其他 UI 工具:cerebro
https://github.com/lmenezes/cerebro/releases
【1】環境准備
- CentOS7
- ElasticSearchv7.7.0
- Nodejs
es-head需要nodejs環境編譯,先看看機器中是否已經有nodejs環境,如果沒有的話我們先要安裝nodejs環境:
【1.1】node環境配置
nodjs官網:https://nodejs.org/en/download/
我下載的是:node-v14.16.1-linux-x64.tar.xz
wget https://nodejs.org/dist/v16.13.0/node-v16.13.0-linux-x64.tar.xz
#解壓 tar -xJf node-v14.16.1-linux-x64.tar.xz #換目錄 mv node-v14.16.1-linux-x64 /opt/app/ #環境變量配置 echo "export NODE_HOME=/opt/app/node-v14.16.1-linux-x64">>/etc/profile
source /etc/profile
echo "export PATH=${PATH}:${NODE_HOME}/bin">>/etc/profile
source /etc/profile
測試:
【1.2】es-head插件
(1)下載
地址:https://github.com/mobz/elasticsearch-head
可使用git命令在線下載,或者下載zip包之后,離線安裝都可以。
使用git命令下載:
git clone https://github.com/mobz/elasticsearch-head.git
下載zip包並解壓:
https://github.com/mobz/elasticsearch-head/archive/master.zip
unzip elasticsearch-head-master.zip
cd elasticsearch-head-master/
npm install
(2)如果報錯
則重新單獨裝一下這個:
npm install phantomjs-prebuilt@2.1.16 --ignore-scripts
如下圖就成了
(3)啟動驗證
前提:ES配置文件中有參數
http.cors.enabled: true http.cors.allow-origin: "*"
修改完ES配置重啟ES后,在es-head目錄下使用下面的命令啟動es-head:
npm run start
登錄驗證:IP+9100端口
【2】 ES配置密碼
【2.1】修改配置文件:加載插件
http.cors.enabled: true http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
xpack.security.enabled: true #核心是這2個參數,如果設置了這一行參數,下面那行也必須加上
xpack.security.transport.ssl.enabled: true
重啟ES生效
sudo -u elk nohup $ES_HOME/bin/elasticsearch >> $ES_HOME/output.log 2>&1 &
【2.2】配置ES:創建用戶
cd $ES_HOME
bin/elasticsearch-setup-passwords interactive
交互界面:
[root@node01 elasticsearch-7.7.0]# bin/elasticsearch-setup-passwords interactive future versions of Elasticsearch will require Java 11; your Java version from [/opt/app/jdk1.8.0_181/jre] does not meet this requirement Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: Reenter password for [elastic]: Enter password for [apm_system]: Reenter password for [apm_system]: Enter password for [kibana]: Reenter password for [kibana]: Enter password for [logstash_system]: Reenter password for [logstash_system]: Enter password for [beats_system]: Reenter password for [beats_system]: Enter password for [remote_monitoring_user]: Reenter password for [remote_monitoring_user]: Changed password for user [apm_system] Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [remote_monitoring_user] Changed password for user [elastic]
【2.3】驗證
ES需要密碼了;
【2.4】使用curl命令訪問帶有安全認證的ES
curl --user elastic:123456 -X GET http://uathd02:9200/noah/_doc/1?pretty
【3】整合
【3.1】kibana整合修改,用密碼
修改Kibana配置
vim /opt/app/kibana-7.7.0-linux-x86_64/config/kibana.yml elasticsearch.username: "kibana" elasticsearch.password: "123456"
重啟kibana 生效
sudo -u elk nohup $KB_HOME/bin/kibana > $KB_HOME/output.log 2>&1 &
驗證:
可以用它做用戶管理
【3.2】es-head使用密碼訪問ES
前面我們介紹過,推薦大家的ES開啟安全認證,那么es-head怎么訪問開啟了XPACK安全認證的ES集群呢? 把集群修改其中一項配置然后重啟ES集群:
vim $ES_HOME/config/elasticsearch.yml
http.cors.enabled: true http.cors.allow-origin: "*" #http.cors.allow-headers: Authorization #這個配置改為下面的 http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type xpack.security.enabled: true xpack.security.transport.ssl.enabled: true
http://wykd:9100/?auth_user=elastic&auth_password=123456
