ELK(5):安装x-pack

本文介绍如何安装和配置 Elasticsearch 的扩展包 X-Pack,包括密码设置、跨域配置等内容,确保集群的安全性和可监控性。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

简介

x-pack是elasticsearch的一个扩展包,将安全,警告,监视,图形和报告功能捆绑在一个易于安装的软件包中,虽然x-pack被设计为一个无缝的工作,但是你可以轻松的启用或者关闭一些功能。简单理解就是加密码,页面增加一些图形化监控。

安装

使用es和kibana里面的插件安装方式

Elasticsearh:bin/elasticsearch-plugin install x-pack
(es如果是一个集群,在每一个节点上安装)
Kibana:bin/kibana-plugin install x-pack

  • es:

这里写图片描述

自己初始化密码:123456

./bin/x-pack/setup-passwords interactive
这里写图片描述

  • kibana:
    这里写图片描述

修改配置

es:vim config/elasticsearch.yml ,启动x-pack验证.这里false等于没安装x-pack(默认就是开启的,如果要关就false)

xpack.security.enabled: true

kibana:vim ./config/kibana.yml ,增加你初始化的密码

elasticsearch.username: “elastic”
elasticsearch.password: “123456”

logstach:输出时设定帐号密码,不然无法登录es,这个具体配置下一篇讲,没有的可以先略过,暂时不收集日志。

在output增加用户、密码
output {
    elasticsearch {
       hosts => ["http://localhost:9200"]
       user => "elastic"
       password => "123456"
}

访问

启动es后访问9200,提示输入用户名密码。
输入后就可以看到json数据了。

安装x-pack后连不上elasticsearch-head

按照官方文档提示es配置增加跨域和验证

http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization

然而还是提示
这里写图片描述

后来百度可得,设置头部信息

改第三行为http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type

同时访问链接的要带上密码:

http://192.168.0.111:9100/?auth_user=elastic&auth_password=123456
这里写图片描述

使用Ansible自动化部署ELK(Elasticsearch、Logstash、Kibana)单机并添加X-Pack认证可以通过以下步骤实现: ### 1. 准备工作 确保你的控制节点(运行Ansible的机器)和目标节点(部署ELK的机器)已经安装并配置好SSH连接,并且目标节点上已经安装了Python。 ### 2. 安装Ansible 在你的控制节点上安装Ansible。你可以使用pip进行安装: ```bash pip install ansible ``` ### 3. 创建Ansible Playbook 创建一个YAML文件,例如`deploy_elk.yml`,并添加以下内容: ```yaml --- - name: Deploy ELK Stack with X-Pack hosts: elk_servers become: yes vars: elastic_version: 7.x kibana_version: 7.x logstash_version: 7.x xpack_security_enabled: true tasks: - name: Install Java apt: name: openjdk-11-jdk state: present - name: Import Elasticsearch GPG key apt_key: url: https://artifacts.elastic.co/GPG-KEY-elasticsearch state: present - name: Add Elasticsearch repository apt_repository: repo: "deb https://artifacts.elastic.co/packages/{{ elastic_version }}/apt stable main" state: present filename: 'elasticsearch' - name: Install Elasticsearch apt: name: elasticsearch={{ elastic_version }} state: present - name: Configure Elasticsearch template: src: templates/elasticsearch.yml.j2 dest: /etc/elasticsearch/elasticsearch.yml notify: - Restart Elasticsearch - name: Enable and start Elasticsearch systemd: name: elasticsearch enabled: yes state: started - name: Import Kibana GPG key apt_key: url: https://artifacts.elastic.co/GPG-KEY-elasticsearch state: present - name: Add Kibana repository apt_repository: repo: "deb https://artifacts.elastic.co/packages/{{ kibana_version }}/apt stable main" state: present filename: 'kibana' - name: Install Kibana apt: name: kibana={{ kibana_version }} state: present - name: Configure Kibana template: src: templates/kibana.yml.j2 dest: /etc/kibana/kibana.yml notify: - Restart Kibana - name: Enable and start Kibana systemd: name: kibana enabled: yes state: started - name: Import Logstash GPG key apt_key: url: https://artifacts.elastic.co/GPG-KEY-elasticsearch state: present - name: Add Logstash repository apt_repository: repo: "deb https://artifacts.elastic.co/packages/{{ logstash_version }}/apt stable main" state: present filename: 'logstash' - name: Install Logstash apt: name: logstash={{ logstash_version }} state: present - name: Configure Logstash template: src: templates/logstash.yml.j2 dest: /etc/logstash/logstash.yml notify: - Restart Logstash - name: Enable and start Logstash systemd: name: logstash enabled: yes state: started - name: Enable X-Pack Security lineinfile: path: /etc/{{ item }}/{{ item }}.yml regexp: '^xpack.security.enabled' line: 'xpack.security.enabled: true' with_items: - elasticsearch - kibana - logstash notify: - Restart Elasticsearch - Restart Kibana - Restart Logstash handlers: - name: Restart Elasticsearch systemd: name: elasticsearch state: restarted - name: Restart Kibana systemd: name: kibana state: restarted - name: Restart Logstash systemd: name: logstash state: restarted ``` ### 4. 创建模板文件 在`templates`目录下创建以下模板文件: - `elasticsearch.yml.j2` - `kibana.yml.j2` - `logstash.yml.j2` 根据你的需求配置这些文件。例如,`elasticsearch.yml.j2`可以包含以下内容: ```yaml cluster.name: my-cluster node.name: "{{ ansible_hostname }}" network.host: "{{ ansible_default_ipv4.address }}" http.port: 9200 discovery.seed_hosts: ["127.0.0.1"] cluster.initial_master_nodes: ["{{ ansible_hostname }}"] xpack.security.enabled: true ``` ### 5. 运行Ansible Playbook 在控制节点上运行以下命令来部署ELK并启用X-Pack认证: ```bash ansible-playbook -i hosts deploy_elk.yml ``` ### 6. 配置X-Pack认证 在部署完成后,你需要在Elasticsearch和Kibana中配置用户和密码。可以使用以下命令创建初始用户: ```bash /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive ``` ### 7. 配置Kibana 在`kibana.yml`中配置Elasticsearch的用户名和密码: ```yaml elasticsearch.username: "kibana_system" elasticsearch.password: "your_password" ``` ### 8. 重启服务 重启所有相关服务以应用配置更改: ```bash systemctl restart elasticsearch systemctl restart kibana systemctl restart logstash ``` 通过以上步骤,你就可以使用Ansible自动化部署ELK并添加X-Pack认证了。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值