我使用的是ELK集群,由三个节点组成。我无法使用其URL https://kibana_IP:5601访问Kibana。
当我检查**/var/log/elasticsearch/elasticsearch.log的日志时,我发现了以下错误:Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]
当我检查kibana的日志时,我发现了以下错误:Unable to authenticate user [kibana_system] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
我尝试使用以下命令重置弹性用户的密码/usr/share/elasticsearch/bin/elasticsearch-reset-password -i -u elastic**
但我得到了这个错误:Error: Failed to determine the health of the cluster. Cluster health is currently RED
当我尝试使用这个命令curl --cacert /etc/elasticsearch/certs/http_ca.crt -XGET "https://localhost:9200/_cat/indices?v" -u elastic
时
我得到下面的错误:{"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/_cat/indices?v]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/_cat/indices?v]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}
我检查了所有节点中的elastisearch服务,它已经启动并运行。
请问如何解决这个问题?
致上,
1条答案
按热度按时间vmdwslir1#
看起来至少有一个索引是红色的。
1-查找RED索引
可以是
HTTP
尝试使用HTTPS
2-删除RED索引(如果可以)
注意:不要删除以
.
开头的系统索引,例如.security
3-再次检查集群运行状况
更多:
要了解RED群集状态的原因,您可以elasticsearch.log如果您有快照,则可以从最新快照恢复索引