elasticsearch-5.6.15集群部署，如何部署x-pack并添加安全认证

[root@localhost ~]# java -version
openjdk version "1.8.0_382"
OpenJDK Runtime Environment (build 1.8.0_382-b05)
OpenJDK 64-Bit Server VM (build 25.382-b05, mixed mode)


[root@localhost ~]# vim /etc/hosts
192.168.6.116 elas-node1
192.167.6.84 elas-node2
192.168.6.85 elas-node3
[root@localhost ~]# scp /etc/hosts 192.168.6.84:/etc/hosts
[root@localhost ~]# scp /etc/hosts 192.168.6.85:/etc/hosts

[root@localhost ~]# hostnamectl set-hostname elas-node1
[root@localhost ~]# bash
bash
[root@elas-node1 ~]# 
2、3同理
                          
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# iptables -F

2、三台服务器创建用户、并为用户授权

bash 复制代码

[root@elas-node3 ~]# adduser es
[root@elas-node3 ~]# passwd es
更改用户 es 的密码 。
新的 密码：
无效的密码： 密码少于 8 个字符
重新输入新的 密码：
passwd：所有的身份验证令牌已经成功更新。

[root@elas-node3 ~]# chmod 777 /home/es

二、配置elasticsearch-5.6.15实例

1、官网获取elasticsearch-5.6.15.tar.gz，拉取到三台服务器

Past Releases of Elastic Stack Software | Elastichttps://www.elastic.co/cn/downloads/past-releases#elasticsearch

2、elas环境准备

bash 复制代码

#创建elas的日志和数据目录
[root@elas-node3 ~]# mkdir -p /es/data
[root@elas-node3 ~]# mkdir -p /es/logs
#解压
[root@elas-node3 ~]# tar zxf elasticsearch-5.6.15.tar.gz -C /usr/local/
#修改属主属组               
[root@elas-node3 ~]# chown -R es:es /es
[root@elas-node3 ~]# chown -R es:es /usr/local/elasticsearch-5.6.15

3、修改elasticsearch.yml配置

bash 复制代码

[root@elas-node1 ~]# vim /usr/local/elasticsearch-5.6.15/config/elasticsearch.yml 

cluster.name: my-application
node.name: node-1

path.data: /es/data
path.logs: /es/logs

network.host: 192.168.6.116

http.port: 9200

discovery.zen.ping.unicast.hosts: ["192.168.6.116", "192.168.6.84","192.168.6.85"]
bootstrap.system_call_filter: false
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.zen.minimum_master_nodes: 2

[root@elas-node1 ~]# scp /usr/local/elasticsearch-5.6.15/config/elasticsearch.yml 192.168.6.85:/usr/local/elasticsearch-5.6.15/config/elasticsearch.yml 

2、3只需要修改  
node.name为node-2/node-3
network.host，修改为自己IP即可

4、修改软、硬件线程数

bash 复制代码

[root@elas-node1 ~]# vim /etc/security/limits.conf
es soft nofile 65536
es hard nofile 65536

5、修改最大连接

bash 复制代码

[root@elas-node3 ~]# vim /etc/sysctl.conf 
vm.max_map_count=262144
[root@elas-node3 ~]#sudo sysctl -p

6、修改jvm内存

bash 复制代码

[root@elas-node3 ~]# vim /usr/local/elasticsearch-5.6.15/config/jvm.options
-Xms512m
-Xmx512m

7、所有节点启动

bash 复制代码

[root@elas-node1 ~]# su es
[es@elas-node1 root]$ cd /usr/local/elasticsearch-5.6.15/bin/
[es@elas-node1 bin]$ ./elasticsearch

[root@elas-node1 bin]# netstat -anptl |grep 9200
tcp6       0      0 192.168.6.116:9200      :::*                    LISTEN      3600/java

三、部署x-pack

1、关闭elas集群ctrl + c 后台启动的话通过ps -ef |grep elasticsearch查看PID后kill -9杀掉一样

2、三台服务器进入/bin目录下开始下载x-pack

复制代码

[root@elas-node1 ~]# cd "/usr/local/elasticsearch-5.6.15/bin"
[root@elas-node1 bin]# ./elasticsearch-plugin install x-pack
-> Downloading x-pack from elastic
[=================================================] 100%   
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@     WARNING: plugin requires additional permissions     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
* java.io.FilePermission \\.\pipe\* read,write
* java.lang.RuntimePermission accessClassInPackage.com.sun.activation.registries
* java.lang.RuntimePermission getClassLoader
* java.lang.RuntimePermission setContextClassLoader
* java.lang.RuntimePermission setFactory
* java.net.SocketPermission * connect,accept,resolve
* java.security.SecurityPermission createPolicy.JavaPolicy
* java.security.SecurityPermission getPolicy
* java.security.SecurityPermission putProviderProperty.BC
* java.security.SecurityPermission setPolicy
* java.util.PropertyPermission * read,write
* javax.net.ssl.SSLPermission setHostnameVerifier
See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html
for descriptions of what these permissions allow and the associated risks.

Continue with installation? [y/N]y
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@        WARNING: plugin forks a native controller        @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
This plugin launches a native controller that is not subject to the Java
security manager nor to system call filters.

Continue with installation? [y/N]y
-> Installed x-pack

3、因为6.7之前的elasticsearch版本x-pack安装后默认所有功能开启，直接启动服务即可

此时再登录均需要密码，默认账号：elastc 密码：changeme

不输入密码则是如上图的401错误页面

4、修改默认密码

复制代码

[root@elas-node1 ~]# curl -XPUT -u elastic:changeme 'http://192.168.6.116:9200/_xpack/security/user/elastic/_password' -H 'Content-Type: application/json' -d '{
>   "password" : "123456"
> }'
{}[root@elas-node1 ~]# echo $?
0

查询所有用户curl -XGET -u elastic 'localhost:9200/_xpack/security/user?pretty'

复制代码

[root@elas-node1 ~]# curl -XGET -u elastic '192.168.6.116:9200/_xpack/security/user?pretty'
Enter host password for user 'elastic':
{
  "elastic" : {
    "username" : "elastic",
    "roles" : [
      "superuser"
    ],
    "full_name" : null,
    "email" : null,
    "metadata" : {
      "_reserved" : true
    },
    "enabled" : true
  },
  "kibana" : {
    "username" : "kibana",
    "roles" : [
      "kibana_system"

5、本人还做了其他版本的一些x-pack部署

elasticsearch-5.5.2同5.6.15一样

elasticsearch-6.7.2已经自带x-pack插件，进入/bin目录，使用如下命令即可

复制代码

 #cd /usr/local/elasticsearch-6.7.2/bin/
 #./elasticsearch-setup-passwords  interactive

elasticsearch-6.8.x之后使用CA认证即可