问题描述
在将两个 lignes 添加到 elacticsearch.yml 之前,我让 ELK 堆栈完美运行:
http.cors.allow-methods: OPTIONS,HEAD,GET,POST,PUT,DELETE
http.cors.allow-headers: kbn-version,Origin,X-Requested-With,Content-Type,Accept,Engaged-Auth-Token
重新启动elastic 和kibana 后,我向用户Kibana 和elastic 都收到了以下错误消息:
[INFO ][o.e.x.s.a.AuthenticationService] [myserver] Authentication of [kibana] was terminated by realm [reserved] - Failed to authenticate user [kibana]
我最初的elasticsearch.yml:
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
# Set the bind address to a specific IP (IPv4 or IPv6):
#@ IP
network.host: 10.xx.xx.xx
http.port: 9200
xpack.security.enabled: true
xpack.watcher.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
repositories.url.allowed_urls: "http://10.xx.xx.xx/home/User"
http.cors.enabled: true
http.cors.allow-origin: "*"
我看到一些论坛谈论丢失 .security 索引(重新启动弹性时)
以下是使用 curl 请求的弹性状态:
[root@myserver elasticsearch]# curl -XGET 'http://10.x.x.x:9200/_cluster/state?pretty'
{
"error" : {
"root_cause" : [
{
"type" : "security_exception","reason" : "missing authentication credentials for REST request [/_cluster/state?pretty]","header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],"type" : "security_exception","header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
},"status" : 401
}
请问您对这个问题有什么想法吗? 提前致谢
解决方法
我怀疑您还有其他问题,但是要在启用 xpack.security 时使用 curl 获得响应,您还必须传递如下身份验证详细信息:
curl -XGET --user elastic:changeme 'http://10.x.x.x:9200/_cluster/state?pretty'