elasticsearch - 为什么我的 Elastic Enterprise 搜索配置不起作用?
问题描述
我正在尝试部署Elastic Enterprise Search,因为它作为标准许可证的一部分是免费的。对于我的生活,我无法让服务看到我们的 Elasticsearch 集群,我不知道为什么。
我有一个如下所示的配置文件:
elasticsearch.ssl.enabled: true
elasticsearch.ssl.verify: false
ent_search.auth.source: standard
secret_management.encryption_keys: [secret]
allow_es_settings_modification: true
elasticsearch.host: https://monitoring.internal
elasticsearch.username: elastic
elasticsearch.password: secret
当我分别尝试使用curl
从我尝试运行服务的服务器访问资源时,它工作得很好:
$ curl --user elastic:secret https://monitoring.internal -k
{
"name" : "monitoring-es-client-0",
"cluster_name" : "monitoring",
"cluster_uuid" : "XXX",
"version" : {
"number" : "7.9.0",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "a479a2a7fce0389512d6a9361301708b92dff667",
"build_date" : "2020-08-11T21:36:48.204330Z",
"build_snapshot" : false,
"lucene_version" : "8.6.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
但是,当我尝试运行 Enterprise Search 服务时,它无法完全启动并显示无用的错误消息:
[2020-09-16T20:25:21.546+00:00][42859][2002][app-server][INFO]: Failed to connect to Elasticsearch backend. Make sure it is running.
诊断报告功能也没有多大帮助:
$ sudo bin/enterprise-search --diagnostic-report
Found java executable in PATH
Java version detected: 11.0.8 (major version: 11)
Enterprise Search is starting...
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.headius.backport9.modules.Modules (file:/usr/share/enterprise-search/lib/war/lib/jruby-core-9.2.9.0-complete.jar) to method sun.nio.ch.NativeThread.signal(long)
WARNING: Please consider reporting this to the maintainers of com.headius.backport9.modules.Modules
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
[2020-09-16T20:29:50.258+00:00][43020][2002][script][INFO]: Enterprise Search version=7.9.1, JRuby version=9.2.9.0, Ruby version=2.5.7, Rails version=4.2.11.3
[2020-09-16T20:29:51.158+00:00][43020][2002][script][INFO]: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[2020-09-16T20:29:51.160+00:00][43020][2002][script][ERROR]:
--------------------------------------------------------------------------------
Error: Enterprise Search is unable to connect to Elasticsearch. Ensure a healthy Elasticsearch cluster is running at https://monitoring.internal for user elastic.
--------------------------------------------------------------------------------
我在配置文件中做错了什么?
解决方案
我遇到了同样的错误。通过在 config/enterprise-search.yml 文件中启用以下设置,我能够让 Enterprise-search 与 elasticsearch 数据库对话。
我有一个 PKCS12 信任库并使用以下命令来提取我需要的文件:
openssl pkcs12 -in elasticsearch-certificates.p12 -out outfile.crt -nokeys
openssl pkcs12 -in elasticsearch-certificates.p12 -out outfile.key -nodes -nocerts
openssl pkcs12 -in elasticsearch-certificates.p12 -cacerts -nokeys -out ca.crt
我还对这些文件使用了 chown enterprise-search:enterprise-search 来衡量。
elasticsearch.ssl.enabled: true
elasticsearch.ssl.certificate: "/usr/share/enterprise-search/outfile.crt"
elasticsearch.ssl.certificate_authority: "/usr/share/enterprise-search/ca.crt"
elasticsearch.ssl.key: "/usr/share/enterprise-search/outfile.key"
elasticsearch.ssl.key_passphrase: [key password]
elasticsearch.ssl.verify: false
您还需要 SSL 证书才能加载 Enterprise Search 网站
ent_search.ssl.enabled: true
ent_search.ssl.keystore.path: "/home/<user>/http.p12"
ent_search.ssl.keystore.password: [password]
推荐阅读
- java - 编辑 MP3 标签
- docker - 在不覆盖现有命令的情况下向 CMD 添加新命令
- php - Laravel插入或更新数组,多行
- php - 无法在 PHP 中运行 Mosquitto 命令
- nfs - /etc/fstab 中的 nfs 条目失败,但手动挂载有效
- python - Python中的字典循环有一些错误
- c# - 如何在asp.net中使用X.509证书做数字签名pdf文档?
- hibernate - java.lang.IllegalArgumentException:无法在 JpaRepository 中创建查询方法
- java - 关于netbeans 8.2中的菜单栏
- sql - 使用 SSIS 将 XML 标记移动到 Sql Server 中的表