您好,登錄后才能下訂單哦!
Open Distro for Elasticsearch是AWS開源版本的ELK架構,原來Elasticsearch中部分需要付費的功能可以免費使用(如Alert),對于我等追求開(mian)源(fei)的大(diao)眾(si)用戶來說,確實是一個不錯的選擇。
按照其安裝步驟安裝好后可以使用默認密碼admin:admin登錄,但修改這個默認密碼卻不容易,翻遍全網,匯總如下,供有需要的同學參考:
第一步:生成新的Admin密碼Hash
#Create Hashes for Your admin
sudo chmod +x /usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh
/bin/bash -c /usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh
7-mDj5=
$2y$12$tOoM6Wz.elENbw23EZfqL.CSrd7giB/5yKQQ0YWq8ZSwfXJPBEq8m
第二步:將上一步生成的密碼Hash記錄下來,編輯internal_users.yml(編輯前請備份)
#Create a Local, Modified Copy of internal_users.yml, then replace with the new admin hash
cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/
sudo cp internal_users.yml internal_users.yml.backup
sudo vim internal_users.yml
第三步:執行命令讓elasticsearch更新密碼
#to reflect the changes, run below commands,
#https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/security-admin/
cd /usr/share/elasticsearch/plugins/opendistro_security/tools/
sudo bash ./securityadmin.sh -cd ../securityconfig/ -icl -nhnv -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/kirk.pem -key /etc/elasticsearch/kirk-key.pem
以前三步完成就可以使用新的密碼登錄Kibana了,API調用也可以使用新密碼進行認證了,用原密碼再認證會提示Unauthorized.
最后一步執行成功后會輸出如下內容
WARNING: JAVA_HOME not set, will use /usr/bin/java
Open Distro Security Admin v7
Will connect to localhost:9300 ... done
Connected as CN=kirk,OU=client,O=client,L=test,C=de
Elasticsearch Version: 7.3.2
Open Distro Security Version: 1.3.0.0
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
Clustername: 8zcl5szk
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
Will update '_doc/config' with ../securityconfig/config.yml
? ?SUCC: Configuration for 'config' created or updated
Will update '_doc/roles' with ../securityconfig/roles.yml
? ?SUCC: Configuration for 'roles' created or updated
Will update '_doc/rolesmapping' with ../securityconfig/roles_mapping.yml
? ?SUCC: Configuration for 'rolesmapping' created or updated
Will update '_doc/internalusers' with ../securityconfig/internal_users.yml
? ?SUCC: Configuration for 'internalusers' created or updated
Will update '_doc/actiongroups' with ../securityconfig/action_groups.yml
? ?SUCC: Configuration for 'actiongroups' created or updated
Will update '_doc/tenants' with ../securityconfig/tenants.yml
? ?SUCC: Configuration for 'tenants' created or updated
Done with success
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。