elastic开启xpack

背景

elasitcsearch 开启认证后，报DecoderException: javax.net.ssl.SSLHandshakeException: No available authentic异常，这事因为没有开启ssl 证书认证

解决

1、生成证书

备注不要输入密码，输入密码需要配置密码文件

cd $ESHOME
bin/elasticsearch-certutil ca
#一直enter

2、产生p12密钥

 bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
   #一直enter

3、生成的文件如下

image.png

4、配置

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /opt/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /opt/elasticsearch/config/certs/elastic-certificates.p12

5、分发elastic-certificates.p12文件，重启集群

6、生成密码

bin/elasticsearch-setup-passwords auto  #自动生成密码

7、kibana 配置并重启

server.port: 5601
server.host: "0.0.0.0"
server.name: "sad"
elasticsearch.hosts: ["http://data1-bigdata:9200","http://data2-bigdata:9200","http://data3-bigdata:9200"]
elasticsearch.username: "kibana"
elasticsearch.password: "QsDKGw7frvbg"

常见问题解决

1、Cluster state has not been recovered yet, cannot write to the [null] index问题

解决

#只设置一台机器即可
cluster.initial_master_nodes: ["node-1"]

2、重置密码

1.停止Elasticsearch服务

2.编辑elasticsearch.yml文件，设置以下两项为false;

 xpack.security.enabled: false
 xpack.security.transport.ssl.enabled: false


3.重启es服务，删除.security-7索引
 curl -XDELETE -u elastic:changeme http://localhost:9200/.security-7


3.关闭ES服务设置以下两项为true;
 xpack.security.enabled: true
 xpack.security.transport.ssl.enabled: true

4.重启es服务，进入es的bin目录下
 ./elasticsearch-setup-passwords interactive
 依次设置每个账号密码即可