EFK中如何进行ES集群开启用户认证

2023-04-14 10:53:00 集群 开启 认证

在EFK中如何进行ES集群开启用户认证

首先,需要在EFK的配置文件中添加以下内容:

cluster.name: efk

node.name: node1

network.host: 0.0.0.0

http.port: 9200

discovery.zen.ping.unicast.hosts: ["localhost:9300"]

discovery.zen.ping.multicast.enabled: false

cluster.routing.allocation.disk.threshold_enabled: false

indices.recovery.max_bytes_per_sec: 10mb

indices.recovery.concurrent_streams: 5

indices.store.throttle.max_bytes_per_sec: 10mb

script.inline: on

script.indexed: on

script.file: on

search.default_field: message

search.max_concurrent_shard_requests: 5

index.codec: best_compression

index.number_of_replicas: 0

index.number_of_shards: 5

index.refresh_interval: 30s

index.translog.flush_threshold_ops: 20000

index.translog.flush_threshold_size: "2048mb"

index.translog.flush_threshold_period: "30m"

index.merge.policy.segments_per_tier: 10

index.merge.policy.reclaim_deletes_weight: 2.0

index.merge.policy.floor_segment: 2mb

index.merge.policy.max_merge_at_once: 10

index.merge.policy.max_merge_at_once_explicit: 30

index.merge.policy.expunge_deletes_allowed: true

index.merge.policy.index_codec: best_compression

index.unassigned.node_left.delayed_timeout: "1h"

index.blocks.read_only: true

index.routing.allocation.enable: all

index.routing.allocation.total_shards_per_node: 1

index.recovery.initial_shards: quorum

index.lifecycle.name: logstash-policy

index.lifecycle.rollover_alias: logstash

index.lifecycle.indexing_complete: delete

index.lifecycle.hot_phase:

min_age: "0h"

actions:

rollover:

max_size: "20gb"

max_docs: 10000000

index.lifecycle.warm_phase:

min_age: "12h"

actions:

forcemerge:

max_num_segments: 1

delete:

min_age: "30d"

max_age: "45d"

index.lifecycle.delete_phase:

min_age: "90d"

actions:

delete: {}

然后,使用以下命令启动ES集群:

./bin/elasticsearch -Des.config=elasticsearch.yml

启动完成后,可以使用curl命令来验证ES集群是否启动成功:

curl localhost:9200

如果返回结果如下,则表示ES集群启动成功:

{

"name" : "node1",

"cluster_name" : "efk",

"cluster_uuid" : "Q6uFa_RnRn2zKcnGGtTvzA",

"version" : {

"number" : "7.3.0",

"build_flavor" : "oss",

"build_type" : "zip",

"build_hash" : "ef3609a",

"build_date" : "2019-02-13T17:06:45.508245Z",

"build_snapshot" : false,

"lucene_version" : "8.0.0",

"minimum_wire_compatibility_version" : "6.8.0",

"minimum_index_compatibility_version" : "6.0.0-beta1"

},

"tagline" : "You Know, for Search"

}

接下来,需要为ES集群添加用户认证信息,首先需要创建一个用户信息文件,例如:

/etc/elasticsearch/users

在该文件中添加以下内容:

admin:password

user1:password1

user2:password2

然后,使用以下命令为ES集群添加用户认证信息:

./bin/elasticsearch-users useradd admin -p password

./bin/elasticsearch-users useradd user1 -p password1

./bin/elasticsearch-users useradd user2 -p password2

最后,重新启动ES集群,用户认证信息就会生效。

相关文章