首页 - 技术栈

陶瓷企业瓷砖地板公司网站建设泰安高端网站设计建设

作者: 五速梦信息网
时间: 2026年03月21日 08:21

当前位置：首页 > news >正文

陶瓷企业瓷砖地板公司网站建设,泰安高端网站设计建设,做的网站没流量吗,邢台专业做网站价格文章目录一、生成相关证书二、配置elasticSearh三、配置kibana四、配置logstash五、配置filebeat六、连接https es的java api 一、生成相关证书 ps#xff1a;主节点操作切换用户#xff1a;su es 进入目录#xff1a;cd /home/es/elasticsearch-7.6.2 创建文件#x… 文章目录一、生成相关证书二、配置elasticSearh三、配置kibana四、配置logstash五、配置filebeat六、连接https es的java api 一、生成相关证书 ps主节点操作切换用户su es 进入目录cd /home/es/elasticsearch-7.6.2 创建文件vi instances.yml instances:- name: master ip: - 192.168.248.10- name: slave1ip:- 192.168.248.11- name: slave2ip:- 192.168.248.12- name: kibanaip:- 192.168.248.10- name: logstaship:- 192.168.248.10 - name: filebeatip:- 192.168.248.10 生成证书/home/es/elasticsearch-7.6.2/bin/elasticsearch-certutil cert ca –pem –in instances.yml –out certs.zip 解压得到各个证书unzip certs.zip
二、配置elasticSearh ps三个节点切换用户su es 将解压得到的三个文件夹文件拷贝到各个节点的/home/es/elasticsearch-7.6.2/config下如master节点ca.crt、master.crt、master.key 三个节点配置末尾添加配置vi /home/es/elasticsearch-7.6.2/config/elasticsearch.yml ps1根据名字配置master和slave1和slave2 ps2如果之前配置过密码需要将密码的配置先移除 xpack.security.http.ssl.enabled: true xpack.security.http.ssl.key: master.key xpack.security.http.ssl.certificate: master.crt xpack.security.http.ssl.certificate_authorities: ca.crtxpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.key: master.key xpack.security.transport.ssl.certificate: master.crt xpack.security.transport.ssl.certificate_authorities: [ca.crt]如果是用root用户拷贝的记得赋权chown -R es:es /home/es 启动 cd /home/es/elasticsearch-7.6.2/bin nohup /home/es/elasticsearch-7.6.2/bin/elasticsearch 设置密码/home/es/elasticsearch-7.6.2/bin/elasticsearch-setup-passwords interactive ps1可以统一设置一个密码ffcsict123 ps2如果已经设置过密码了可以忽略。或者也可以删除es的 .security-7 索引重新执行设置密码的操作也可以
三、配置kibana 将kibana证书放到/home/es/kibana-7.6.2-linux-x86_64/config下kibana.crt、ca.crt、kibana.key 配置vi /home/es/kibana-7.6.2-linux-x86_64/config/kibana.yml # 修改 elasticsearch.hosts: [https://192.168.248.10:9200,https://192.168.248.11:9200,https://192.168.248.12:9200]# 末尾添加

这三个路径写成相对路径会被错写绝对路径才行不知道为啥

server.ssl.enabled: true server.ssl.certificate: /home/es/kibana-7.6.2-linux-x86_64/config/kibana.crt server.ssl.key: /home/es/kibana-7.6.2-linux-x86_64/config/kibana.key elasticsearch.ssl.certificateAuthorities: [/home/es/kibana-7.6.2-linux-x86_64/config/ca.crt]elasticsearch.username: kibana elasticsearch.password: ffcsict123如果是用root用户拷贝的记得赋权chown -R es:es /home/es 启动nohup /home/es/kibana-7.6.2-linux-x86_64/bin/kibana 访问https://192.168.248.10:5601
四、配置logstash 将logstash证书放到/home/es/logstash-7.6.2/config下logstash.crt、ca.crt、logstash.key 修改配置文件vi /home/es/logstash-7.6.2/config/logstash.yml xpack.monitoring.enabled: true xpack.monitoring.elasticsearch.username: logstash_system xpack.monitoring.elasticsearch.password: ffcsict123 xpack.monitoring.elasticsearch.hosts: [https://192.168.248.10:9200] xpack.monitoring.elasticsearch.ssl.certificate_authority: /home/es/logstash-7.6.2/config/ca.crt修改配置文件vi /home/es/logstash-7.6.2/config/logstash-sample.conf output {elasticsearch {hosts [https://192.168.248.10:9200,https://192.168.248.11:9200,https://192.168.248.12:9200]index testlog-%{YYYY.MM.dd}user elasticpassword ffcsict123ssl truecacert /home/es/logstash-7.6.2/config/ca.crt}}启动nohup /home/es/logstash-7.6.2/bin/logstash -f /home/es/logstash-7.6.2/config/logstash-sample.conf
五、配置filebeat ——————–如果logstash不需要转https则可以忽略以下步骤—————– 杀死logstash进程将 logstash.key 转换为 PKCS#8 格式 cd /home/es/logstash-7.6.2/config openssl pkcs8 -in logstash.key -topk8 -nocrypt -out logstash.pkcs8.key由于我们一个logstash服务会有很多filebeat服务写日志进来。如果将logstash改为https访问需要将所有涉及的filebeat都进行改配置。所以如果只是要求es改造为https可以不改造logstash。如果需要改造则修改配置文件vi /home/es/logstash-7.6.2/config/logstash-sample.conf input {beats {port 5044ssl truessl_certificate_authorities [/home/es/logstash-7.6.2/config/ca.crt]ssl_certificate /home/es/logstash-7.6.2/config/logstash.crtssl_key /home/es/logstash-7.6.2/config/logstash.pkcs8.keyssl_verify_mode force_peer} }启动logstashnohup /home/es/logstash-7.6.2/bin/logstash -f /home/es/logstash-7.6.2/config/logstash-sample.conf 将filebeat证书放到/home/es/filebeat-7.6.2-linux-x86_64下filebeat.crt、filebeat.crt、filebeat.key 配置filebeatvi /home/es/filebeat-7.6.2-linux-x86_64/filebeat.yml output.logstash:hosts: [192.168.248.10:5044]ssl.certificate_authorities: [/home/es/filebeat-7.6.2-linux-x86_64/ca.crt]ssl.certificate: /home/es/filebeat-7.6.2-linux-x86_64/filebeat.crtssl.key: /home/es/filebeat-7.6.2-linux-x86_64/filebeat.key启动nohup /home/es/filebeat-7.6.2-linux-x86_64/filebeat -e -c /home/es/filebeat-7.6.2-linux-x86_64/filebeat.yml
六、连接https es的java api import org.apache.http.HttpHost; import org.apache.http.auth.AuthScope; import org.apache.http.auth.UsernamePasswordCredentials; import org.apache.http.client.CredentialsProvider; import org.apache.http.client.config.RequestConfig; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.impl.client.BasicCredentialsProvider; import org.apache.http.impl.nio.client.HttpAsyncClientBuilder; import org.apache.http.ssl.SSLContextBuilder; import org.apache.http.ssl.SSLContexts; import org.elasticsearch.action.admin.indices.alias.get.GetAliasesRequest; import org.elasticsearch.client.; import org.elasticsearch.cluster.metadata.AliasMetadata; import org.springframework.core.io.ClassPathResource;import javax.net.ssl.SSLContext; import java.io.IOException; import java.io.InputStream; import java.security.KeyStore; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.util.;/*** author 天真热* create 2023-09-02 20:25* desc/ public class elkDemo {public static String ip 192.168.248.10;public static String port 9200;public static String esUsername elastic;public static String esPassword ffcsict123;public static void main(String[] args) throws IOException {{RestHighLevelClient clinet getConnection();ListMapString, Object indexs getIndex(clinet);System.out.println(indexs);}}/* 创建链接* return/public static RestHighLevelClient getConnection() {// 创建凭据提供程序final CredentialsProvider credentialsProvider new BasicCredentialsProvider();credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(esUsername, esPassword));RestClientBuilder http RestClient.builder(new HttpHost(ip, Integer.parseInt(port), https)).setRequestConfigCallback(new RestClientBuilder.RequestConfigCallback() {Overridepublic RequestConfig.Builder customizeRequestConfig(RequestConfig.Builder requestConfigBuilder) {requestConfigBuilder.setConnectTimeout(700000);requestConfigBuilder.setSocketTimeout(600000);requestConfigBuilder.setConnectionRequestTimeout(100000);return requestConfigBuilder;}}).setHttpClientConfigCallback(new RestClientBuilder.HttpClientConfigCallback() {Overridepublic HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpAsyncClientBuilder) {return httpAsyncClientBuilder.setSSLContext(buildSSLContext()).setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE).setDefaultCredentialsProvider(credentialsProvider);}});return new RestHighLevelClient(http);}/** 获取所有索引/public static ListMapString, Object getIndex(RestHighLevelClient esHighInit) throws IOException {ListMapString, Object resultList new ArrayList();GetAliasesRequest request new GetAliasesRequest();GetAliasesResponse alias esHighInit.indices().getAlias(request, RequestOptions.DEFAULT);MapString, SetAliasMetadata map alias.getAliases();map.forEach((k, v) - {if (!k.startsWith(.)) {//忽略elasticesearch 默认的Map map1 new HashMap();map1.put(indexName, k);resultList.add(map1);}});return resultList;}/** 创建证书验证* return*/private static SSLContext buildSSLContext() {ClassPathResource resource new ClassPathResource(master.crt);SSLContext sslContext null;try {CertificateFactory factory CertificateFactory.getInstance(X.509);Certificate trustedCa;try (InputStream is resource.getInputStream()) {trustedCa factory.generateCertificate(is);}KeyStore trustStore KeyStore.getInstance(pkcs12);trustStore.load(null, null);trustStore.setCertificateEntry(ca, trustedCa);SSLContextBuilder sslContextBuilder SSLContexts.custom().loadTrustMaterial(trustStore, null);sslContext sslContextBuilder.build();} catch (Exception e) {e.printStackTrace();}return sslContext;} }

上一篇：陶瓷网站模板注册网站会员需要详细
下一篇：淘宝代运营公司排名seo怎么优化网站

陶瓷企业瓷砖地板公司网站建设泰安高端网站设计建设

这三个路径写成相对路径会被错写绝对路径才行不知道为啥

相关文章

陶瓷网站模板注册网站会员需要详细

塘厦镇住房规划建设局网站做网站文字字号大小

塘沽手机网站建设软件网站下载

淘宝代运营公司排名seo怎么优化网站

淘宝导购网站备案国家企业信用公示官方

淘宝的网站建设怎么建波哥昆明网站建设

html5网站模板免费下载网站底部怎么做需要放些什么

html5网站开发前景php是怎么设计网站的

html5网站开发工具有哪些做网站有弹窗叫什么

html5网站建设企业论文如何申请个人网站

html5网站建设基本流程图中国动漫影视培训网站源码

html5网站后台h5高端网站开发

陶瓷企业 瓷砖地板公司网站建设泰安高端网站设计建设

这三个路径写成相对路径会被错写绝对路径才行不知道为啥

相关文章

陶瓷 网站模板注册网站会员需要详细

塘厦镇住房规划建设局网站做网站文字字号大小

塘沽手机网站建设软件网站下载

淘宝代运营公司排名seo怎么优化网站

淘宝导购网站备案国家企业信用公示官方

淘宝的网站建设怎么建波哥昆明网站建设

html5网站模板免费下载网站底部怎么做需要放些什么

html5网站开发前景php是怎么设计网站的

html5网站开发工具有哪些做网站有弹窗叫什么

html5网站建设企业论文如何 申请个人网站

html5网站建设基本流程图中国动漫影视培训网站源码

html5网站后台h5高端网站开发

陶瓷企业瓷砖地板公司网站建设泰安高端网站设计建设

陶瓷网站模板注册网站会员需要详细

html5网站建设企业论文如何申请个人网站