ES ./elasticsearch-setup-passwords

在尝试向集群添加ES节点并设置密码后遇到启动问题,错误提示为无法验证用户'elastic'。通过禁用xpack安全,删除.security-7索引,重新启用xpack并设置密码,解决了ES启动问题。然而,这导致Kibana启动失败,删除.kibana索引和数据节点后问题仍未解决。最终,通过删除数据节点解决问题。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

今天手欠 本来想往集群中添加一台ES,配置好后,手欠有运行了一次 setup password 然后 ES启动不来了 错误

Failed to authenticate user 'elastic' against http://172.16.xxx.xxx:9200/_security/_authenticate?pretty
Possible causes include:
 * The password for the 'elastic' user has already been changed on this cluster
 * Your elasticsearch node is running against a different keystore
   This tool used the keystore at /usr/local/elasticsearch-7.2.0/config/elasticsearch.keystore

ERROR: Failed to verify bootstrap password

参考 https://blog.youkuaiyun.com/weixin_43210350/article/details/109775605 是可以的

我的步骤是: 

1. 先将 xpack disable掉

xpack.security.enabled: true
xpack.security.authc.api_key.enabled: true

在elasticsearch.yml中将这两个值改成false

2. 这样重启ES后 可以进入 index查看  .security-7 删除这个index 

curl XDELETE 'http://localhost:9200/.security-7'

3. 将xpack enable后 重启ES

4. 再次运行 setup password ,密码会更新 这样重新生成新的密码

后来启动kibana时出现如下错误:

 

将.kibana 的三个index删除后 重启kibana 发现还有错误 

查询集群状态 发现是RED

 于是查看indices情况,删除RED的Indices 

 重启kibana 依然不行 

最后 删除nodes数据节点   ES101/data$ rm -rf nodes/

OK

[elk@master bin]$ ./elasticsearch-setup-passwords auto warning: ignoring JAVA_HOME=/opt/jdk/; using bundled JDK Connection failure to: http://192.168.241.150:9200/_security/_authenticate?pretty failed: 拒绝连接 ERROR: Failed to connect to elasticsearch at http://192.168.241.150:9200/_security/_authenticate?pretty. Is the URL correct and elasticsearch running?, with exit code 78 [1]+ 退出 1 nohup ./elasticsearch > /home/elasticsearch/log/elk2.log 2> 1 025-03-17T11:40:18,491][ERROR][o.e.b.Elasticsearch ] [dsports-node-1] fatal exception while booting Elasticsearch org.elasticsearch.ElasticsearchSecurityException: invalid SSL configuration for xpack.security.transport.ssl - server ssl configuration requires a key and certificate, but these have not been configured; you must set either [xpack.security.transport.ssl.keystore.path], or both [xpack.security.transport.ssl.key] and [xpack.security.transport.ssl.certificate] at org.elasticsearch.xcore@8.17.3/org.elasticsearch.xpack.core.ssl.SSLService.throwExceptionForMissingKeyMaterial(SSLService.java:686) at org.elasticsearch.xcore@8.17.3/org.elasticsearch.xpack.core.ssl.SSLService.validateServerConfiguration(SSLService.java:642) at org.elasticsearch.xcore@8.17.3/org.elasticsearch.xpack.core.ssl.SSLService.loadSslConfigurations(SSLService.java:627) at org.elasticsearch.xcore@8.17.3/org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:160) at org.elasticsearch.xcore@8.17.3/org.elasticsearch.xpack.core.XPackPlugin.createSSLService(XPackPlugin.java:496) at org.elasticsearch.xcore@8.17.3/org.elasticsearch.xpack.core.XPackPlugin.createComponents(XPackPlugin.java:325) at org.elasticsearch.server@8.17.3/org.elasticsearch.node.NodeConstruction.lambda$construct$16(NodeConstruction.java:894) at org.elasticsearch.server@8.17.3/org.elasticsearch.plugins.PluginsService.lambda$flatMap$1(PluginsService.java:254) at java.base/java.util.stream.ReferencePipeline$7$1FlatMap.accept(ReferencePipeline.jav
03-18
[2024-10-31T10:31:39,770][CRITICAL][o.e.d.x.s.s.SecurityStatusChangeListener] [node-1] [] The default behavior of disabling security on basic licenses is deprecated. In a later version of Elasticsearch, the value of [xpack.security.enabled] will default to "true" , regardless of the license level. See https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-minimal-setup.html to enable security, or explicitly disable security by setting [xpack.security.enabled] to false in elasticsearch.yml [2024-10-31T10:40:01,498][CRITICAL][o.e.d.a.s.IndicesOptions ] [node-1] [] [ignore_throttled] parameter is deprecated because frozen indices have been deprecated. Consider cold or frozen tiers in place of frozen indices. [2024-11-06T16:16:20,722][CRITICAL][o.e.d.a.s.IndicesOptions ] [node-1] [] [ignore_throttled] parameter is deprecated because frozen indices have been deprecated. Consider cold or frozen tiers in place of frozen indices. [2024-11-06T16:16:21,380][CRITICAL][o.e.d.x.s.s.SecurityStatusChangeListener] [node-1] [] The default behavior of disabling security on basic licenses is deprecated. In a later version of Elasticsearch, the value of [xpack.security.enabled] will default to "true" , regardless of the license level. See https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-minimal-setup.html to enable security, or explicitly disable security by setting [xpack.security.enabled] to false in elasticsearch.yml [2024-11-07T15:55:17,960][CRITICAL][o.e.d.x.s.s.SecurityStatusChangeListener] [node-1] [] The default behavior of disabling security on basic licenses is deprecated. In a later version of Elasticsearch, the value of [xpack.security.enabled] will default to "true" , regardless of the license level. See https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-minimal-setup.html to enable security, or explicitly disable security by setting [xpack.security.enabled] to false in elasticsearch.yml [2024-11-07T16:03:02,685][CRITICAL][o.e.d.a.s.IndicesOptions ] [node-1] [] [ignore_throttled] parameter is deprecated because frozen indices have been deprecated. Consider cold or frozen tiers in place of frozen indices. [2024-11-07T16:52:31,986][CRITICAL][o.e.d.x.s.s.SecurityStatusChangeListener] [node-1] [] The default behavior of disabling security on basic licenses is deprecated. In a later version of Elasticsearch, the value of [xpack.security.enabled] will default to "true" , regardless of the license level. See https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-minimal-setup.html to enable security, or explicitly disable security by setting [xpack.security.enabled] to false in elasticsearch.yml。这个是什么报错日志?和pds_dacfga_egebpl这个索引,ES的索引p经常变成UNASSIGNED未分配状态有没有什么关系?
03-29
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值