增加安全机制
This commit is contained in:
parent
9386756928
commit
96ba39da3b
20
README.md
20
README.md
@ -10,6 +10,26 @@
|
|||||||
docker compose up -d
|
docker compose up -d
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### 安全问题
|
||||||
|
|
||||||
|
在`config/elasticsearch.yml`中已经配置了`xpack.security.enabled: true`,所以在首次启动容器后需要为elasticsearch中的各个账号设置密码:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
docker exec -it es bin/elasticsearch-setup-passwords interactive
|
||||||
|
```
|
||||||
|
|
||||||
|
接下来就可以按照提示分别为各个用户设置密码:
|
||||||
|
|
||||||
|
- elastic
|
||||||
|
- apm_system
|
||||||
|
- kibana
|
||||||
|
- kibana_system
|
||||||
|
- logstash_system
|
||||||
|
- beats_system
|
||||||
|
- remote_monitoring_user
|
||||||
|
|
||||||
|
密码生效后会写入`data`目录中,所在容器是可以`down`掉的。
|
||||||
|
|
||||||
## 问题
|
## 问题
|
||||||
|
|
||||||
如果服务启动失败,可能是文件夹文件问题,修改`config`目录和`data`目录的权限:
|
如果服务启动失败,可能是文件夹文件问题,修改`config`目录和`data`目录的权限:
|
||||||
|
|||||||
3
config/elasticsearch.yml
Normal file → Executable file
3
config/elasticsearch.yml
Normal file → Executable file
@ -1,2 +1,5 @@
|
|||||||
cluster.name: "docker-cluster"
|
cluster.name: "docker-cluster"
|
||||||
network.host: 0.0.0.0
|
network.host: 0.0.0.0
|
||||||
|
http.port: 9200
|
||||||
|
transport.port: 9300
|
||||||
|
xpack.security.enabled: true
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user