部署了docker、ansible和身份验证的Elasticsearch群集
这将是一个奇怪的帖子,它是多么的基本,但我被卡住了。我已将此docker compose文件转换为一个ansible作业,用于启动集群:部署了docker、ansible和身份验证的Elasticsearch群集,docker,authentication,
elasticsearch,Docker,Authentication,
elasticsearch,这将是一个奇怪的帖子,它是多么的基本,但我被卡住了。我已将此docker compose文件转换为一个ansible作业,用于启动集群: version: '2.2' services: es01: image: docker.elastic.co/elasticsearch/elasticsearch:7.9.2 container_name: es01 environment: - node.name=es01 - cluster.name
version: '2.2'
services:
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.9.2
container_name: es01
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es02,es03
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- data01:/usr/share/elasticsearch/data
ports:
- 9200:9200
networks:
- elastic
es02:
image: docker.elastic.co/elasticsearch/elasticsearch:7.9.2
container_name: es02
environment:
- node.name=es02
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es01,es03
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- data02:/usr/share/elasticsearch/data
networks:
- elastic
es03:
image: docker.elastic.co/elasticsearch/elasticsearch:7.9.2
container_name: es03
environment:
- node.name=es03
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es01,es02
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- data03:/usr/share/elasticsearch/data
networks:
- elastic
volumes:
data01:
driver: local
data02:
driver: local
data03:
driver: local
networks:
elastic:
driver: bridge
问题是,当我向集群添加安全性时,集群返回一个master\u not\u discovered\u异常。我在es01中添加的所有额外内容都是xpack.security.enabled:true
,ELASTIC\u密码:“PASSWORD”
和xpack.security.transport.ssl.enabled:true
知道从这里到哪里去吗?添加
xpack.security.transport.ssl.enabled: true
要求您首先生成证书并将其添加到服务中,以便加密节点间通信。有几个步骤要做:
xpack.security.http.ssl.enabled: true
这是为你而做的。实现此功能的过程与前一个过程非常相似,并包含在上述文档中。您可以共享elasticsearch日志吗?