1、首先确认当前Elasticsearch容器状态
bash
# 查看正在运行的容器
docker ps
# 查看所有容器(包括停止的)
docker ps -a
2、启用安全认证功能
方法A:修改配置文件(推荐)
bash
# 进入容器
docker exec -it elasticsearch bash
# 检查是否有vi/nano编辑器(如果没有需要安装)
apt-get update && apt-get install -y vim
# 编辑配置文件
vim /usr/share/elasticsearch/config/elasticsearch.yml
在配置文件中添加以下内容:
bash
xpack.security.enabled: true
xpack.security.authc.api_key.enabled: true
保存退出后重启容器:
bash
exit
docker restart elasticsearch
方法B:直接追加配置(无需进入容器)
bash
# 追加安全配置
docker exec elasticsearch sh -c "echo 'xpack.security.enabled: true' >> /usr/share/elasticsearch/config/elasticsearch.yml"
docker exec elasticsearch sh -c "echo 'xpack.security.authc.api_key.enabled: true' >> /usr/share/elasticsearch/config/elasticsearch.yml"
# 重启容器
docker restart elasticsearch
3. 设置内置用户密码
方法A:自动生成密码
bash
docker exec -it elasticsearch bash
bin/elasticsearch-setup-passwords auto
方法B:交互式设置密码
bash
docker exec -it elasticsearch bash
bin/elasticsearch-setup-passwords interactive
按照提示为以下内置用户设置密码:
-
elastic (超级用户)
-
apm_system
-
kibana_system
-
logstash_system
-
beats_system
-
remote_monitoring_user
4. 创建自定义用户(可选)
bash
# 使用elastic用户创建新用户
curl -u elastic:你设置的密码 -X POST "http://localhost:9200/_security/user/newuser" \
-H "Content-Type: application/json" \
-d '{
"password": "newpassword",
"roles": ["superuser"],
"full_name": "Custom User"
}'
5. 验证设置
bash
# 测试认证
curl -u elastic:你设置的密码 http://localhost:9200/_security/_authenticate
6. 持久化配置(重要)
为了防止容器重启后配置丢失,建议:
1、将修改后的配置文件复制到主机:
bash
docker cp elasticsearch:/usr/share/elasticsearch/config/elasticsearch.yml ./elasticsearch.yml
2、下次启动时挂载配置文件:
bash
docker run -d --name elasticsearch \
-p 9200:9200 -p 9300:9300 \
-v $(pwd)/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v es_data:/usr/share/elasticsearch/data \
-e "discovery.type=single-node" \
docker.elastic.co/elasticsearch/elasticsearch:8.12.0
常见问题解决
1、如果忘记密码:
bash
docker exec -it elasticsearch bash
bin/elasticsearch-reset-password -u elastic
2、如果容器无法启动:
检查日志:
bash
docker logs elasticsearch
3、如果遇到权限问题:
bash
docker exec elasticsearch chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/data