为什么我的 ElasticSearch 配置不能工作?

9bfwbjaz  于 2021-06-14  发布在  ElasticSearch
关注(0)|答案(2)|浏览(483)

我正在尝试建立一个 ElasticSearch 的部署,现在它作为标准许可证的一部分是免费的。就我个人而言,我无法获得查看elasticsearch群集的服务,我也不知道为什么。
我有一个如下所示的配置文件:

elasticsearch.ssl.enabled: true
elasticsearch.ssl.verify: false

ent_search.auth.source: standard

secret_management.encryption_keys: [secret]

allow_es_settings_modification: true

elasticsearch.host: https://monitoring.internal
elasticsearch.username: elastic
elasticsearch.password: secret

当我尝试使用 curl 要从我尝试运行服务的服务器访问资源,它可以正常工作:

$ curl --user elastic:secret https://monitoring.internal -k
{
  "name" : "monitoring-es-client-0",
  "cluster_name" : "monitoring",
  "cluster_uuid" : "XXX",
  "version" : {
    "number" : "7.9.0",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "a479a2a7fce0389512d6a9361301708b92dff667",
    "build_date" : "2020-08-11T21:36:48.204330Z",
    "build_snapshot" : false,
    "lucene_version" : "8.6.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

但是,当我尝试运行企业搜索服务时,它无法完全启动,并显示一条毫无帮助的错误消息:

[2020-09-16T20:25:21.546+00:00][42859][2002][app-server][INFO]: Failed to connect to Elasticsearch backend. Make sure it is running.

诊断报告功能也没有多大帮助:

$ sudo bin/enterprise-search --diagnostic-report
Found java executable in PATH
Java version detected: 11.0.8 (major version: 11)
Enterprise Search is starting...
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.headius.backport9.modules.Modules (file:/usr/share/enterprise-search/lib/war/lib/jruby-core-9.2.9.0-complete.jar) to method sun.nio.ch.NativeThread.signal(long)
WARNING: Please consider reporting this to the maintainers of com.headius.backport9.modules.Modules
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
[2020-09-16T20:29:50.258+00:00][43020][2002][script][INFO]: Enterprise Search version=7.9.1, JRuby version=9.2.9.0, Ruby version=2.5.7, Rails version=4.2.11.3
[2020-09-16T20:29:51.158+00:00][43020][2002][script][INFO]: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[2020-09-16T20:29:51.160+00:00][43020][2002][script][ERROR]: 
--------------------------------------------------------------------------------

Error: Enterprise Search is unable to connect to Elasticsearch. Ensure a healthy Elasticsearch cluster is running at https://monitoring.internal for user elastic.

--------------------------------------------------------------------------------

我在配置文件中做错了什么?

ruyhziif

ruyhziif1#

我也犯了同样的错误。通过在config/enterprise-search.yml文件中启用以下设置,我可以让enterprisesearch与elasticsearch数据库进行对话。
我有一个pkcs12信任库,并使用以下命令提取所需的文件:

openssl pkcs12 -in elasticsearch-certificates.p12 -out outfile.crt -nokeys
openssl pkcs12 -in elasticsearch-certificates.p12 -out outfile.key -nodes -nocerts
openssl pkcs12 -in elasticsearch-certificates.p12 -cacerts -nokeys -out ca.crt

我还用了chown enterprise-search:enterprise-search on 这些文件是很好的措施。

elasticsearch.ssl.enabled: true
elasticsearch.ssl.certificate: "/usr/share/enterprise-search/outfile.crt"
elasticsearch.ssl.certificate_authority: "/usr/share/enterprise-search/ca.crt"
elasticsearch.ssl.key: "/usr/share/enterprise-search/outfile.key"
elasticsearch.ssl.key_passphrase: [key password]
elasticsearch.ssl.verify: false

您还需要一个ssl证书才能加载企业搜索网站

ent_search.ssl.enabled: true
ent_search.ssl.keystore.path: "/home/<user>/http.p12"
ent_search.ssl.keystore.password: [password]
oknrviil

oknrviil2#

看起来是一个n/w问题,我想强调的是,您的服务在本地运行良好,如curl命令所示,但可能它没有暴露在localhost之外,因此您的企业搜索无法连接它,您可以尝试将下面的配置包含到您的es中并重新启动它吗。 network.host:0.0.0.0 这将绑定到所有n/w接口,详细说明见官方文档

相关问题