• ELK docker elasticsearch7 设置xpack账号密码


    之前写过一篇 设置的,感觉不大对。ELK elasticsearch7 设置账号、权限

    还是重新配置一下。

    准备资料:elasticsearch7.1.1、kibana7.1.1镜像文件。

    在docker下成功安装集群。注意的是,所有的需要安装es相关的ELK版本都要一致,甚至es的插件版本也都是要一致

    [root@localhost ~]# docker images
    REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
    192.168.89.132/third/logstash   7.1.1               b0cb1543380d        12 months ago       847MB
    logstash                        7.1.1               b0cb1543380d        12 months ago       847MB
    kibana                          7.1.1               67f17df6ca3e        12 months ago       746MB
    elasticsearch                   7.1.1               b0e9f9f047e6        12 months ago       894MB
    192.168.89.132/third/filebeat   7.1.1               0bd69a03e199        12 months ago       288MB
    store/elastic/filebeat          7.1.1               0bd69a03e199        12 months ago       288MB

    我这集群3台服务器:

    创建相应目录:

    mkdir -p /home/soft/elasticsearch/config
    mkdir -p /home/soft/elasticsearch/data/data04
    mkdir -p /home/soft/elasticsearch/data/data05
    mkdir -p /home/soft/elasticsearch/data/data06
    mkdir -p /home/soft/elasticsearch/logs/logs04
    mkdir -p /home/soft/elasticsearch/logs/logs05
    mkdir -p /home/soft/elasticsearch/logs/logs06

    配置脚本:

    // es04.yml 文件
    cluster.name: esinner
    node.name: es04
    node.master: true
    node.data: true
    bootstrap.memory_lock: false
    bootstrap.system_call_filter: false
    network.host: 172.19.0.14
    http.port: 9200
    transport.tcp.port: 9300
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    discovery.seed_hosts: ["172.19.0.14:9300","172.19.0.15:9300","172.19.0.16:9300"]
    cluster.initial_master_nodes: ["es04"]
    discovery.zen.minimum_master_nodes: 2
    http.cors.allow-headers: Authorization

    // es05.yml 文件
    cluster.name: esinner
    node.name: es05
    node.master: true
    node.data: true
    bootstrap.memory_lock: false
    bootstrap.system_call_filter: false
    network.host: 172.19.0.15
    http.port: 9200
    transport.tcp.port: 9300
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    discovery.seed_hosts: ["172.19.0.14:9300","172.19.0.15:9300","172.19.0.16:9300"]
    cluster.initial_master_nodes: ["es04"]
    discovery.zen.minimum_master_nodes: 2
    http.cors.allow-headers: Authorization

    // es06.yml 文件
    cluster.name: esinner
    node.name: es06
    node.master: true
    node.data: true
    bootstrap.memory_lock: false
    bootstrap.system_call_filter: false
    network.host: 172.19.0.16
    http.port: 9200
    transport.tcp.port: 9300
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    discovery.seed_hosts: ["172.19.0.14:9300","172.19.0.15:9300","172.19.0.16:9300"]
    cluster.initial_master_nodes: ["es04"]
    discovery.zen.minimum_master_nodes: 2
    http.cors.allow-headers: Authorization

    启动脚本:其中的esnetwork 是我创建的es专属网络,其中的IP地址172.20.0.xxx也是依赖这里网络来的。

    查看网络列表
    docker network ls  
    进入网络查看绑定情况
    docker network inspect esnetwork


    docker run --restart=always -m 1000m -e ES_JAVA_OPTS="-Xms512m -Xmx512m"
    -d --net esnetwork --ip 172.19.0.14 -p 9204:9200 -p 9304:9300
    -v /home/soft/ES/config/es04.yml:/usr/share/elasticsearch/config/elasticsearch.yml
    -v /home/soft/ES/plugins/plugins04:/usr/share/elasticsearch/plugins
    -v /home/soft/ES/data/data04:/usr/share/elasticsearch/data
    -v /home/soft/ES/logs/logs04:/usr/share/elasticsearch/logs
    --name es04 elasticsearch:7.1.1

    docker run --restart=always -m 1000m -e ES_JAVA_OPTS="-Xms512m -Xmx512m"
    -d --net esnetwork --ip 172.19.0.15 -p 9205:9200 -p 9305:9300
    -v /home/soft/ES/config/es05.yml:/usr/share/elasticsearch/config/elasticsearch.yml
    -v /home/soft/ES/plugins/plugins05:/usr/share/elasticsearch/plugins
    -v /home/soft/ES/data/data05:/usr/share/elasticsearch/data
    -v /home/soft/ES/logs/logs05:/usr/share/elasticsearch/logs
    --name es05 elasticsearch:7.1.1

    docker run --restart=always -m 1000m -e ES_JAVA_OPTS="-Xms512m -Xmx512m"
    -d --net esnetwork --ip 172.19.0.16 -p 9206:9200 -p 9306:9300
    -v /home/soft/ES/config/es06.yml:/usr/share/elasticsearch/config/elasticsearch.yml
    -v /home/soft/ES/plugins/plugins06:/usr/share/elasticsearch/plugins
    -v /home/soft/ES/data/data06:/usr/share/elasticsearch/data
    -v /home/soft/ES/logs/logs06:/usr/share/elasticsearch/logs
    --name es06 elasticsearch:7.1.1

    查看网络情况esnetwork

    [root@localhost ~]# docker network inspect esnetwork
    [
        {
            "Name": "esnetwork",
            "Id": "643e80b22b68ed051bdee83d4625e9a590be3ccf3acdbe0c2373bd409cf00d43",
            "Created": "2020-01-23T00:40:33.225834796+08:00",
            "Scope": "local",
            "Driver": "bridge",
            "EnableIPv6": false,
            "IPAM": {
                "Driver": "default",
                "Options": {},
                "Config": [
                    {
                        "Subnet": "172.19.0.0/16",
                        "Gateway": "172.19.0.1"
                    }
                ]
            },
            "Internal": false,
            "Attachable": false,
            "Ingress": false,
            "ConfigFrom": {
                "Network": ""
            },
            "ConfigOnly": false,
            "Containers": {
                "6cab717babe9b95283dc8f55d95d5a9b7e69bffc5e882ef04bf3af81838627ac": {
                    "Name": "es06",
                    "EndpointID": "8082b5283bc60533b4203146d5bb58526063c8925b9b97f7e6be86607fc3d1d1",
                    "MacAddress": "02:42:ac:13:00:10",
                    "IPv4Address": "172.19.0.16/16",
                    "IPv6Address": ""
                },
                "706ba84e67af5d9c57994dd5eaecd60298b03bd7ded81d386a75d4087e2c1536": {
                    "Name": "es04",
                    "EndpointID": "bb59f666c86c1ee7d691fc6f2d0039df98e0b5954625edd92e40613e93ad2804",
                    "MacAddress": "02:42:ac:13:00:0e",
                    "IPv4Address": "172.19.0.14/16",
                    "IPv6Address": ""
                },
                "93ec974957d277a140b4a344db7c67fe37b3df17b3155039ed7f08ab850d889e": {
                    "Name": "es05",
                    "EndpointID": "7a898a6a0e469445cb22efc82416d7ceaf4417ab82199b8db76ccaa957422c4d",
                    "MacAddress": "02:42:ac:13:00:0f",
                    "IPv4Address": "172.19.0.15/16",
                    "IPv6Address": ""
                }
            },
            "Options": {},
            "Labels": {}
        }
    ]
    View Code

    启动后通过IP:PORT可以查看到当前单台情况

    {
      "name" : "es04",
      "cluster_name" : "mses-cluster",
      "cluster_uuid" : "_na_",
      "version" : {
        "number" : "7.1.1",
        "build_flavor" : "default",
        "build_type" : "docker",
        "build_hash" : "7a013de",
        "build_date" : "2019-05-23T14:04:00.380842Z",
        "build_snapshot" : false,
        "lucene_version" : "8.0.0",
        "minimum_wire_compatibility_version" : "6.8.0",
        "minimum_index_compatibility_version" : "6.0.0-beta1"
      },
      "tagline" : "You Know, for Search"
    }

    通过IP:PORT/_cat/nodes?pretty 可以当前集群情况

    172.19.0.16 26 93 50 1.40 3.47 4.23 mdi - es06
    172.19.0.14 33 93 54 1.40 3.47 4.23 mdi * es04
    172.19.0.15 17 93 54 1.40 3.47 4.23 mdi - es05

     

    以上说明能正常访问。

    下面是重点============配置xpack,es的账号密码

    停掉服务。

    docker stop es04 es05 es06

    删除data数据

    rm -rf data/data4*/*

    修改es00.yml配置,重新启动。

    末尾增加 

    xpack.security.enabled: true
    xpack.security.transport.ssl.enabled: true

    [root@izm5ej4bsah4npfgi5wl3vz elasticsearch]# vi config/es00.yml 
    cluster.name: mses-cluster
    node.name: es00
    node.master: true
    node.data: true
    bootstrap.memory_lock: false
    bootstrap.system_call_filter: false
    network.host: 172.20.0.10
    http.port: 9200
    transport.tcp.port: 9300
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    discovery.seed_hosts: ["172.20.0.10:9300","172.20.0.11:9300"]
    cluster.initial_master_nodes: ["es00","es01"]
    discovery.zen.minimum_master_nodes: 2
    http.cors.allow-headers: Authorization
    xpack.security.enabled: true
    xpack.security.transport.ssl.enabled: true
     

    重启

    docker restart es00

    查看启动日志

    docker logs -f --tail=10 es00

    看到启动完成后,访问ip:端口,会弹出登录对话窗口

    进入容器,

    docker exec -it es00 /bin/bash

     keystore文件,默认会创建在config目录下生成elasticsearch.keystore文件

    bin/elasticsearch-keystore create

    执行过程:

    [root@ee7fae207374 elasticsearch]# bin/elasticsearch-keystore create
    Created elasticsearch keystore in /usr/share/elasticsearch/config
    [root@ee7fae207374 elasticsearch]# ls config/
    elasticsearch.keystore elasticsearch.yml jvm.options log4j2.properties role_mapping.yml roles.yml users users_roles

    设置默认用户的密码,我这直接使用默认用户名作为密码

    bin/elasticsearch-setup-passwords interactive

    正常情况得到结果:说明设置正常,我这里所有的用户密码都是设置为:elastic

    [root@21650b6ea0f2 elasticsearch]# bin/elasticsearch-setup-passwords interactive
    Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
    You will be prompted to enter passwords as the process progresses.
    Please confirm that you would like to continue [y/N]y
    Enter password for [elastic]: 
    Reenter password for [elastic]: 
    Enter password for [apm_system]: 
    Reenter password for [apm_system]: 
    Enter password for [kibana]: 
    Reenter password for [kibana]: 
    Enter password for [logstash_system]: 
    Reenter password for [logstash_system]: 
    Enter password for [beats_system]: 
    Reenter password for [beats_system]: 
    Enter password for [remote_monitoring_user]: 
    Reenter password for [remote_monitoring_user]: 
    Changed password for user [apm_system]
    Changed password for user [kibana]
    Changed password for user [logstash_system]
    Changed password for user [beats_system]
    Changed password for user [remote_monitoring_user]
    Changed password for user [elastic]
    

    错误1:可能是之前已设置过用户密码,若忘记了,没关系。

    Possible causes include:
     * The password for the 'elastic' user has already been changed on this cluster
     * Your elasticsearch node is running against a different keystore
     * This tool used the keystore at /usr/share/elasticsearch/config/elasticsearch.keystore

    解决A:很纠结的不一定成功。也成功做。

    关闭ElasticSearch的xpack安全验证(即修改/docker/elasticsearch/config/elasticsearch.yml
    中的xpack.security.enabled和xpack.security.transport.ssl.enabled为false);
    重启ElasticSearch服务
    重启好后用以下命令删除索引 .secutity-6
    curl -XDELETE http://localhost:9204/.secutity-6
    1
    or

    curl -XDELETE  http://127.0.0.1:9200/.secutity-6
    删除好后再重新按照上面设置密码的操作打开xpack验证重启ElasticSearch服务进入容器内部进行密码设置

     解决B:不管他,接着走下面的步骤,最后,再来解决这个用户无法创建的问题,就当做忘记密码。

    解决办法:创建一个新的临时用户,然后赋予这个用户超级管理员角色。

    再退出外面,用这个用户修改密码。

    docker exec -it es10 bash
    ./bin/elasticsearch-users useradd tempchen -r superuser
    
    curl -XPUT -u tempchen:tempchen http://127.0.0.1:9200/_xpack/security/user/elastic/_password -H "Content-Type: application/json" -d '
    {
     "password": "elastic"
    }'

    执行过程:

    // 进入容器
    [root@izm5ej4bsah4npfgi5wl3vz ~]# docker exec -it es10 bash
    // 创建用户
    [root@467d3709b7db elasticsearch]# ./bin/elasticsearch-users useradd tempchen -r superuser
    Enter new password: 
    Retype new password: 
    // 退出容器
    [root@467d3709b7db elasticsearch] exit
    // 根据IP修改密码
    [root@izm5ej4bsah4npfgi5wl3vz elasticsearch2]# curl -XPUT -u tempchen:tempchen http://172.21.0.10:9200/_xpack/security/user/elastic/_password -H "Content-Type: application/json" -d '
    > {
    >  "password": "elastic"
    > }'
    {}
    // 此时修改密码成功,密码为elastic
    [root@izm5ej4bsah4npfgi5wl3vz elasticsearch2]# 

    错误2:

    Unexpected response code [503] from calling PUT http://172.20.0.10:9200/_security/user/apm_system/_password?pretty
    Cause: Cluster state has not been recovered yet, cannot write to the security index

    解决:

    配置master节点先修改为1个
    cluster.initial_master_nodes: ["es04"]

    在页面登录输入任何账号都能登录正常,看到信息。

    生成配置ca证书:这里可输入密码,也可直接回车不输密码,我这里密码:不输入,

    bin/elasticsearch-certutil ca

    证书生成位置是当前位置,会生成一个证书名字:elastic-stack-ca.p12

    当然也可以用 out指定生成证书位置。例如下,但我不用

    bin/elasticsearch-certutil ca -out config/elastic-ca.p12 -pass ""
    [root@ee7fae207374 elasticsearch]# bin/elasticsearch-certutil ca
    WARNING: An illegal reflective access operation has occurred
    WARNING: Illegal reflective access by org.bouncycastle.jcajce.provider.drbg.DRBG (file:/usr/share/elasticsearch/lib/tools/security-cli/bcprov-jdk15on-1.61.jar) to constructor sun.security.provider.Sun()
    WARNING: Please consider reporting this to the maintainers of org.bouncycastle.jcajce.provider.drbg.DRBG
    WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
    WARNING: All illegal access operations will be denied in a future release
    This tool assists you in the generation of X.509 certificates and certificate
    signing requests for use with SSL/TLS in the Elastic stack.
    
    The 'ca' mode generates a new 'certificate authority'
    This will create a new X.509 certificate and private key that can be used
    to sign certificate when running in 'cert' mode.
    
    Use the 'ca-dn' option if you wish to configure the 'distinguished name'
    of the certificate authority
    
    By default the 'ca' mode produces a single PKCS#12 output file which holds:
        * The CA certificate
        * The CA's private key
    
    If you elect to generate PEM format certificates (the -pem option), then the output will
    be a zip file containing individual files for the CA certificate and private key
    
    Please enter the desired output file [elastic-stack-ca.p12]: 
    Enter password for elastic-stack-ca.p12 : 
    [root@ee7fae207374 elasticsearch]# ls
    123456  LICENSE.txt  NOTICE.txt  README.textile  bin  config  data  elastic-stack-ca.p12  jdk  lib  logs  modules  plugins

    生成私钥证书

    bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

    会提示输入密码,这里我直接回车,无密码。

     查看当前目录,即可看到:elastic-certificates.p12 这个就是我们的私钥了,所有节点,统一要将这证书放置到指定位置即可各个节点互通交互了。

    [root@21650b6ea0f2 elasticsearch]# ls
    LICENSE.txt  NOTICE.txt  README.textile  bin  config  data  elastic-certificates.p12  elastic-stack-ca.p12  jdk  lib  logs  modules  plugins

    只需要使用由同一CA签名的证书,即可自动允许该节点加入集群。

    将证书复制到宿主机

    宿主机目录我这里是/home/soft/ES/config

    docker cp 复制
    es04 是运行的容器名称
    /usr/share/elasticsearch/elastic-certificates.p12 要复制的容器内的文件具体路径
    /home/soft/ES/config 物理机路径
    # docker cp es04:/usr/share/elasticsearch/elastic-certificates.p12 /home/soft/ES/config

    将证书复制到所有需要集群的es节点

    docker cp /home/soft/ES/config/elastic-certificates.p12 es04:/usr/share/elasticsearch/config/
    docker cp /home/soft/ES/config/elastic-certificates.p12 es05:/usr/share/elasticsearch/config/
    docker cp /home/soft/ES/config/elastic-certificates.p12 es06:/usr/share/elasticsearch/config/

    修改所有需要集群的节点

    主要是增加这几行配置

    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate 
    xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 
    xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
    // es04.yml 文件
    cluster.name: esinner
    node.name: es04
    node.master: true
    node.data: true
    bootstrap.memory_lock: false
    bootstrap.system_call_filter: false
    network.host: 172.19.0.14
    http.port: 9200
    transport.tcp.port: 9300
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    discovery.seed_hosts: ["172.19.0.14:9300","172.19.0.15:9300","172.19.0.16:9300"]
    cluster.initial_master_nodes: ["es04","es05","es06"]
    discovery.zen.minimum_master_nodes: 2
    http.cors.allow-headers: Authorization
    xpack.security.enabled: true
    xpack.license.self_generated.type: basic
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate 
    xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 
    xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
    
    // es05.yml 文件
    cluster.name: esinner
    node.name: es05
    node.master: true
    node.data: true
    bootstrap.memory_lock: false
    bootstrap.system_call_filter: false
    network.host: 172.19.0.15
    http.port: 9200
    transport.tcp.port: 9300
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    discovery.seed_hosts: ["172.19.0.14:9300","172.19.0.15:9300","172.19.0.16:9300"]
    cluster.initial_master_nodes: ["es04","es05","es06"]
    discovery.zen.minimum_master_nodes: 2
    http.cors.allow-headers: Authorization
    xpack.security.enabled: true
    xpack.license.self_generated.type: basic
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate 
    xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 
    xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
    
    // es06.yml 文件
    cluster.name: esinner
    node.name: es06
    node.master: true
    node.data: true
    bootstrap.memory_lock: false
    bootstrap.system_call_filter: false
    network.host: 172.19.0.16
    http.port: 9200
    transport.tcp.port: 9300
    http.cors.enabled: true
    http.cors.allow-origin: "*"
    discovery.seed_hosts: ["172.19.0.14:9300","172.19.0.15:9300","172.19.0.16:9300"]
    cluster.initial_master_nodes: ["es04","es05","es06"]
    discovery.zen.minimum_master_nodes: 2
    http.cors.allow-headers: Authorization
    xpack.security.enabled: true
    xpack.license.self_generated.type: basic
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate 
    xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 
    xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
    View Code

    重启所有节点

    完整报错:

    {"type": "server", "timestamp": "2020-05-27T15:21:10,235+0000", "level": "WARN", "component": "o.e.b.ElasticsearchUncaughtExceptionHandler", "cluster.name": "esinner", "node.name": "es05",  "message": "uncaught exception in thread [main]" , 
    "stacktrace": ["org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to load plugin class [org.elasticsearch.xpack.core.XPackPlugin]",
    "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:163) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "Caused by: java.lang.IllegalStateException: failed to load plugin class [org.elasticsearch.xpack.core.XPackPlugin]",
    "at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:614) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:556) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:471) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:163) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:308) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:325) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "... 6 more",
    "Caused by: java.lang.reflect.InvocationTargetException",
    "at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]",
    "at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:?]",
    "at jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]",
    "at java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500) ~[?:?]",
    "at java.lang.reflect.Constructor.newInstance(Constructor.java:481) ~[?:?]",
    "at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:605) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:556) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:471) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:163) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:308) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:325) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "... 6 more",
    "Caused by: org.elasticsearch.ElasticsearchException: failed to initialize a TrustManagerFactory",
    "at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:61) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:382) ~[?:?]",
    "at java.util.HashMap.computeIfAbsent(HashMap.java:1133) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:434) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:119) ~[?:?]",
    "at org.elasticsearch.xpack.core.XPackPlugin.<init>(XPackPlugin.java:144) ~[?:?]",
    "at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]",
    "at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:?]",
    "at jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]",
    "at java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500) ~[?:?]",
    "at java.lang.reflect.Constructor.newInstance(Constructor.java:481) ~[?:?]",
    "at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:605) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:556) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:471) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:163) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:308) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:325) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "... 6 more",
    "Caused by: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/config/elastic-certificates.p12",
    "at sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) ~[?:?]",
    "at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?]",
    "at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) ~[?:?]",
    "at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219) ~[?:?]",
    "at java.nio.file.Files.newByteChannel(Files.java:373) ~[?:?]",
    "at java.nio.file.Files.newByteChannel(Files.java:424) ~[?:?]",
    "at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:420) ~[?:?]",
    "at java.nio.file.Files.newInputStream(Files.java:158) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.TrustConfig.getStore(TrustConfig.java:87) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:58) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:382) ~[?:?]",
    "at java.util.HashMap.computeIfAbsent(HashMap.java:1133) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:434) ~[?:?]",
    "at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:119) ~[?:?]",
    "at org.elasticsearch.xpack.core.XPackPlugin.<init>(XPackPlugin.java:144) ~[?:?]",
    "at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]",
    "at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:?]",
    "at jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]",
    "at java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500) ~[?:?]",
    "at java.lang.reflect.Constructor.newInstance(Constructor.java:481) ~[?:?]",
    "at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:605) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:556) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:471) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:163) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:308) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:211) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:325) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.1.1.jar:7.1.1]",
    "... 6 more"] }

    分析:有用的几句

    "stacktrace": ["org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to load plugin class [org.elasticsearch.xpack.core.XPackPlugin]",
    "Caused by: java.lang.reflect.InvocationTargetException",
    "Caused by: org.elasticsearch.ElasticsearchException: failed to initialize a TrustManagerFactory",
    "Caused by: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/config/elastic-certificates.p12",
    ----------访问权限异常,说明docker容器运行elastic的用户权限访问我们复制容器内的文件异常【elastic-certificates.p12】

    解决:趁着容器运行时,赶快到容器内给文件访问权限,赋权限后重启,启动正常

    # docker exec -it es04 /bin/bash
    # chmod 777 config/*
    # docker exec -it es05 /bin/bash
    # chmod 777 config/*

    # docker exec -it es06 /bin/bash
    # chmod 777 config/*
     

    测试查看结果

    输入ip加端口访问后,弹出窗口,输入之前设置的账号密码后,可以看到我们想要看的结果。测试成功。

    输入elastic/elastic 就是之前输入的用户名密码

     配置kibana访问。之前系统预设的用户,如下,密码都是相同的elastic

    Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.



    配置kibana.yml
    增加用户名,密码等信息。
    server.name: kibana
    server.host: "0"
    elasticsearch.hosts: [ "http://192.168.89.138:9204","http://192.168.89.138:9205", "http://192.168.89.138:9206" ]
    elasticsearch.username: "elastic"
    elasticsearch.password: "elastic"
    server.port: 5601
    elasticsearch.requestTimeout: 90000

    重启服务

    新服务

    docker run --restart=always -m 1000m 
    -d --name kibana -p 5601:5601 
    -v /home/soft/ELK/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml 
    kibana:7.1.1

    或重启已有服务

    docker restart kibana

    查看结果。。。可以在管理界面看到。用户。角色管理菜单了

    输入密码kibana/elastic

     

     返回:

    {"statusCode":403,"error":"Forbidden","message":"Forbidden"}

    那就换超级用户elastic,登录成功。

  • 相关阅读:
    Agilent RF fundamentals (7) Oscillator characterization
    Agilent RF fundamentals (6)
    L136
    Agilent RF fundamentals (5)
    Agilent RF fundamentals (4)- Impedance match and distortions
    L134
    2018.9.14 长难句1
    L133
    PyQt(Python+Qt)学习随笔:QTreeWidget中给树型部件增加顶层项的方法
    PyQt(Python+Qt)学习随笔:invisibleRootItem方法访问QTreeWidget树型部件的隐形根节点
  • 原文地址:https://www.cnblogs.com/a393060727/p/12971290.html
Copyright © 2020-2023  润新知