Shulou(Shulou.com)06/03 Report--

Introduction to Elasticsearch

Elasticsearch is a Lucene-based search server. It provides a full-text search engine with distributed multi-user capability, based on RESTful web interface. Developed in the Apache language and released as open source under the Apache license terms, Java is a popular enterprise search engine. Elasticsearch used in cloud computing, can achieve real-time search, stable, reliable, fast, easy to install and use.

Introduction to Open Distro for Elasticsearch

Open Distro for Elasticsearch is an open source version of AWS's ELK architecture. Some of the paid features in Elasticsearch can be used free of charge (such as Alert), which is indeed a good choice for our diao users who pursue mian fei.

After following the installation steps, you can log in with the default password admin:admin, but it is not easy to modify this default password. Search the whole network and summarize it as follows for reference by students in need:

Step 1: generate a new Admin password Hash

# Create Hashes for Your admin

Sudo chmod + x / usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh

/ bin/bash-c / usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh

7murmDj5 =

$2y$12 $tOoM6Wz.elENbw23EZfqL.CSrd7giB/5yKQQ0YWq8ZSwfXJPBEq8m

Step 2: record the password Hash generated in the previous step and edit the internal_users.yml (please back up before editing)

# Create a Local, Modified Copy of internal_users.yml, then replace with the new admin hash

Cd / usr/share/elasticsearch/plugins/opendistro_security/securityconfig/

Sudo cp internal_users.yml internal_users.yml.backup

Sudo vim internal_users.yml

Step 3: execute the command to ask elasticsearch to update the password

# to reflect the changes, run below commands

# https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/security-admin/

Cd / usr/share/elasticsearch/plugins/opendistro_security/tools/

Sudo bash. / securityadmin.sh-cd.. / securityconfig/-icl-nhnv-cacert / etc/elasticsearch/root-ca.pem-cert / etc/elasticsearch/kirk.pem-key / etc/elasticsearch/kirk-key.pem

After completing the previous three steps, you can log in to Kibana with the new password, and the API call can also use the new password for authentication. The original password re-authentication will prompt Unauthorized.

When the last step is executed successfully, the following content will be output

WARNING: JAVA_HOME not set, will use / usr/bin/java

Open Distro Security Admin v7

Will connect to localhost:9300... Done

Connected as CN=kirk,OU=client,O=client,L=test,C=de

Elasticsearch Version: 7.3.2

Open Distro Security Version: 1.3.0.0

Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate...

Clustername: 8zcl5szk

Clusterstate: YELLOW

Number of nodes: 1

Number of data nodes: 1

.opendistro _ security index already exists, so we do not need to create one.

Populate config from / usr/share/elasticsearch/plugins/opendistro_security/securityconfig

Will update'_ doc/config' with.. / securityconfig/config.yml

SUCC: Configuration for 'config' created or updated

Will update'_ doc/roles' with.. / securityconfig/roles.yml

SUCC: Configuration for 'roles' created or updated

Will update'_ doc/rolesmapping' with. / securityconfig/roles_mapping.yml

SUCC: Configuration for 'rolesmapping' created or updated

Will update'_ doc/internalusers' with. / securityconfig/internal_users.yml

SUCC: Configuration for 'internalusers' created or updated

Will update'_ doc/actiongroups' with. / securityconfig/action_groups.yml

SUCC: Configuration for 'actiongroups' created or updated

Will update'_ doc/tenants' with.. / securityconfig/tenants.yml

SUCC: Configuration for 'tenants' created or updated

Done with success

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.