首先打開Kibana的管理界面,在許可管理中升級爲白金試用版。
其次,每個ES節點的配置文件里加上:
xpack.security.enabled: true
xpack.ml.enabled: true
xpack.license.self_generated.type: trial#意爲試用版
然後重啓所有ES節點,重啓完成後,訪問http://192.168.1.3:9200/_cat/health?v,可以看到要求輸入用戶名密碼。而此時我們還沒設置密碼,下面開始設置密碼:
[root@es1 ~]# cd /usr/share/elasticsearch/bin
[root@es1 bin]# ./elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
可以看到,我們修改了6個用戶的密碼,設置完成後,再次訪問http://192.168.1.3:9200/_cat/health?v,輸入用戶名elastic,密碼123456,就能看到集羣健康狀態了。這個時候如果訪問kibana的話,也是要輸入用戶名和密碼的,我們在kibana的配置文件也打開安全設置。
下面開始修改Kibana配置文件:
只需要在配置文件中加上下面兩行內容即可:
[root@kibana ~]# vim /etc/kibana/kibana.yml
......
elasticsearch.username: "elastic"
elasticsearch.password: "123456"#這個密碼一定要跟ES集羣配置的用戶名密碼一致。
然後重啓Kibana,重新訪問192.168.1.9:5601:
此時輸入用戶名elastic和密碼123456即可登錄。
登陸後發現我們的索引是沒數據的,檢查logstash的日誌可以看到有報錯:
192168110[2020-04-03T14:29:04,598][ERROR][logstash.outputs.elasticsearch][main] Encountered a retryable error. Will Retry with exponential backoff {:code=>401, :url=>"http://192.168.1.7:9200/_bulk"}
[2020-04-03T14:29:07,045][ERROR][logstash.outputs.elasticsearch][main] Encountered a retryable error. Will Retry with exponential backoff {:code=>401, :url=>"http://192.168.1.6:9200/_bulk"}
[2020-04-03T14:29:11,118][ERROR][logstash.outputs.elasticsearch][main] Encountered a retryable error. Will Retry with exponential backoff {:code=>401, :url=>"http://192.168.1.7:9200/_bulk"}
[2020-04-03T14:29:19,137][ERROR][logstash.outputs.elasticsearch][main] Encountered a retryable error. Will Retry with exponential backoff {:code=>401, :url=>"http://192.168.1.7:9200/_bulk"}
這是因爲我們的logstash的配置文件output部分是輸出到ES集羣的,我們剛剛給ES集羣設置了安全認證,所以現在需要在output部分配置ES集羣的用戶名和密碼:
output {
elasticsearch {
hosts => ["192.168.1.8:9200","192.168.1.6:9200","192.168.1.7:9200"]
index => 'nginx'
user => 'elastic'
password => '123456'
注意是user而不是username,用戶名和密碼都要用英文的單引號括起來。
配置完成後,再次啓動logstash,可以正常啓動了,Kibana中索引也有數據了。