带有Shield的Elasticsearch集群 - 节点未加入集群
问题描述:
我有2个节点ELK集群配置了Shield插件,即LDAP集成。 群集状态显示为黄色。当我使用curl运行群集状态/健康命令时,我没有看到两个节点,而只看到该节点的结果。即该数据的节点的作为1个带有Shield的Elasticsearch集群 - 节点未加入集群
elasticsearch.yml节点号 - 1
cluster.name: TestELKCluster
node.name: ${HOSTNAME}
network.host: [_eth0_,_local_]
index.number_of_shards: 2
index.number_of_replicas: 1
shield:
authc:
realms:
ldap1:
type: ldap
order: 0
url: "ldaps://abc.xyz.com:636"
user_search:
base_dn: "c=in, ou=abc, o=xyz.com"
attribute: mail
group_search:
base_dn: "c=in, ou=abc, o=xyz.com"
files:
role_mapping: "/etc/elasticsearch/shield/role_mapping.yml"
unmapped_groups_as_roles: false
user_search.pool.health_check.enabled: false
shield.audit.enabled: true
node.master: true
node.data: true
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["otherELKnodeIP"]
节点2
cluster.name: TestELKCluster
node.name: ${HOSTNAME}
network.host: [_eth1_,_local_]
shield:
authc:
realms:
ldap1:
type: ldap
order: 0
url: "ldaps://abc.xyz.com:636"
user_search:
base_dn: "c=in, ou=abc, o=xyz.com"
attribute: mail
group_search:
base_dn: "c=in, ou=abc, o=xyz.com"
files:
role_mapping: "/etc/elasticsearch/shield/role_mapping.yml"
unmapped_groups_as_roles: false
user_search.pool.health_check.enabled: false
shield.audit.enabled: true
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["otherELKnodeIP"]
答
我可以通过删除从主服务器的系统密钥解决此问题。我们没有使用部落节点,但不知何故,我在ELK主节点上生成了系统密钥,这是罪魁祸首。
Regards, Vinod