我在尝试着使用 Helm 安装 Elasticsearch https://github.com/elastic/helm-charts/tree/7.x/elasticsearch#how-to-deploy-clusters-with-security-authentication-and-tls-enabled使用 3 节点设置(2 个主节点、1 个副本节点)。但我无法让它发挥作用
这是我的配置文件值.yml:
clusterName: "my-cluster"
nodeGroup: "master"
roles:
master: "true"
ingest: "true"
data: "true"
esJavaOpts: "-Xmx1024m -Xms1024m"
resources:
requests:
cpu: "100m"
memory: "1024M"
limits:
cpu: "1000m"
memory: "1500M"
volumeClaimTemplate:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 10G
protocol: https
esConfig:
elasticsearch.yml: |
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.authc.anonymous.username: anonymous_user
xpack.security.authc.anonymous.roles: my_anonymous_user
xpack.security.authc.anonymous.authz_exception: true
roles.yml: |
my_anonymous_user:
indices:
- names: [ 'my_index' ]
privileges: [ 'read' ]
my_text_file.txt: |
extraEnvs:
- name: ELASTIC_USERNAME
valueFrom:
secretKeyRef:
name: elastic-credentials
key: username
- name: ELASTIC_PASSWORD
valueFrom:
secretKeyRef:
name: elastic-credentials
key: password
secretMounts:
- name: elastic-certificates
secretName: elastic-certificates
path: /usr/share/elasticsearch/config/certs
我用下面的头盔命令 https://github.com/elastic/helm-charts/tree/7.x/elasticsearch#how-to-deploy-clusters-with-security-authentication-and-tls-enabled安装图表:
helm repo add elastic https://helm.elastic.co
helm install -f values.yml elasticsearch --version 7.13 elastic/elasticsearch
我怎样才能使它与 3 个节点一起工作以及我怎样才能创建有效的生产证书 https://www.elastic.co/guide/en/elasticsearch/reference/7.16/security-basic-setup.html#generate-certificates对于他们每个人?
None
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)