Open Distro for Elasticsearch是AWS开源版本的ELK架构,原来Elasticsearch中部分需要付费的功能可以免费使用(如Alert),对于我等追求开(mian)源(fei)的大(diao)众(si)用户来说,确实是一个不错的选择。
按照其安装步骤安装好后可以使用默认密码admin:admin登录,但修改这个默认密码却不容易,翻遍全网,汇总如下,供有需要的同学参考:
第一步:生成新的Admin密码Hash
#Create Hashes for Your admin
sudo chmod +x /usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh
/bin/bash -c /usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh
7-mDj5=
$2y$12$tOoM6Wz.elENbw23EZfqL.CSrd7giB/5yKQQ0YWq8ZSwfXJPBEq8m
第二步:将上一步生成的密码Hash记录下来,编辑internal_users.yml(编辑前请备份)
#Create a Local, Modified Copy of internal_users.yml, then replace with the new admin hash
cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/
sudo cp internal_users.yml internal_users.yml.backup
sudo vim internal_users.yml
第三步:执行命令让elasticsearch更新密码
#to reflect the changes, run below commands,
#https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/security-admin/
cd /usr/share/elasticsearch/plugins/opendistro_security/tools/
sudo bash ./securityadmin.sh -cd ../securityconfig/ -icl -nhnv -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/kirk.pem -key /etc/elasticsearch/kirk-key.pem
以前三步完成就可以使用新的密码登录Kibana了,API调用也可以使用新密码进行认证了,用原密码再认证会提示Unauthorized.
最后一步执行成功后会输出如下内容
WARNING: JAVA_HOME not set, will use /usr/bin/java
Open Distro Security Admin v7
Will connect to localhost:9300 ... done
Connected as CN=kirk,OU=client,O=client,L=test,C=de
Elasticsearch Version: 7.3.2
Open Distro Security Version: 1.3.0.0
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
Clustername: 8zcl5szk
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
Will update '_doc/config' with ../securityconfig/config.yml
SUCC: Configuration for 'config' created or updated
Will update '_doc/roles' with ../securityconfig/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '_doc/rolesmapping' with ../securityconfig/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '_doc/internalusers' with ../securityconfig/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '_doc/actiongroups' with ../securityconfig/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '_doc/tenants' with ../securityconfig/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Done with success