千家信息网

怎么免费使用Open Distro for Elasticsearch

发表于:2024-11-25 作者:千家信息网编辑
千家信息网最后更新 2024年11月25日,Elasticsearch简介Elasticsearch是一个基于Lucene的搜索服务器。它提供了一个分布式多用户能力的全文搜索引擎,基于RESTful web接口。Elasticsearch是用J
千家信息网最后更新 2024年11月25日怎么免费使用Open Distro for Elasticsearch

Elasticsearch简介

Elasticsearch是一个基于Lucene的搜索服务器。它提供了一个分布式多用户能力的全文搜索引擎,基于RESTful web接口。Elasticsearch是用Java语言开发的,并作为Apache许可条款下的开放源码发布,是一种流行的企业级搜索引擎。Elasticsearch用于云计算中,能够达到实时搜索,稳定,可靠,快速,安装使用方便。

Open Distro for Elasticsearch简介

Open Distro for Elasticsearch是AWS开源版本的ELK架构,原来Elasticsearch中部分需要付费的功能可以免费使用(如Alert),对于我等追求开(mian)源(fei)的大(diao)众(si)用户来说,确实是一个不错的选择。

按照其安装步骤安装好后可以使用默认密码admin:admin登录,但修改这个默认密码却不容易,翻遍全网,汇总如下,供有需要的同学参考:


第一步:生成新的Admin密码Hash

#Create Hashes for Your admin

sudo chmod +x /usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh

/bin/bash -c /usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh


7-mDj5=

$2y$12$tOoM6Wz.elENbw23EZfqL.CSrd7giB/5yKQQ0YWq8ZSwfXJPBEq8m


第二步:将上一步生成的密码Hash记录下来,编辑internal_users.yml(编辑前请备份)

#Create a Local, Modified Copy of internal_users.yml, then replace with the new admin hash

cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/

sudo cp internal_users.yml internal_users.yml.backup

sudo vim internal_users.yml


第三步:执行命令让elasticsearch更新密码

#to reflect the changes, run below commands,

#https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/security-admin/

cd /usr/share/elasticsearch/plugins/opendistro_security/tools/


sudo bash ./securityadmin.sh -cd ../securityconfig/ -icl -nhnv -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/kirk.pem -key /etc/elasticsearch/kirk-key.pem


以前三步完成就可以使用新的密码登录Kibana了,API调用也可以使用新密码进行认证了,用原密码再认证会提示Unauthorized.


最后一步执行成功后会输出如下内容

WARNING: JAVA_HOME not set, will use /usr/bin/java

Open Distro Security Admin v7

Will connect to localhost:9300 ... done

Connected as CN=kirk,OU=client,O=client,L=test,C=de

Elasticsearch Version: 7.3.2

Open Distro Security Version: 1.3.0.0

Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...

Clustername: 8zcl5szk

Clusterstate: YELLOW

Number of nodes: 1

Number of data nodes: 1

.opendistro_security index already exists, so we do not need to create one.

Populate config from /usr/share/elasticsearch/plugins/opendistro_security/securityconfig

Will update '_doc/config' with ../securityconfig/config.yml

SUCC: Configuration for 'config' created or updated

Will update '_doc/roles' with ../securityconfig/roles.yml

SUCC: Configuration for 'roles' created or updated

Will update '_doc/rolesmapping' with ../securityconfig/roles_mapping.yml

SUCC: Configuration for 'rolesmapping' created or updated

Will update '_doc/internalusers' with ../securityconfig/internal_users.yml

SUCC: Configuration for 'internalusers' created or updated

Will update '_doc/actiongroups' with ../securityconfig/action_groups.yml

SUCC: Configuration for 'actiongroups' created or updated

Will update '_doc/tenants' with ../securityconfig/tenants.yml

SUCC: Configuration for 'tenants' created or updated

Done with success




0