Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
lqb
/
elasticsearch
-ын хуулбар https://gitee.com/mirrors/elasticsearch.git
1
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: 77d2dd203e
Салаанууд Тагууд
elasticsearch
/
docs
/
reference
/
setup
/
secure-settings.asciidoc

secure-settings.asciidoc 2.4 KB
Түүх Анхны өгөгдөл

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. [[secure-settings]]
    2. 

  2. === Secure Settings
    3. 

  3. 

  4. Some settings are sensitive, and relying on filesystem permissions to protect
    5. 

  5. their values is not sufficient. For this use case, Elasticsearch provides a
    6. 

  6. keystore and the `elasticsearch-keystore` tool to manage the settings in the keystore.
    7. 

  7. 

  8. NOTE: All commands here should be run as the user which will run Elasticsearch.
    9. 

  9. 

  10. NOTE: Only some settings are designed to be read from the keystore. See
    11. 

  11. documentation for each setting to see if it is supported as part of the keystore.
    12. 

  12. 

  13. NOTE: All the modifications to the keystore take affect only after restarting
    14. 

  14. Elasticsearch.
    15. 

  15. 

  16. NOTE: The elasticsearch keystore currently only provides obfuscation. In the future,
    17. 

  17. password protection will be added.
    18. 

  18. 

  19. [float]
    20. 

  20. [[creating-keystore]]
    21. 

  21. === Creating the keystore
    22. 

  22. 

  23. To create the `elasticsearch.keystore`, use the `create` command:
    24. 

  24. 

  25. [source,sh]
    26. 

  26. ----------------------------------------------------------------
    27. 

  27. bin/elasticsearch-keystore create
    28. 

  28. ----------------------------------------------------------------
    29. 

  29. 

  30. The file `elasticsearch.keystore` will be created alongside `elasticsearch.yml`.
    31. 

  31. 

  32. [float]
    33. 

  33. [[list-settings]]
    34. 

  34. === Listing settings in the keystore
    35. 

  35. 

  36. A list of the settings in the keystore is available with the `list` command:
    37. 

  37. 

  38. [source,sh]
    39. 

  39. ----------------------------------------------------------------
    40. 

  40. bin/elasticsearch-keystore list
    41. 

  41. ----------------------------------------------------------------
    42. 

  42. 

  43. [float]
    44. 

  44. [[add-string-to-keystore]]
    45. 

  45. === Adding string settings
    46. 

  46. 

  47. Sensitive string settings, like authentication credentials for cloud
    48. 

  48. plugins, can be added using the `add` command:
    49. 

  49. 

  50. [source,sh]
    51. 

  51. ----------------------------------------------------------------
    52. 

  52. bin/elasticsearch-keystore add the.setting.name.to.set
    53. 

  53. ----------------------------------------------------------------
    54. 

  54. 

  55. The tool will prompt for the value of the setting. To pass the value
    56. 

  56. through stdin, use the `--stdin` flag:
    57. 

  57. 

  58. [source,sh]
    59. 

  59. ----------------------------------------------------------------
    60. 

  60. cat /file/containing/setting/value | bin/elasticsearch-keystore add --stdin the.setting.name.to.set
    61. 

  61. ----------------------------------------------------------------
    62. 

  62. 

  63. [float]
    64. 

  64. [[remove-settings]]
    65. 

  65. === Removing settings
    66. 

  66. 

  67. To remove a setting from the keystore, use the `remove` command:
    68. 

  68. 

  69. [source,sh]
    70. 

  70. ----------------------------------------------------------------
    71. 

  71. bin/elasticsearch-keystore remove the.setting.name.to.remove
    72. 

  72. ----------------------------------------------------------------
    73. 

  73.