我正在Ubuntu 20.04上设置Elasticsearch版本7.17.11。它将是Elasticsearch的单个示例,但我将为Kibana和Logstash提供单独的示例。我试图在另一个云项目中重新创建我们的设置,而不使用Elasticsearch的集群,据我所知,这些设置是与工作构建的唯一区别。
这是我运行bin/elasticsearch-setup-passwords工具时的错误:
Failed to authenticate user 'elastic' against https://localhost:9200/_security/_authenticate?pretty
Possible causes include:
* The password for the 'elastic' user has already been changed on this cluster
* Your elasticsearch node is running against a different keystore
This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore
ERROR: Failed to verify bootstrap password
字符串
keystore似乎位于/etc/elasticsearch/elasticsearch. keystore。密码不可能已经更改,因为我每次都用Terraform创建一个新示例,并对它运行Ansible playbook。
这是我的elasticsearch.yml文件:
node.name: test-elasticsearch
network.host: localhost
http.port: 9200
discovery.type: single-node
# Transport layer
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.transport.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.transport.ssl.certificate_authorities: /etc/elasticsearch/certs/ca/ca.crt
# HTTP layer
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.http.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.http.ssl.certificate_authorities: /etc/elasticsearch/certs/ca/ca.crt
# Elasticsearch authentication
xpack.security.enabled: true
#xpack.security.enabled: false
path.data: /mnt/elastic_data_disk
path.logs: /mnt/elastic_data_disk
型
证书已使用bin/elasticsearch-certutil工具设置,并放入正确的路径BTW。
这是我用来配置证书BTW的instances.yml文件(这里有完整的公共IP审查):
instances:
- name: "test-elasticsearch"
ip:
- "35.xx.xx.xx"
型
任何帮助是赞赏:我已经阅读了所有相关的弹性文档,我知道这与我卡住了,无法在网上找到任何东西。有人知道怎么解决吗?
安装Elasticsearch我在创建弹性密码时遇到了问题-它错误地表示它已经配置好了,如果不知道弹性密码,我就无法继续。
1条答案
按热度按时间x33g5p2x1#
看起来你在Ansible剧本中错过了一些东西。当您设置Elasticsearch时,Elasticsearch应该自己定义
elastic
用户的第一个密码,并将输出发送到终端。推荐:我建议您创建一个具有
superuser
权限的新用户,然后检查发生了什么,而不是与elastic
用户进行斗争。https://www.elastic.co/guide/en/elasticsearch/reference/7.17/users-command.html
创建超级用户:
字符串
不确定它是否有效,但你也可以尝试对弹性用户使用相同的命令。