ElasticSearch版本:7.6.2
一:es设置账号密码
配置
修改es的配置文件:elasticsearch.yml,添加如下配置
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
es的bin目录下,执行设置用户名和密码的命令
./elasticsearch-setup-passwords interactive
这里会设置六个账号的密码:elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
修改kibana的配置kibana.yml:
es修改密码的命令如下:
curl -H "Content-Type:application/json" -XPOST -u elastic ‘http://127.0.0.1:9200/_xpack/security/user/elastic/_password‘ -d ‘{ "password" : "123456" }‘
重启es和kibana
访问http://127.0.0.1:9200,需要输入账号密码才可以访问
访问:http://127.0.0.1:5601/
同样需要认证才可登陆,登陆账号密码为elastic/123456
二:es重制密码
ES集群重新设置密码(第二次执行./elasticsearch-setup-passwords interactive报错)
错误信息
当为es集群设置完一次密码之后,再次执行相同的命令
./elasticsearch-setup-passwords interactive
报错:
Failed to authenticate user 'elastic' against http://172.16.xxx.xxx:9200/_security/_authenticate?pretty
Possible causes include:
* The password for the 'elastic' user has already been changed on this cluster
* Your elasticsearch node is running against a different keystore
This tool used the keystore at /usr/local/elasticsearch-7.2.0/config/elasticsearch.keystore
ERROR: Failed to verify bootstrap password
解决办法:
删除 .security-7 索引,然后重新执行上面命令即可,不用重启es集群
