elasticsearch配置各种问题解决(elastic search6.6.0)
相关工具包
链接: https://pan.baidu.com/s/1SpCCSzpMm57QL-5wqHSugA 提取码: soww
1.root用户启动错误
在该版本不允许elasticsearch以root形式启动
useradd elk
## 并将文件权限赋予给角色,避免后续xpack读取文件错误
chown -R elk:elk /usr/local/elasticsearch-6.6.0/
su elk
3.启动包内存不足
max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
1.在/etc/sysctl.conf文件最后添加一行
vim /etc/sysctl.conf
vm.max_map_count=262144
2.执行/立即生效
/sbin/sysctl -p
2.xpack配置密码出现错误(一定要按照顺序一步一步来)
1.解压
## 三个节点解压elasticsearch-6.6.0.tar.gz
tar -zxvf elasticsearch-6.6.0.tar.gz -C /usr/local/
2.修改配置文件:
vim elasticsearch-6.6.0/config/elasticsearch.yml
### elasticsearch.yml 配置
cluster.name: es_log_cluster
node.name: es-node-1 ## es-node-2 es-node-3 不同节点名称不同
path.data: /usr/local/elasticsearch-6.6.0/data ## es数据存放位置
path.logs: /usr/local/elasticsearch-6.6.0/logs ## es日志存放位置
bootstrap.memory_lock: true ## 锁内存,强制占用(类似oracle的锁内存)保证es启动正常
network.host: ip ## network.host不同节点IP对应 (对外发布IP,注意公网是私网ip)
############没有集群下面可以不配####################
## 防止脑裂配置
## 当新节点加入的时候,配置一个初始化主机列表用于节点发现.
## 默认的主机列表是 ["127.0.0.1", "[::1]"]
discovery.zen.ping.unicast.hosts: ["ip:9300", "ip:9300", "ip:9300"]
## 最小节点数,为了避免脑裂的发生,使用如下配置(数值为节点总数/2 + 1)
discovery.zen.minimum_master_nod成,才能开始进行集群初始化恢复动作
gateway.recover_after_nodes: 2
# 集群应该预期有几个节点(master或node都算)
gateway.expected_nodes: 3
### 等待凑齐预期节点时间,例如:先等凑够了3个节点,再等5分钟看看有没有凑齐5个节点
gateway.recover_after_time: 5m
# 禁止在一个操作系统启动多个节点
node.max_local_storage_nodes: 1
# 删除索引时,需要明确的名称
action.destructive_requires_name: true
# 防止同一个分片的主副本放在同一台机器上
cluster.routing.allocation.same_shard.host: true
3.生成elastic-stack-ca.p12,elastic-stack-ca.p12
#通过bin/elasticsearch-certutil ca生成elastic-stack-ca.p12
bin/elasticsearch-certutil ca
默认地址回车
输入自己的密码
#在bin/elasticsearch-certutil ca同时生成elastic-stack-ca.p12
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
输入刚刚的密码,最后生成elastic-stack-ca.p12密码不要写,直接回车 不然会报错xpack Caused by: java.io.IOException: keystore password was incorrect
将两个文件放入config下面
4.设置各组件连接密码
1.创建keystore
bin/elasticsearch-keystore create
2.开启xpack,在yml添加下面配置
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
3.重启es,开始启动trial license(30天试用)
启动成功
直接使用bin/elasticsearch-setup-passwords interactive
要开启试用
curl -H "Content-Type:application/json" -XPOST http://127.0.0.1:9200/_xpack/license/start_trial?acknowledge=true
再使用命令
bin/elasticsearch-setup-passwords interactive
4.将自己的密码文件配置在yml
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-6.6.0/config/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-6.6.0/config/elastic-stack-ca.p12
org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to load plugin class [org.elasticsearch.xpack.core.XPackPlugin]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:163) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-6.6.0.jar:6.6.0]
at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:116) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) ~[elasticsearch-6.6.0.jar:6.6.0]
Caused by: java.lang.IllegalStateException: failed to load plugin class [org.elasticsearch.xpack.core.XPackPlugin]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:608) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:550) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:465) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:157) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:337) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:265) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-6.6.0.jar:6.6.0]
... 6 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:?]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]
at java.lang.reflect.Constructor.newInstance(Constructor.java:422) ~[?:1.8.0_73]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:599) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:550) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:465) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:157) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:337) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:265) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-6.6.0.jar:6.6.0]
... 6 more
Caused by: org.elasticsearch.ElasticsearchException: failed to initialize a TrustManagerFactory
at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:61) ~[?:?]
at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:364) ~[?:?]
at java.util.HashMap.computeIfAbsent(HashMap.java:1118) ~[?:1.8.0_73]
at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:421) ~[?:?]
at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:96) ~[?:?]
at org.elasticsearch.xpack.core.XPackPlugin.<init>(XPackPlugin.java:144) ~[?:?]
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:?]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]
at java.lang.reflect.Constructor.newInstance(Constructor.java:422) ~[?:1.8.0_73]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:599) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:550) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:465) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:157) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:337) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:265) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-6.6.0.jar:6.6.0]
... 6 more
Caused by: java.io.IOException: keystore password was incorrect
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2015) ~[?:?]
at java.security.KeyStore.load(KeyStore.java:1445) ~[?:1.8.0_73]
at org.elasticsearch.xpack.core.ssl.TrustConfig.getStore(TrustConfig.java:89) ~[?:?]
at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:58) ~[?:?]
at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:364) ~[?:?]
at java.util.HashMap.computeIfAbsent(HashMap.java:1118) ~[?:1.8.0_73]
at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:421) ~[?:?]
at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:96) ~[?:?]
at org.elasticsearch.xpack.core.XPackPlugin.<init>(XPackPlugin.java:144) ~[?:?]
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:?]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]
at java.lang.reflect.Constructor.newInstance(Constructor.java:422) ~[?:1.8.0_73]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:599) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:550) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:465) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:157) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:337) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:265) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-6.6.0.jar:6.6.0]
... 6 more
Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2015) ~[?:?]
at java.security.KeyStore.load(KeyStore.java:1445) ~[?:1.8.0_73]
at org.elasticsearch.xpack.core.ssl.TrustConfig.getStore(TrustConfig.java:89) ~[?:?]
at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:58) ~[?:?]
at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:364) ~[?:?]
at java.util.HashMap.computeIfAbsent(HashMap.java:1118) ~[?:1.8.0_73]
at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:421) ~[?:?]
at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:96) ~[?:?]
at org.elasticsearch.xpack.core.XPackPlugin.<init>(XPackPlugin.java:144) ~[?:?]
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:?]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]
at java.lang.reflect.Constructor.newInstance(Constructor.java:422) ~[?:1.8.0_73]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:599) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:550) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:465) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:157) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:337) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.node.Node.<init>(Node.java:265) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:212) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-6.6.0.jar:6.6.0]
... 6 more
将配置改为
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/local/elasticsearch-6.6.0/config/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/local/elasticsearch-6.6.0/config/elastic-certificates.p12
直接访问
curl “http://127.0.0.1:9200”
配置密码访问
curl -u elastic:123456 "http://127.0.0.1:9200"
5.破解xpack
查看证书
curl -XGET -u elastic:123456 -H "Content-Type: application/json" -v "http://127.0.0.1:9200/_license"
一个月到期时间,将我修改好的x-pack-core-6.6.0.jar替换/usr/local/elasticsearch-6.6.0/modules/x-pack-core/x-pack-core-6.6.0.jar
主要替换了两个类
6.解压kibana
wget https://artifacts.elastic.co/downloads/kibana/kibana-6.6.0-linux-x86_64.tar.gz
tar -zxvf kibana-6.6.0-linux-x86_64.tar.gz -C /usr/local/
mv kibana-6.6.0-linux-x86_64/ kibana-6.6.0
7.进入kibana目录,修改配置文件
vim /usr/local/kibana-6.6.0/config/kibana.yml
8.修改配置如下:
server.host: “0.0.0.0”
server.name: “ip”
elasticsearch.hosts: [“http://ip:9200”]
elasticsearch.username: “elastic”
elasticsearch.password: “123456”
9.启动:
/usr/local/kibana-6.6.0/bin/kibana &
10.指定配置文件启动:
nohup /usr/local/kibana-6.6.0/bin/kibana -c /usr/local/kibana-6.6.0/config/kibana.yml > /dev/null 2>&1 &
11. 访问:
http://ip:5601/app/kibana (5601为kibana默认端口)
12. 申请license:
https://license.elastic.co/registration
修改申请的license, 注意license.json文件名称不能变否则认证失败
1.“type”:“basic” 替换为 “type”:“platinum” # 基础版变更为铂金版
2.“expiry_date_in_millis”:1561420799999 替换为 “expiry_date_in_millis”:3107746200000 # 1年变为50年
13. 启动elasticsearch服务 和 kibana服务
进入kibana后台,Management->License Management上传修改后的token
再次查看,修改成功