private static RestHighLevelClient getRestHighLevelClient(RestClientBuilder builder, ElasticsearchProperties elasticsearchProperties) {
        builder.setRequestConfigCallback(requestConfigBuilder -> {
            requestConfigBuilder.setConnectTimeout(elasticsearchProperties.getConnectTimeout());
            requestConfigBuilder.setSocketTimeout(elasticsearchProperties.getSocketTimeout());
            requestConfigBuilder.setConnectionRequestTimeout(elasticsearchProperties.getConnectionRequestTimeout());
            return requestConfigBuilder;
        });
        builder.setHttpClientConfigCallback(httpClientBuilder -> {
            httpClientBuilder.setMaxConnTotal(elasticsearchProperties.getMaxConnectTotal());
            httpClientBuilder.setMaxConnPerRoute(elasticsearchProperties.getMaxConnectPerRoute());
            return httpClientBuilder;
        });
        // 认证回调
        ElasticsearchProperties.Account account = elasticsearchProperties.getAccount();
        if (!StringUtils.isEmpty(account.getUsername()) && !StringUtils.isEmpty(account.getUsername())) {
            final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
            credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(account.getUsername(), account.getPassword()));
            builder.setHttpClientConfigCallback(httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
        }
        return new RestHighLevelClient(builder);
    }
}

4.可能出现的错误

ElasticSearch配置错误

the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured

解决办法：
放开配置 cluster.initial_master_nodes: ["node-1", "node-2"]

参考：
https://www.jianshu.com/p/428fbf37993e

ElasticSearch添加x-pack认证

1.配置ElasticSearch

2.配置Kibana

3.客户端使用

4.可能出现的错误

你可能感兴趣的:(ElasticSearch添加x-pack认证)