elasticsearch - 为什么我的 Elastic Enterprise 搜索配置不起作用？

问题描述

我正在尝试部署Elastic Enterprise Search，因为它作为标准许可证的一部分是免费的。对于我的生活，我无法让服务看到我们的 Elasticsearch 集群，我不知道为什么。

我有一个如下所示的配置文件：

elasticsearch.ssl.enabled: true
elasticsearch.ssl.verify: false

ent_search.auth.source: standard

secret_management.encryption_keys: [secret]

allow_es_settings_modification: true

elasticsearch.host: https://monitoring.internal
elasticsearch.username: elastic
elasticsearch.password: secret

当我分别尝试使用curl从我尝试运行服务的服务器访问资源时，它工作得很好：

$ curl --user elastic:secret https://monitoring.internal -k
{
  "name" : "monitoring-es-client-0",
  "cluster_name" : "monitoring",
  "cluster_uuid" : "XXX",
  "version" : {
    "number" : "7.9.0",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "a479a2a7fce0389512d6a9361301708b92dff667",
    "build_date" : "2020-08-11T21:36:48.204330Z",
    "build_snapshot" : false,
    "lucene_version" : "8.6.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

但是，当我尝试运行 Enterprise Search 服务时，它无法完全启动并显示无用的错误消息：

[2020-09-16T20:25:21.546+00:00][42859][2002][app-server][INFO]: Failed to connect to Elasticsearch backend. Make sure it is running.

诊断报告功能也没有多大帮助：

$ sudo bin/enterprise-search --diagnostic-report
Found java executable in PATH
Java version detected: 11.0.8 (major version: 11)
Enterprise Search is starting...
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.headius.backport9.modules.Modules (file:/usr/share/enterprise-search/lib/war/lib/jruby-core-9.2.9.0-complete.jar) to method sun.nio.ch.NativeThread.signal(long)
WARNING: Please consider reporting this to the maintainers of com.headius.backport9.modules.Modules
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
[2020-09-16T20:29:50.258+00:00][43020][2002][script][INFO]: Enterprise Search version=7.9.1, JRuby version=9.2.9.0, Ruby version=2.5.7, Rails version=4.2.11.3
[2020-09-16T20:29:51.158+00:00][43020][2002][script][INFO]: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[2020-09-16T20:29:51.160+00:00][43020][2002][script][ERROR]: 
--------------------------------------------------------------------------------

Error: Enterprise Search is unable to connect to Elasticsearch. Ensure a healthy Elasticsearch cluster is running at https://monitoring.internal for user elastic.

--------------------------------------------------------------------------------

我在配置文件中做错了什么？

标签： elasticsearchelastic-stack

我遇到了同样的错误。通过在 config/enterprise-search.yml 文件中启用以下设置，我能够让 Enterprise-search 与 elasticsearch 数据库对话。

我有一个 PKCS12 信任库并使用以下命令来提取我需要的文件：

openssl pkcs12 -in elasticsearch-certificates.p12 -out outfile.crt -nokeys
openssl pkcs12 -in elasticsearch-certificates.p12 -out outfile.key -nodes -nocerts
openssl pkcs12 -in elasticsearch-certificates.p12 -cacerts -nokeys -out ca.crt

我还对这些文件使用了 chown enterprise-search:enterprise-search 来衡量。

elasticsearch.ssl.enabled: true
elasticsearch.ssl.certificate: "/usr/share/enterprise-search/outfile.crt"
elasticsearch.ssl.certificate_authority: "/usr/share/enterprise-search/ca.crt"
elasticsearch.ssl.key: "/usr/share/enterprise-search/outfile.key"
elasticsearch.ssl.key_passphrase: [key password]
elasticsearch.ssl.verify: false

您还需要 SSL 证书才能加载 Enterprise Search 网站

ent_search.ssl.enabled: true
ent_search.ssl.keystore.path: "/home/<user>/http.p12"
ent_search.ssl.keystore.password: [password]

elasticsearch - 为什么我的 Elastic Enterprise 搜索配置不起作用？

问题描述

解决方案

推荐阅读