elasticsearch 7.7 add user name and password authentication

1. First of all, I do not need to install x-pack separately when the ES version of single instance and single node is 7.7

{
  "name" : "node-1",
  "cluster_name" : "myes",
  "cluster_uuid" : "OGiYluA_Sxynl2bXl1TcbQ",
  "version" : {
    "number" : "7.7.0",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "81a1e9eda8e6183f5237786246f6dced26a10eaf",
    "build_date" : "2020-05-12T02:01:37.602180Z",
    "build_snapshot" : false,
    "lucene_version" : "8.5.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

2. Use es built-in tool to create password

Output environment variables first

export PATH=/usr/share/elasticsearch/bin/:$PATH

3. First of all, if your es node is running, then run elastic search setup passwords interactive to guide you to set the passwords of various components, which will be used later

[root@iZwz9hvxttbua2na4zhmvqZ ~]# elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]: 
Reenter password for [elastic]: 
Enter password for [apm_system]: 
Reenter password for [apm_system]: 
Enter password for [kibana]: 
Reenter password for [kibana]: 
Enter password for [logstash_system]: 
Reenter password for [logstash_system]: 
Enter password for [beats_system]: 
Reenter password for [beats_system]: 
Enter password for [remote_monitoring_user]: 
Reenter password for [remote_monitoring_user]: 
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

4. Modify ES configuration

[root@iZwz9hvxttbua2na4zhmvqZ ~]# cat /etc/elasticsearch/elasticsearch.yml |grep -v "^#"
cluster.name: myes
node.name: node-1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
xpack.security.enabled: true   #In fact, this item has been added
discovery.type: single-node

5. To restart es node to access 9200, you need a password, as shown in the figure below

6. kinaba open access password

[root@iZwz9hvxttbua2na4zhmvqZ ~]# cat /etc/kibana/kibana.yml |grep -v "^#" |grep -v "^$"
server.host: "0.0.0.0"
elasticsearch.hosts: ["http://localhost:9200"]
elasticsearch.username: "kibana"
elasticsearch.password: "*******"  #Here is the kibana password set
i18n.locale: "zh-CN"

Access after restart

Error 403. Note that here I use the kibana user to access the google search and say that I want to use the elastic user

View users in kibana

You can also create users

complete

Keywords: Operation & Maintenance ElasticSearch RPM network Google

Added by bimo on Mon, 18 May 2020 17:24:39 +0300

Popular Keywords

©2024 Programming VIP