0
点赞
收藏
分享

微信扫一扫

Elasticsearch8.0 安全认证 集群搭建

一、服务器初始化

1、vi /etc/security/limits.conf 

新增

* soft nofile 65536

* hard nofile 65536


2、vi /etc/sysctl.conf

vm.max_map_count=262144


二、证书生成

bin/elasticsearch-certutil ca

第一次回车:请确认证书输出的文件名 config/certs/elastic-stack-ca.p12

第二次回车:为证书添加密码


2.用CA证书签发节点证书

bin/elasticsearch-certutil cert --ca config/certs/elastic-stack-ca.p12

第一次回车:输入CA证书的密码

第二次会车:确认输出文件名称 config/certs/elastic-certificates.p12

第三次回车:输入节点证书密码


3.重置用户密码

bin/elasticsearch-reset-password -u elastic



修改elasticsearch.yml 配置:

cluster.name: demo
node.name: node3
#path.data: /path/to/data
#path.logs: /path/to/logs
network.host: 192.168.1.11
#http.port: 9200
discovery.seed_hosts: ["192.168.1.9", "192.168.1.10","192.168.1.11"]

http.cors.enabled: true
http.cors.allow-origin: "*"

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: none
xpack.security.transport.ssl.keystore.path: /home/wuxiaofan/elasticsearch-8.8.2/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /home/wuxiaofan/elasticsearch-8.8.2/config/certs/elastic-certificates.p12
ingest.geoip.downloader.enabled: false




举报

相关推荐

0 条评论