前提:我的ElasticSearch版本为7.5.2,是支持密码管理的。对于不支持的es版本可能需求查看一下其他的配置方式。然后我的Java项目是基于Spring Boot 2.3.4版本进行构建的,基于yml修改elastic的配置无法自动注入生效,故进行了手动对es的客户端用户/密码属性进行了填充。
1.首先我们需要找到elasticsearch.yml文件,在里面添加如下命令并重启(重启后才会配置生效!):
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
elasticsearch.yml文件可以通过下面命令来进行查找。
[root@a435c8e49a52 elasticsearch]# find / -name elasticsearch.yml
/usr/share/elasticsearch/config/elasticsearch.yml
2.在elastic的安装目录/usr/share/elasticsearch执行如下命令,设置各类用户分别设置密码:
bin/elasticsearch-setup-passwords interactive
3.通过如下命令可以测试服务是否能够访问:
curl -H "Content-Type:application/json" -XPOST -u elastic
'http://{elastic_ip}:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'
4.配置Java客户端的调用: 最开始根据别人的如下配置,发现username/password并没有在ElasticSearch 的客户端启动过程中进行配置。所以通过如下Java配置类来帮他体面。手动注入!
spring:
elasticsearch:
rest:
read-timeout: 10s
uris:
username: elastic
password: password
Java配置类:
@Configuration
public class ElasticSearchConfig implements RestClientBuilderCustomizer {
private final ElasticsearchRestClientProperties properties;
public ElasticSearchConfig(ElasticsearchRestClientProperties properties) {
this.properties = properties;
}
@Override
public void customize(RestClientBuilder builder) {
builder.setHttpClientConfigCallback(httpBuildr ->httpBuildr.setKeepAliveStrategy((httpResponse, httpContext) -> 6000));
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY,new UsernamePasswordCredentials(properties.getUsername(), properties.getPassword()));
builder.setHttpClientConfigCallback(httpClientBuilder -> {
httpClientBuilder.setMaxConnTotal(5);
httpClientBuilder.setMaxConnPerRoute(1);
httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
return httpClientBuilder;
});
}
}
文章来源
发表评论