字节流的博客

禁用 Elasticsearch 安全组件

升级 Elasticsearch,下载了 5.2.2 版的 Docker 镜。安装启动容器后,一般来说,curl localhost:9200 一下,能看到如下的响应,就是表明安装成功了:

1
2
3
4
5
6
7
8
9
10
11
12
13
{
"name" : "smoker.cc",
"cluster_name" : "logging-prod",
"cluster_uuid" : "********",
"version" : {
"number" : "5.2.2",
"build_hash" : "f9d9b74",
"build_date" : "2017-02-24T17:26:45.835Z",
"build_snapshot" : false,
"lucene_version" : "6.4.1"
},
"tagline" : "You Know, for Search"
}

没想到这次却出问题了,有如下输出:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "missing authentication token for REST request [/]",
"header": {
"WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],
"type": "security_exception",
"reason": "missing authentication token for REST request [/]",
"header": {
"WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
}
},
"status": 401
}

嗯,是安全类型异常 security_exception,REST 请求中没有 WWW-Authenticate 请求头,认证失败,也就是说,默认需要密码了。

官网描述如下:

X-Pack is preinstalled in this image. Please take a few minutes to familiarize yourself with X-Pack Security and how to change default passwords. The default password for the elastic user is changeme.

X-Pack includes a trial license for 30 days. After that, you can obtain one of the available subscriptions or disable Security. The Basic license is free and includes the Monitoring extension.

5.0.0 及以上版本 Elasticsearch 中默认预安装使用了 X-Pack 组件,可以 30 天免费试用,过期之后,基础的功能和监视扩展组件可以继续免费试用。具体可查看官方文档介绍:X-Pack for the Elastic Stack

那如何取消禁用 X-Pack 插件呢?

elasticsearch.yml 中添加如下配置:

1
xpack.security.enabled: false

并重启 Elasticsearch 服务即可。

Thanks! 😊