ann*_*nne 8 elasticsearch docker-compose elasticsearch-x-pack
我想问一下我如何才能启用身份验证(x-pack)。就我而言,我使用的是 elasticsearch v.6.2.4 的 docker 镜像。我的问题是 xpack 已安装,但它不要求提供凭据。
感谢您的帮助!
我知道在我的 kibana 中安装了 xpack,因此请在此处 输入图像描述
更新环境变量t启用true
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
这是示例,docker-compose.ymlelasticseaarch 和 kibana 文件
version: '3.4'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.16.2
container_name: elasticsearch
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
ports:
- 9200:9200
- 9300:9300
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.16.2
container_name: kibana
environment:
- ELASTICSEARCH_URL="http://elasticsearch:9200"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
links:
- elasticsearch
ports:
- 5601:5601
networks:
- elastic
depends_on:
- elasticsearch
networks:
elastic:
driver: bridge
小智 6
将elasticsearch的elasticsearch环境更改为“ELASTIC_USERNAME”和“ELASTIC_PASSWORD”:7.14.0
version: '3.4'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.14.0
container_name: elasticsearch
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
ports:
- 32769:9200
- 32770:9300
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.14.0
container_name: kibana
environment:
- ELASTICSEARCH_URL="http://elasticsearch:9200"
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=MagicWord
- xpack.security.enabled=true
links:
- elasticsearch
ports:
- 5601:5601
networks:
- elastic
depends_on:
- elasticsearch
networks:
elastic:
driver: bridge
也许我来得太晚了……但我今天遇到了这个问题,挖掘发现您不必设置用户,只需设置密码。这是 docker-compose 文件
version: '3.6'
services:
elasticsearchNode:
image: elasticsearch:$STACK_VERSION
container_name: elasticsearchNode
environment:
discovery.type: 'single-node'
ELASTIC_PASSWORD: $ELK_PASS
cluster.name: 'dockercluster'
node.name: 'node-master'
bootstrap.memory_lock: 'true'
ES_JAVA_OPTS: '-Xms512m -Xmx512m'
xpack.security.enabled: 'true'
ports:
- 9200:9200
- 9300:9300
networks:
- docker_elk_node
volumes:
esdataNode:
networks:
docker_elk_node:
和 .env 文件
COMPOSE_PROJECT_NAME=es
STACK_VERSION=7.6.0
ELK_PASS=MyPassWord
Xpack 附带的 Elasticsearch 安全功能不是免费的,有一个月的试用版,然后是付费版。
但是根据这个弹性博客,它从版本(6.8.0 和 7.1.0)开始是免费的。
我写这个答案是为了使用 docker-compose 激活免费的 Elasticsearch 安全功能。
请记住,在使用以下代码时,Kibana 和 Elasticsearch 节点都使用用户名和密码进行安全保护,因此访问 Elasticsearch 的其余客户端必须具有凭据,此答案将有所帮助。
那是我的代码:
version: '3'
services:
create_certs:
container_name: create_certs
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.0
command: >
bash -c '
if [[ ! -f ./config/certificates/elastic-certificates.p12 ]]; then
bin/elasticsearch-certutil cert -out config/certificates/elastic-certificates.p12 -pass ""
fi;
chown -R 1000:0 /usr/share/elasticsearch/config/certificates
'
user: "0"
working_dir: /usr/share/elasticsearch
volumes: ['certs:/usr/share/elasticsearch/config/certificates']
elasticsearch:
container_name: elasticsearch
depends_on: [create_certs]
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.0
environment:
- cluster.name=docker-cluster
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- ELASTIC_PASSWORD=MyPassword # password for default user: elastic
- xpack.security.enabled=true
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.keystore.path=/usr/share/elasticsearch/config/certificates/elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=/usr/share/elasticsearch/config/certificates/elastic-certificates.p12
volumes: ['esdata:/usr/share/elasticsearch/data', 'certs:/usr/share/elasticsearch/config/certificates']
ulimits:
nofile:
soft: 65536
hard: 65536
memlock:
soft: -1
hard: -1
ports:
- "9200:9200"
kibana:
container_name: kibana
depends_on: [elasticsearch]
image: docker.elastic.co/kibana/kibana:6.8.0
environment:
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=MyPassword
ports:
- "5601:5601"
volumes: {"esdata", "certs"}
| 归档时间: |
|
| 查看次数: |
13111 次 |
| 最近记录: |