连接到ElasticSearch集群时Docker ELK堆栈的Search-guard插件出现问题

时间:2018-09-14 09:33:44

标签: elasticsearch elastic-stack elasticsearch-plugin

几分钟前,我克隆了search guard branch from here,我想尽一切办法README说了什么。

docker-compose up -d之后,所有服务均正常运行,但是elasticsearch_1每隔几秒钟记录一次错误:

  

elasticsearch_1 | [2018-09-14T08:59:49,614] [错误] [c.f.s.a.BackendRegistry]尚未初始化(您可能需要运行sgadmin)

之后,我运行docker-compose exec -T elasticsearch bin/init_sg.sh,输出:

Search Guard Admin v6
Will connect to localhost:9300 ... done
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by io.netty.util.internal.ReflectionUtil (file:/usr/share/elasticsearch/plugins/search-guard-6/netty-common-4.1.16.Final.jar) to constructor java.nio.DirectByteBuffer(long,int)
WARNING: Please consider reporting this to the maintainers of io.netty.util.internal.ReflectionUtil
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
Elasticsearch Version: 6.3.2
Search Guard Version: 6.3.2-23.0
Connected as CN=kirk,OU=client,O=client,L=Test,C=DE
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
    ERR: Timed out while waiting for a green or yellow cluster state.
    * Try running sgadmin.sh with -icl (but no -cl) and -nhnv (If that works you need to check your clustername as well as hostnames in your TLS certificates)
    * Make also sure that your keystore or PEM certificate is a client certificate (not a node certificate) and configured properly in elasticsearch.yml
    * If this is not working, try running sgadmin.sh with --diagnose and see diagnose trace log file)
    * Add --accept-red-cluster to allow sgadmin to operate on a red cluster.

我想sgadmin无法连接到elasticsearch集群,但是我想了一切自述文件。

任何建议如何解决此问题? 感谢您的回答。

1 个答案:

答案 0 :(得分:1)

我已经解决了这个问题。您的产品运转良好。我在索引获胜Kibana上出现了错误,该索引使sgadmin处于红色状态-从未变为黄色。

如果要在不等待黄色状态的情况下将elasticsearch cluster--accept-red-cluster连接,请在init_sg.sh脚本中使用以下行: #!/bin/sh plugins/search-guard-6/tools/sgadmin.sh \ -cd config/sg/ \ -ts config/sg/truststore.jks \ -ks config/sg/kirk-keystore.jks \ -nhnv \ -icl \ --accept-red-cluster 

argv[1][2]

然后一切正常,Kibana会向您显示为什么您具有红色状态-在我的情况下是kibana索引问题。

相关问题
最新问题