ELK集群设置密码

libraboy2024-06-27 21:11

一、软件安装清单

elasticsearch7.17.22
logstash7.17.22
kibana:7.17.22
filebeat7.17.22
elasticsearch-head:5

二、配置

生成证书

进入elasticsearch容器

bash 复制代码

bin/elasticsearch-certutil cert -out /usr/share/elasticsearch/config/elastic-certificates.p12 -pass

将证书拷贝至其他容器后重启集群
设置密码

进入容器设置密码

bash 复制代码

bin/elasticsearch-setup-passwords interactive

设置elasticsearch

elasticsearch.yml

bash 复制代码

# 安全认证
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
http.cors.allow-headers: "Authorization"

xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

设置logstash

logstash.yml

bash 复制代码

xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: xxxxxx

logstash-filebeat.conf

bash 复制代码

output {
    # 选择elasticsearch
    elasticsearch {
        hosts => ["http://es-master:9200"]
        user => "elastic"
        password => "xxxxxx"
        index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
    }
}

设置kibana

kibana.yml

bash 复制代码

elasticsearch.username: "elastic"
elasticsearch.password: "xxxxxx"
xpack.security.enabled: true

验证

访问地址 http://kibana服务IP:5601

参考

https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-basic-setup.html