elasticsearch cluster 开启用户名+密码
当前目录:/home/es/elasticsearch-7.13.4
docker-compose.yml
---version: '2.2'services:elasticsearch:restart: alwaysimage: elasticsearch:7.13.4container_name: es-node1network_mode: hostvolumes:- /data/es/data:/usr/share/elasticsearch/data- /home/es/elasticsearch-7.13.4/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml- /home/es/elasticsearch-7.13.4/config/jvm.options:/usr/share/elasticsearch/config/jvm.options- /home/es/elasticsearch-7.13.4/config/es.pem:/usr/share/elasticsearch/config/es.pem- /home/es/elasticsearch-7.13.4/config/es-key.pem:/usr/share/elasticsearch/config/es-key.pemenvironment:bootstrap.memory_lock: "true"ulimits:memlock:soft: -1hard: -1
elasticsearch.yml
cluster.name: jiankunking-lognode.name: 10.163.16.188http.port: 9200transport.tcp.port: 8100discovery.seed_hosts: ["10.163.16.188","10.163.16.190","10.163.16.191"]cluster.initial_master_nodes: ["10.163.16.188","10.163.16.190","10.163.16.191"]network.bind_host: 10.163.16.188network.publish_host: 10.163.16.188path:data:- /usr/share/elasticsearch/dataxpack.monitoring.collection.enabled: truexpack.security.enabled: truexpack.security.http.ssl.enabled: falsexpack.security.http.ssl.key: /usr/share/elasticsearch/config/es-key.pemxpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/es.pemxpack.security.http.ssl.certificate_authorities: ["/usr/share/elasticsearch/config/es.pem"]xpack.security.transport.ssl.enabled: true# 这里也可以指定为证书xpack.security.transport.ssl.verification_mode: nonexpack.security.transport.ssl.key: /usr/share/elasticsearch/config/es-key.pemxpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/es.pemxpack.security.transport.ssl.certificate_authorities: ["/usr/share/elasticsearch/config/es.pem"]
jvm.options
#################################################################### JVM configuration###################################################################### WARNING: DO NOT EDIT THIS FILE. If you want to override the## JVM options in this file, or set any additional options, you## should create one or more files in the jvm.options.d## directory containing your adjustments.#### See https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html## for more information.#################################################################################################################################### IMPORTANT: JVM heap size#################################################################### The heap size is automatically configured by Elasticsearch## based on the available memory in your system and the roles## each node is configured to fulfill. If specifying heap is## required, it should be done through a file in jvm.options.d,## and the min and max should be set to the same value. For## example, to set the heap to 4 GB, create a new file in the## jvm.options.d directory containing these lines:-Xms31g-Xmx31g## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html## for more information#################################################################################################################################### Expert settings#################################################################### All settings below here are considered expert settings. Do## not adjust them unless you understand what you are doing. Do## not edit them in this file; instead, create a new file in the## jvm.options.d directory containing your adjustments.#################################################################### GC configuration8-13:-XX:+UseConcMarkSweepGC8-13:-XX:CMSInitiatingOccupancyFraction=758-13:-XX:+UseCMSInitiatingOccupancyOnly## G1GC Configuration# NOTE: G1 GC is only supported on JDK version 10 or later# to use G1GC, uncomment the next two lines and update the version on the# following three lines to your version of the JDK# 10-13:-XX:-UseConcMarkSweepGC# 10-13:-XX:-UseCMSInitiatingOccupancyOnly14-:-XX:+UseG1GC## JVM temporary directory-Djava.io.tmpdir=${ES_TMPDIR}## heap dumps# generate a heap dump when an allocation from the Java heap fails; heap dumps# are created in the working directory of the JVM unless an alternative path is# specified-XX:+HeapDumpOnOutOfMemoryError# specify an alternative path for heap dumps; ensure the directory exists and# has sufficient space-XX:HeapDumpPath=data# specify an alternative path for JVM fatal error logs-XX:ErrorFile=logs/hs_err_pid%p.log## JDK 8 GC logging8:-XX:+PrintGCDetails8:-XX:+PrintGCDateStamps8:-XX:+PrintTenuringDistribution8:-XX:+PrintGCApplicationStoppedTime8:-Xloggc:logs/gc.log8:-XX:+UseGCLogFileRotation8:-XX:NumberOfGCLogFiles=328:-XX:GCLogFileSize=64m# JDK 9+ GC logging9-:-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m
证书
es-key.pem 自签名的私钥
es.pem 自签名的证书
证书有效时间,尽量长一些
如果该集群后面要加入remote cluster的话,证书的签名CA要一样。
重启
关掉集群 分片 自动分配设置
PUT /_cluster/settings{"transient": {"cluster.routing.allocation.enable": "none"}}
修改配置重启所有节点
docker-compose stopdocker-compose up -d --build
等最后一个节点起来后,进入容器执行
./bin/elasticsearch-setup-passwords interactive
设置对应账号名的密码即可。
重新开启集群 分片 自动分配
PUT /_cluster/settings{"persistent": {"cluster.routing.allocation.enable": "all"}}
淩亂°似流年
待我称王封你为后i
太过爱你忘了你带给我的痛
分手后的思念是犯贱![[C#版剑指offer]旋转数组的最小数字查询](https://image.dandelioncloud.cn/dist/img/NoSlightly.png "[C#版剑指offer]旋转数组的最小数字查询")
还没有评论,来说两句吧...