Search Guard 未初始化 (SG11)

【问题标题】:Search Guard not initialized (SG11)Search Guard 未初始化 (SG11)
【发布时间】:2020-08-19 20:27:35
【问题描述】:

我在 Kubernetes 集群上运行 Elasticsearch (floragunncom/sg-elasticsearch:7.1.1-oss-35.0.0)。

为了更改内部用户admin 的默认密码,我在plugins/search-guard-7/sgconfig/sg_internal_users.yml 文件中更新了admin 用户的hash。并让 Elasticsearch 使用更新后的文件进行引导。

$ kubectl exec -it -n demo master-topology-es-1 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.

[root@master-topology-es-1 elasticsearch]# cat plugins/search-guard-7/sgconfig/sg_internal_users.yml 
_sg_meta:
  type: "internalusers"
  config_version: 2
admin:
  hash: $2a$12$BqN5ov9wf2Xw5T5UKFJARuV.Top7/oKYQHfpBhIRVvKKSyy7XWxYm <--- here
...
...

通过几条WARN 消息,集群初始化。并且与更新的密码完美配合。

{"type": "server", "timestamp": "2020-08-19T19:44:53,727+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,728+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,731+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for config while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,731+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for roles while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,733+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for rolesmapping while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:44:53,736+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=null)"  }
{"type": "server", "timestamp": "2020-08-19T19:45:02,349+0000", "level": "INFO", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "Search Guard License Info: No license needed because enterprise modules are not enabled"  }
{"type": "server", "timestamp": "2020-08-19T19:45:02,349+0000", "level": "INFO", "component": "c.f.s.c.ConfigurationRepository", "cluster.name": "topology-es", "node.name": "data-topology-es-1", "cluster.uuid": "P7zRvRjUSnuMGMn9bYzqBg", "node.id": "4SigRNAnSc-A8EuAOnhvAQ",  "message": "Node 'data-topology-es-1' initialized"  }

但是当我尝试相同但自定义用户 plugins/search-guard-7/sgconfig/sg_internal_users.yml 以及其他内部用户时。

_sg_meta:
  type: "internalusers"
  config_version: 2
admin:
...
kibanaro:
...
logstash:
...
readall:
...
snapshotrestore:
...

readall_monitor: <---- here
  hash: $2a$12$jZ4VqN397eilnlofOJOIbOR/yvU4ooEzMlVHWJjhsPUwf8K1AcmTO
  search_guard_roles:
  - SGS_READALL_AND_MONITOR

这一次,WARM 消息永远不会结束。它不断重复相同的日志。

{"type": "server", "timestamp": "2020-08-19T19:10:18,303+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:18,304+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:18,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:26,301+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:26,302+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:26,318+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:34,303+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:34,304+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:34,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:42,305+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:42,306+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:42,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:50,308+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:50,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:50,316+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:58,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:58,309+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:10:58,314+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:06,311+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:06,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:06,316+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:14,311+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:14,312+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:14,321+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:22,313+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for internalusers while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:22,313+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for actiongroups while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }
{"type": "server", "timestamp": "2020-08-19T19:11:22,317+0000", "level": "WARN", "component": "c.f.s.c.ConfigurationLoaderSG7", "cluster.name": "topology-es", "node.name": "master-topology-es-0", "cluster.uuid": "GjLznJURQX2g8AsZ2PC45Q", "node.id": "z9XlpvozT9mf_hoJRR3jkA",  "message": "No data for tenants while retrieving configuration for [INTERNALUSERS, ACTIONGROUPS, CONFIG, ROLES, ROLESMAPPING, TENANTS]  (index=searchguard and type=_doc)"  }

因此,集群保持未初始化状态。

$ curl -XGET "https://localhost:9200/_cluster/health?pretty" -u "admin:x3xqurkg" --insecure
Search Guard not initialized (SG11). See https://docs.search-guard.com/latest/sgadmin
  • 如何处理那些WARN 日志?
  • 知道我遗漏了什么或如何调试此类问题吗?
  • 为什么日志中的索引类型从index=searchguard and type=nullindex=searchguard and type=_doc 不同?

【问题讨论】:

    标签: elasticsearch elasticsearch-plugin search-guard


    【解决方案1】:

    这可能不是您问题的完整解决方案,但可能会有所帮助。您如何在 K8s 上实际初始化 Search Guard?意思是,用用户、角色等初始化 Search Guard?

    Search Guard 不只是自动获取配置文件的内容并应用它们。由于 Elasticsearch 本质上是分布式的,因此这没有任何意义:您需要在所有节点上保持所有配置文件同步。

    相反,配置存储在受保护的配置索引中,这使得所有节点都可以使用相同的配置。填充此索引的方法是使用 sgadmin 命令行工具:

    https://docs.search-guard.com/latest/sgadmin

    还有一个选项可用于使用位于以下位置的文件的内容自动初始化配置索引:

    plugins/search-guard-7/sgconfig/

    为此,您需要在 elasticsearch.yml 中添加以下选项:

    searchguard.allow_default_init_sgindex: true

    这基本上是说:“如果配置索引不存在,则从 search-guard-7/sgconfig/ 文件夹中获取配置文件并自动应用它们”。

    从日志和“Search Guard 未初始化 (SG11)”消息来看,似乎不存在 Search Guard 配置索引。这反过来意味着您既没有使用 sgadmin 也没有使用“allow_default_init_sgindex”选项来创建它。

    更新: 您能否在启动时检查 Elastisearch 日志?你应该看到一个类似的序列;

    [INFO ][c.f.s.c.ConfigurationRepository] [...] Check if searchguard index exists ...
[INFO ][c.f.s.c.ConfigurationRepository] [...] searchguard index does not exist yet, so we create a default config
...
[...][INFO ][c.f.s.c.ConfigurationRepository] [...] Index searchguard created?: true
[...][INFO ][c.f.s.s.ConfigHelper     ] [...] Will update 'CONFIG' with /Users/.../Development/elasticsearch-7.8.0-demo/plugins/search-guard-7/sgconfig/sg_config.yml
[...][INFO ][o.e.c.m.MetadataMappingService] [...] [searchguard/bMIQYOOOTwepRuWDcxpBbg] create_mapping [_doc]
[...][INFO ][c.f.s.s.ConfigHelper     ] [...] Will update 'ROLES' with /Users/.../Development/elasticsearch-7.8.0-demo/plugins/search-guard-7/sgconfig/sg_roles.yml
[...][INFO ][o.e.c.m.MetadataMappingService] [...] [searchguard/bMIQYOOOTwepRuWDcxpBbg] update_mapping [_doc]
[...][INFO ][c.f.s.s.ConfigHelper     ] [...] Will update 'ROLESMAPPING' with /Users/.../Development/elasticsearch-7.8.0-demo/plugins/search-guard-7/sgconfig/sg_roles_mapping.yml
...
[...][INFO ][c.f.s.c.ConfigurationRepository] [...] Default config applied

    如果配置文件有问题,在此阶段应该会出现一些异常。你发现有什么例外吗?

    (免责声明:我为 Search Guard 工作)

    【讨论】:

    • 谢谢,伙计!你是 CTO :D 我确实在elasticsearch.yml 中使用了searchguard.allow_default_init_sgindex: true。否则它将无法与 admin 用户的自定义密码/哈希一起使用,对吗?但是当我在sg_internal_users.yml 文件中添加自定义内部用户时出现问题。
    • 我没有使用企业版的 searchguard。会不会是一个原因?
    • 不,这应该与社区版完美配合。
    • 我将此问题移至forum.search-guard.com/t/how-to-create-user-with-built-in-roles/…
    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2013-12-02
    • 1970-01-01
    • 2020-11-19
    • 1970-01-01
    • 2013-10-19
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode