如何将'spring boot 2.1 with elasticsearch 6.6'与群集节点'https'连接起来?

时间:2019-06-14 13:03:33

标签: java spring-boot elasticsearch spring-data-elasticsearch

我正在开发一个涉及模糊搜索的新项目,因此我正在使用弹簧靴(v2.1.5)进行Elasticsearch(v6.4.3)。我无法在Spring Boot与Elasticsearch之间建立连接,因为我必须将用户名,密码,ca_certificate_base64从Spring Boot传递至elasticsearch进行连接。您能否让我知道我该如何建立连接,哪种弹性搜索客户端是正确的选择?示例或链接会很有帮助。

在本地(我的笔记本电脑),我确实安装了elasticsearch 6和spring boot 2.1.5。因为不需要“ https”连接,所以我能够建立连接(使用spring数据),或者因为互联网上的大多数示例都谈论localhost:9200,所以我可以传递用户名和密码。

   public Client client() {
     Settings elasticsearchSettings = Settings.builder()
           .put("client.transport.sniff", true)
           .put("uri", "https://usertemp:ABCSAD@alp-usba-north-3-portal.11.db2lay.com:32117/")
           .put("uri_direct_1", "https://usertemp:ABCSAD@alp-usba-north-3-portal.11.db2lay.com:32117/")
           .put("cluster.name", clusterName).build();
      TransportClient client = new PreBuiltTransportClient(elasticsearchSettings);
}


I also tried to update application.properties file
'''
spring.data.elasticsearch.cluster-name=ee842f-93042
spring.data.elasticsearch.cluster-nodes=alp-usba-north-3-portal.11.db2lay.com:32117
spring.data.elasticsearch.properties.username=usertemp
spring.data.elasticsearch.properties.password=ABCSAD
spring.data.elasticsearch.properties.ca_certificate_base64=SUZJQ0FURS0tLS0tCk1JSURvekNDQW91Z0F3SUJBZ0lFWFA5Sjl6QU5CZ2

我期望与Spring Boot和elasticsearch建立联系。但是,启动应用程序服务器时出现错误。

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.elasticsearch.client.transport.TransportClient]: Factory method 'elasticsearchClient' threw exception; nested exception is java.lang.IllegalArgumentException: unknown setting [password] please check that any required plugins are installed, or check the breaking changes documentation for removed settings
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.1.7.RELEASE.jar:5.1.7.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:622) ~[spring-beans-5.1.7.RELEASE.jar:5.1.7.RELEASE]
    ... 96 common frames omitted
Caused by: java.lang.IllegalArgumentException: unknown setting [password] please check that any required plugins are installed, or check the breaking changes documentation for removed settings
    at org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:393) ~[elasticsearch-6.4.3.jar:6.4.3]

1 个答案:

答案 0 :(得分:0)

正如我在评论中已经提到的那样,我不知道IBM Compose for Elasticsearch如何精确地设置连接安全性。我针对这种情况的设置如下:

Elasticsearch

  • 我的计算机上运行的Elasticsearch 6.6.2
  • NGINX作为Elasticsearch的代理运行,具有
    • 已激活基本身份验证
    • 仅SSL
    • 需要SSL客户端证书

Maven和版本

为了能够通过HTTPS进行通信,您需要使用RestClient,它在3.2版本的Spring Data Elasticsearch中可用(当前在3.2.0.M4版本中可用)。 Spring Boot 2.1.5引入了Spring Data Elasticsearch 3.1.8,因此您需要覆盖该版本。您还需要指定Elasticsearch版本以匹配Spring Boot Data 3.2.0.M4,因此您的 pom.xml 需要以下条目:

<properties>
    <java.version>1.8</java.version>
    <elasticsearch.version>6.7.2</elasticsearch.version>
    <spring-data-elasticsearch>3.2.0.M4</spring-data-elasticsearch>
</properties>

<repositories>
    <repository>
        <id>spring-libs-snapshot</id>
        <name>Spring Snapshot Repository</name>
        <url>https://repo.spring.io/libs-milestones</url>
    </repository>
</repositories>

<dependencies>
    <dependency>
        <groupId>org.springframework.data</groupId>
        <artifactId>spring-data-elasticsearch</artifactId>
        <version>${spring-data-elasticsearch}</version>
    </dependency>
</dependencies>

Bean配置

在您的程序中,您可以使用AbstractElasticsearchConfiguration的实现为Spring Data Elasticsearch配置Bean:

@Configuration
public class RestClientConfig extends AbstractElasticsearchConfiguration {

    private static final Logger LOG = LoggerFactory.getLogger(RestClientConfig.class);

    private static final String CERT_FILE = "client.p12";
    private static final String CERT_PASSWORD = "topsecret";
    private static final String USER_NAME = "user";
    private static final String USER_PASS = "password";

    @Override
    public RestHighLevelClient elasticsearchClient() {
        HttpHeaders headers = new HttpHeaders();
        headers.setBasicAuth(USER_NAME, USER_PASS);

        final ClientConfiguration clientConfiguration = ClientConfiguration.builder()
                .connectedTo("localhost:443")  // set the address of the Elasticsearch cluster
                .usingSsl(createSSLContext())  // use the SSLContext with the client cert
                .withDefaultHeaders(headers)   // use the headers for authentication
                .build();

        return RestClients.create(clientConfiguration).rest();
    }

    private SSLContext createSSLContext() {
        try {
            SSLContext sslContext = SSLContext.getInstance("TLS");

            KeyManager[] keyManagers = getKeyManagers();

            sslContext.init(keyManagers, null, null);

            return sslContext;
        } catch (Exception e) {
            LOG.error("cannot create SSLContext", e);
        }
        return null;
    }

    private KeyManager[] getKeyManagers()
            throws KeyStoreException, NoSuchAlgorithmException, IOException, CertificateException, UnrecoverableKeyException {
        try (InputStream inputStream = getClass().getClassLoader().getResourceAsStream(CERT_FILE)) {
            KeyStore clientKeyStore = KeyStore.getInstance("PKCS12");
            clientKeyStore.load(inputStream, CERT_PASSWORD.toCharArray());

            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
            kmf.init(clientKeyStore, CERT_PASSWORD.toCharArray());
            return kmf.getKeyManagers();
        }
    }

    @Bean
    @Primary
    public ElasticsearchOperations elasticsearchTemplate() {
        return elasticsearchOperations();
    }
}

通过此设置,我可以使用ElasticsearchRestTemplateElasticsearchRepository在Elasticsearch集群上运行Spring Boot应用程序。

您可能需要调整getKeyManagers()方法中的代码,以匹配您从Compose获得的内容,但这应该为您提供一些起点。

相关问题
最新问题