Home Explore Help
Register Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: b826703e21
Branches Tags
elasticsearch
/
docs
/
java-rest
/
high-level
/
cluster
/
enroll_node.asciidoc

enroll_node.asciidoc 2.6 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. --
    2. 

  2. :api: node-enrollment
    3. 

  3. :request: NodeEnrollmentRequest
    4. 

  4. :response: NodeEnrollmentResponse
    5. 

  5. --
    6. 

  6. 

  7. [id="{upid}-{api}"]
    8. 

  8. === Enroll Node API
    9. 

  9. 

  10. Allows a new node to join an existing cluster with security features enabled.
    11. 

  11. 

  12. The purpose of the enroll node API is to allow a new node to join an existing cluster
    13. 

  13. where security is enabled. The enroll node API response contains all the necessary information
    14. 

  14. for the joining node to bootstrap discovery and security related settings so that it
    15. 

  15. can successfully join the cluster.
    16. 

  16. 

  17. NOTE: The response contains key and certificate material that allows the
    18. 

  18. caller to generate valid signed certificates for the HTTP layer of all nodes in the cluster.
    19. 

  19. 

  20. include::../execution.asciidoc[]
    21. 

  21. 

  22. [id="{upid}-{api}-response"]
    23. 

  23. ==== Enroll Node Response
    24. 

  24. 

  25. The returned +{response}+ allows to retrieve information about the
    26. 

  26. executed operation as follows:
    27. 

  27. 

  28. ["source","java",subs="attributes,callouts,macros"]
    29. 

  29. --------------------------------------------------
    30. 

  30. include-tagged::{doc-tests-file}[{api}-response]
    31. 

  31. --------------------------------------------------
    32. 

  32. <1> The CA private key that can be used by the new node in order to sign its certificate
    33. 

  33. for the HTTP layer, as a Base64 encoded string of the ASN.1 DER encoding of the key.
    34. 

  34. <2> The CA certificate that can be used by the new node in order to sign its certificate
    35. 

  35. for the HTTP layer, as a Base64 encoded string of the ASN.1 DER encoding of the certificate.
    36. 

  36. <3> The private key that the node can use for  TLS for its transport layer, as a Base64
    37. 

  37. encoded string of the ASN.1 DER encoding of the key.
    38. 

  38. <4> The certificate that the node can use for  TLS for its transport layer, as a Base64
    39. 

  39. encoded string of the ASN.1 DER encoding of the certificate.
    40. 

  40. <5> The name of the cluster the new node is joining
    41. 

  41. <6> A list of transport addresses in the form of `host:port` for the nodes that are already
    42. 

  42. members of the cluster.
    43. 

  43. 

  44. 

  45. [id="{upid}-{api}-execute-async"]
    46. 

  46. ==== Asynchronous Execution
    47. 

  47. 

  48. This request can be executed asynchronously using the `security().enrollNodeAsync()`
    49. 

  49. method:
    50. 

  50. 

  51. ["source","java",subs="attributes,callouts,macros"]
    52. 

  52. --------------------------------------------------
    53. 

  53. include-tagged::{doc-tests-file}[{api}-execute-async]
    54. 

  54. --------------------------------------------------
    55. 

  55. 

  56. A typical listener for a `NodeEnrollmentResponse` looks like:
    57. 

  57. 

  58. ["source","java",subs="attributes,callouts,macros"]
    59. 

  59. --------------------------------------------------
    60. 

  60. include-tagged::{doc-tests-file}[{api}-execute-listener]
    61. 

  61. --------------------------------------------------
    62. 

  62. <1> Called when the execution is successfully completed. The response is
    63. 

  63. provided as an argument
    64. 

  64. <2> Called in case of failure. The raised exception is provided as an argument
    65.