[英]Elasticsearch cluster with Shield - Node not joining to cluster
I have 2 node ELK cluster configured with Shield plugin ie LDAP integrated. 我有2个节点的ELK集群配置了Shield插件,即LDAP集成。 Cluster status says yellow. 群集状态显示黄色。 When I run cluster status/health command using curl , I do not see both nodes but only result of that node. 当我使用curl运行集群状态/运行状况命令时,我看不到两个节点,而只能看到该节点的结果。 ie The number of data nodes as 1 即数据节点数为1
elasticsearch.yml Node - 1 elasticsearch.yml节点-1
cluster.name: TestELKCluster
node.name: ${HOSTNAME}
network.host: [_eth0_,_local_]
index.number_of_shards: 2
index.number_of_replicas: 1
shield:
authc:
realms:
ldap1:
type: ldap
order: 0
url: "ldaps://abc.xyz.com:636"
user_search:
base_dn: "c=in, ou=abc, o=xyz.com"
attribute: mail
group_search:
base_dn: "c=in, ou=abc, o=xyz.com"
files:
role_mapping: "/etc/elasticsearch/shield/role_mapping.yml"
unmapped_groups_as_roles: false
user_search.pool.health_check.enabled: false
shield.audit.enabled: true
node.master: true
node.data: true
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["otherELKnodeIP"]
Node-2 节点2
cluster.name: TestELKCluster
node.name: ${HOSTNAME}
network.host: [_eth1_,_local_]
shield:
authc:
realms:
ldap1:
type: ldap
order: 0
url: "ldaps://abc.xyz.com:636"
user_search:
base_dn: "c=in, ou=abc, o=xyz.com"
attribute: mail
group_search:
base_dn: "c=in, ou=abc, o=xyz.com"
files:
role_mapping: "/etc/elasticsearch/shield/role_mapping.yml"
unmapped_groups_as_roles: false
user_search.pool.health_check.enabled: false
shield.audit.enabled: true
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["otherELKnodeIP"]
I could resolve this by deleting the system key from master server. 我可以通过从主服务器删除系统密钥来解决此问题。 We are not using tribe nodes but somehow I generated the system key on ELK master node which was culprit. 我们不是在使用部落节点,而是以某种方式在元凶ELK主节点上生成了系统密钥。
Regards, Vinod 问候,Vinod
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.