在K8S中启动时如何禁用Elasticsearch身份验证?



我在K8S中启动Elasticsearch集群,下面是规范文件。发射失败,错误如下。我试图禁用身份验证,并希望在没有任何凭据的情况下连接到集群。但它阻止了我这么做。上面说配置是内部使用的。正确的设置方法是什么?

Warning  ReconciliationError      84s                elasticsearch-controller              Failed to apply spec change: adjust resources: adjust discovery config: Operation cannot be fulfilled on elasticsearches.elasticsearch.k8s.elastic.co "datasource": the object has been modified; please apply your changes to the latest version and try again
Normal   AssociationStatusChange  1s (x16 over 86s)  es-monitoring-association-controller  Association status changed from [] to []
Warning  Validation               1s (x20 over 84s)  elasticsearch-controller              [spec.nodeSets[0].config.xpack.security.enabled: Forbidden: Configuration setting is reserved for internal use. User-configured use is unsupported, spec.nodeSets[0].config.xpack.security.http.ssl.enabled: Forbidden: Configuration setting is reserved for internal use. User-configured use is unsupported, spec.nodeSets[0].config.xpack.security.transport.ssl.enabled: Forbidden: Configuration setting is reserved for internal use. User-configured use is unsupported]
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: datasource
spec:
version: 7.14.0
nodeSets:
- name: node
count: 2
config:
node.store.allow_mmap: false
xpack.security.http.ssl.enabled: false
xpack.security.transport.ssl.enabled: false
xpack.security.enabled: false
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
spec:
accessModes:
- ReadWriteOnce
storageClassName: ebs-sc
resources:
requests:
storage: 1024Gi

你可以试试:https://discuss.elastic.co/t/cannot-disable-tls-and-security-in-eks/222335/2

我已经测试过了,它的工作很好,没有任何问题:

cat <<EOF | kubectl apply -f -
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: quickstart
spec:
version: 7.15.0
nodeSets:
- name: default
count: 1
config:
node.master: true
node.data: true
node.ingest: true
node.store.allow_mmap: false
xpack.security.authc:
anonymous:
username: anonymous
roles: superuser
authz_exception: false
EOF

禁用基本认证:

https://www.elastic.co/guide/en/elasticsearch/reference/7.14/anonymous-access.html

禁用SSL自签名证书:

https://www.elastic.co/guide/en/cloud-on-k8s/0.9/k8s-accessing-elastic-services.html k8s-disable-tls

相关内容

  • 没有找到相关文章

最新更新