提出这个问题是因为我在最高赞答案的第一条评论中遇到了相同的错误结果@Lin Du。
@Lin DU 回答:elasticsearch 默认的用户和密码是多少?
类似的问题要么没有得到解答(可能是由于缺乏信息),要么解决方案不是我想要解决问题的方式。
我正在从 elasticsearch 7.x.x 升级到 8.14.1。我在下面附加了 elasticsearch 和 kibana 的 dockerfile 以及它们各自的
elasticsearch.ymlkibana.yml注意,此配置适用于 elastic/kibana 7.x.x.
elasticsearch.dockerfileFROM elasticsearch:8.14.1
COPY config/config /usr/share/elasticsearch/config
COPY config/*.zip /usr/share/elasticsearch/
RUN /usr/share/elasticsearch/bin/elasticsearch-users useradd esadmin -p superhardespass -r superuser
EXPOSE 9200
elasticsearch.ymlcluster.name: "elasticsearch"
network.host: 0.0.0.0
http.port: 9200
discovery.type: single-node
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.certificate_authorities: "./certs/ca.cer"
xpack.security.http.ssl.certificate: "./certs/es.cer"
xpack.security.http.ssl.key: "./certs/es.key"
http.cors.enabled : true
http.cors.allow-origin : "*"
http.cors.allow-headers : X-Requested-With,X-Auth-Token,Content-Type, Content-Length,Authorization
http.max_content_length: 512mb
bootstrap.memory_lock: true
reindex.remote.whitelist: "search:9200, 127.0.0.1:9200, elasticsearch:9200"
ingest.geoip.downloader.enabled: false
kibana.dockerfileFROM docker.elastic.co/kibana/kibana:8.14.1
COPY config /usr/share/kibana/config
EXPOSE 5601
kibana.ymlserver.host: "0.0.0.0"
elasticsearch.hosts: [ "https://elasticsearch:9200", "https://127.0.0.1:9200", "https://localhost:9200" ]
server.ssl.enabled: true
elasticsearch.ssl.certificateAuthorities: "./config/certs/ca/ca.crt"
server.ssl.certificate: "./config/certs/kibana.cer"
server.ssl.key: "./config/certs/kibana.key"
elasticsearch.username: "esadmin"
elasticsearch.password: "superhardespass"
docker-compose.ymlservices:
elasticsearch:
restart: unless-stopped
image: es_8.14.1:latest
container_name: es_8.14.1
volumes:
- ./esdata:/usr/share/elasticsearch/data
- ./elasticsearch/config/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
- ./certs/ca/ca.crt:/usr/share/elasticsearch/config/certs/ca.cer
- ./certs/es.key:/usr/share/elasticsearch/config/certs/es.key
- ./certs/es.crt:/usr/share/elasticsearch/config/certs/es.cer
environment:
- "ES_JAVA_OPTS=-Xms8192m -Xmx16384m"
hostname: elasticsearch
network_mode: host
ports:
- 9200:9200
- 9300:9300
kibana:
restart: unless-stopped
image: kib_8.14.1:latest
container_name: kib_8.14.1
volumes:
- ./certs/ca/ca.crt:/usr/share/kibana/config/certs/ca/ca.crt
- ./certs/es.crt:/usr/share/kibana/config/certs/kibana.cer
- ./certs/es.key:/usr/share/kibana/config/certs/kibana.key
- ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml
hostname: kibana
network_mode: host
ports:
- 5601:5601
docker 日志中的确切错误
kib_8.14.1 | [2024-09-04T08:31:18.059+00:00][INFO ][savedobjects-service] [.kibana_alerting_cases] CREATE_NEW_TARGET -> CREATE_NEW_TARGET. took: 2004ms.
kib_8.14.1 | [2024-09-04T08:31:18.060+00:00][ERROR][savedobjects-service] [.kibana_security_solution] Action failed with 'security_exception
kib_8.14.1 | Root causes:
kib_8.14.1 | security_exception: action [indices:admin/create] is unauthorized for user [esadmin] with effective roles [superuser] on restricted indices [.kibana_security_solution_8.14.1_001], this action is granted by the index privileges [create_index,manage,all]'. Retrying attempt 2 in 4 seconds.
新创建的
esadmin.kibana当前创建或使用现有内置用户来设置 kibana 的方法是什么?从官方 Elasticsearch 文档,
superuser其他建议涉及使用 ES 容器内部的交互式
bin/elasticsearch-setup-passwords interactive官方 Elasticsearch docker compose 文档显示有一个 ELASTIC_PASSWORD
环境变量,但从这个示例中我不明白这是用于什么用户帐户。内置的
elastic用户也没有足够的权限。通常,elastic 非常擅长记录此类事情,但我没有运气找到有关 es 7.x.x. 的此更改的任何文档。
注意;以下命令按预期工作,但是 kibana 显示
Kibana server is not ready yet.
❯ curl -k -u "esadmin:superhardespass" -X GET "https://localhost:9200/"
{
"name" : "elasticsearch",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "XahnC7lwTh6nkepy1tx5aw",
"version" : {
"number" : "8.14.1",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "93a57a1a76f556d8aee6a90d1a95b06187501310",
"build_date" : "2024-06-10T23:35:17.114581191Z",
"build_snapshot" : false,
"lucene_version" : "9.10.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
提前非常感谢
Kibana 需要连接到 Elasticsearch。请在您的 docker-compose 文件中添加依赖项。
services:
elasticsearch:
restart: unless-stopped
image: es_8.14.1:latest
container_name: es_8.14.1
volumes:
- ./esdata:/usr/share/elasticsearch/data
- ./elasticsearch/config/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
- ./certs/ca/ca.crt:/usr/share/elasticsearch/config/certs/ca.cer
- ./certs/es.key:/usr/share/elasticsearch/config/certs/es.key
- ./certs/es.crt:/usr/share/elasticsearch/config/certs/es.cer
environment:
- "ES_JAVA_OPTS=-Xms8192m -Xmx16384m"
hostname: elasticsearch
network_mode: host
ports:
- 9200:9200
- 9300:9300
kibana:
depends_on:
- elasticsearch
restart: unless-stopped
image: kib_8.14.1:latest
container_name: kib_8.14.1
volumes:
- ./certs/ca/ca.crt:/usr/share/kibana/config/certs/ca/ca.crt
- ./certs/es.crt:/usr/share/kibana/config/certs/kibana.cer
- ./certs/es.key:/usr/share/kibana/config/certs/kibana.key
- ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml
hostname: kibana
network_mode: host
ports:
- 5601:5601