一、单机部署
1、新增密码
编辑配置文件 bin/elasticsearch.yml,新增配置
Go
#开启密码验证
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true如下截图所示:
2、java应用调用ES服务
报错提示没有用户信息:
Elasticsearch exception [type=security_exception, reason=missing authentication credentials for REST request [/seproject/_search?typed_keys=true&ignore_unavailable=false&expand_wildcards=open&allow_no_indices=true&ignore_throttled=true&search_type=query_then_fetch&batched_reduce_size=512&ccs_minimize_roundtrips=true]]
3、设置一下用户及密码
ES要先启动才能设置否则报错,如下图:
启动ES:
./elasticsearch -d
设置密码:
./elasticsearch-setup-passwords interactive
4、访问需要密码,输入刚才设置的密码就正常访问
5、java程序修改,新增用户及密码,密码放到配置里
RestHighLevelClient client() {
RestClientBuilder build = RestClient.builder(createHosts()).setRequestConfigCallback(new RestClientBuilder.RequestConfigCallback() {
@Override
public RequestConfig.Builder customizeRequestConfig(RequestConfig.Builder builder) {
return builder.setConnectTimeout(5000 * 1000) // 连接超时(默认为1秒)
.setSocketTimeout(6000 * 1000);// 套接字超时(默认为30秒)//更改客户端的超时限制默认30秒现在改为100分钟
}
});
//加密码后增加
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
build.setHttpClientConfigCallback((HttpAsyncClientBuilder httpAsyncClientBuilder) -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
//加密码后增加
RestHighLevelClient restHighLevelClient = new RestHighLevelClient(build);
return restHighLevelClient;
}
5、重启java应用再次访问,正常
6、Kibana,连不上
7、配置Kibana config/kinana.yml
默认是注释掉的
elasticsearch.username: kibana
elasticsearch.password: password
8、使用刚才设置密码的用户登录
