ES7.9部署集群时用了3个专用master节点,xpack配置如下
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
在bin/elasticsearch-setup-passwords interactive 设置密码时报错ERROR: Failed to set password for user [apm_system].
排查发现设置密码时生成.security-7索引,必须放在data节点才生效
把master节点和data混部就解决了,那有没有办法保留全部专用master也能配置成功xpack加密呢?
尝试了新增data节点,由于xpack.security.transport.ssl.enabled: true配置要加密才能通信
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
在bin/elasticsearch-setup-passwords interactive 设置密码时报错ERROR: Failed to set password for user [apm_system].
排查发现设置密码时生成.security-7索引,必须放在data节点才生效
把master节点和data混部就解决了,那有没有办法保留全部专用master也能配置成功xpack加密呢?
尝试了新增data节点,由于xpack.security.transport.ssl.enabled: true配置要加密才能通信
2 个回复
Charele - Cisco4321
赞同来自:
难道你3台纯master(角色)搞一个集群,有何意义?
maconZou
赞同来自: