如何对安全的elasticsearch执行curl命令(在openshift命名空间openshift logging中运行elasticsearch)

ldxq2e6h  于 2021-06-15  发布在  ElasticSearch
关注(0)|答案(1)|浏览(505)

我已经在openshift集群的openshift日志命名空间中安装了elasticsearch。我可以使用承载令牌执行curl-to-elasticsearch,现在我想使用tls证书执行curl-to-elasticsearch。
使用oc exec oc exec elasticsearch-cdm -- curl -tlsv1.2 --insecure -H "Authorization: Bearer $(token)" "https://172.30.245.25:9200/_cat/health" curl使用承载令牌处理elasticsearch服务路由 curl -tlsv1.2 --cacert -H "Authorization: Bearer $(token)" https://$(esRoutes)/_cat/health 现在我想使用tls认证执行curl,我已经从运行elasticsearch集群中提取了秘密,并在下面包含了cert和key文件名,
证书和密钥: admin-ca admin-cert admin-key elasticsearch.crt elasticsearch.key logging-es.crt logging-es.key 如何使用certs执行curl以运行elasticsearch(在openshift名称空间opernshift日志中)?。

0g0grzrc

0g0grzrc1#

希望这就是你想要的:

oc exec -n openshift-logging logging-es-data-master-xxxxx-x-xxxxx -- curl -tls1.2 -s -k --cert /etc/elasticsearch/secret/admin-cert   --key /etc/elasticsearch/secret/admin-key https://localhost:9200/_cat/health

optional
oc exec -n openshift-logging logging-es-data-master-xxxxx-x-xxxxx -- curl -tls1.2 -s -k --cert /etc/elasticsearch/secret/admin-cert   --key /etc/elasticsearch/secret/admin-key https://localhost:9200/_cat/thread_pool?v

es-util version
oc exec -n openshift-logging logging-es-data-master-xxxxx-x-xxxxx -c elasticsearch -- es_util --query=_cluster/health?pretty=true

相关问题