ELK开启账户密码认证详细操作
Posted 一点点积累
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ELK开启账户密码认证详细操作相关的知识,希望对你有一定的参考价值。
环境:
ElasticSearch版本:7.13.2
介绍:
kibana只是一个视图页面,真正工作的是Elasticsearch。
注意:
下边有关es的操作需要所有节点执行。
创建es节点之间SSL证书
1、在es主节点生成 elastic-stack-ca.p12文件
# ./bin/elasticsearch-certutil ca
Please enter the desired output file [elastic-stack-ca.p12]: #回车
Enter password for elastic-stack-ca.p12 : #CA证书的密码,回车
# ls
bin config data elastic-stack-ca.p12 jdk lib LICENSE.txt logs modules nohup.out NOTICE.txt plugins README.asciidoc
2、在es主节点生成 elastic-certificates.p12文件
./elasticsearch-certutil cert --ca elastic-stack-ca.p12
Enter password for CA (elastic-stack-ca.p12) : # CA证书的密码,直接回车
Please enter the desired output file [elastic-certificates.p12]: # 默认
Enter password for elastic-certificates.p12 : # 证书密码,直接回车
3、复制elastic-stack-ca.p12、elastic-certificates.p12到各节点的config目录
cp elastic-stack-ca.p12 elastic-certificates.p12 config/
4、修改elastic-stack-ca.p12 、 elastic-certificates.p12属主
# chown elk. config/elastic-certificates.p12
# chown elk. config/elastic-stack-ca.p12
5、其他节点省略......
配置es
1、修改es配置文件:elasticsearch.yml,添加如下配置,其他节点配置相同
# vim ../config/elasticsearch.yml
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
2、重启es
systemctl restart elasticsearch
3、es的bin目录下执行命令设置初始密码,会设置下边六个账户的密码
# ./elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
4、修改kibana的配置文件
# vim kibana.yml
elasticsearch.username: "kibana_system"
elasticsearch.password: "kibana_system" # 密码
5、重启kibana服务
# systemctl restart kibana
6、修改logstash配置文件
# vim /opt/logstash-7.13.2/config/new.conf
output
elasticsearch
hosts => ["xxxx:9200","xxxxxx:9200"]
index => "%[type]-%+YYYY.MM.dd"
user => "elastic" # 新增
password => "elastic" # 新增
7、重启logstash服务
# systemctl restart logstash
8、访问kibana验证
以上是关于ELK开启账户密码认证详细操作的主要内容,如果未能解决你的问题,请参考以下文章