我有2个节点ELK群集配置了Shield插件,即LDAP集成。 群集状态显示黄色。当我使用curl运行cluster status / health命令时,我看不到两个节点,只看到该节点的结果。即数据节点的数量为1
elasticsearch.yml节点 - 1
cluster.name: TestELKCluster
node.name: ${HOSTNAME}
network.host: [_eth0_,_local_]
index.number_of_shards: 2
index.number_of_replicas: 1
shield:
authc:
realms:
ldap1:
type: ldap
order: 0
url: "ldaps://abc.xyz.com:636"
user_search:
base_dn: "c=in, ou=abc, o=xyz.com"
attribute: mail
group_search:
base_dn: "c=in, ou=abc, o=xyz.com"
files:
role_mapping: "/etc/elasticsearch/shield/role_mapping.yml"
unmapped_groups_as_roles: false
user_search.pool.health_check.enabled: false
shield.audit.enabled: true
node.master: true
node.data: true
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["otherELKnodeIP"]
节点2
cluster.name: TestELKCluster
node.name: ${HOSTNAME}
network.host: [_eth1_,_local_]
shield:
authc:
realms:
ldap1:
type: ldap
order: 0
url: "ldaps://abc.xyz.com:636"
user_search:
base_dn: "c=in, ou=abc, o=xyz.com"
attribute: mail
group_search:
base_dn: "c=in, ou=abc, o=xyz.com"
files:
role_mapping: "/etc/elasticsearch/shield/role_mapping.yml"
unmapped_groups_as_roles: false
user_search.pool.health_check.enabled: false
shield.audit.enabled: true
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["otherELKnodeIP"]
答案 0 :(得分:0)
我可以通过从主服务器删除系统密钥来解决此问题。我们没有使用部落节点,但不知怎的,我在ELK主节点上生成了系统密钥,这是罪魁祸首。
此致 维诺德