を失敗した私は、次のエラーを取得しています:sgadmin.shがelasticsearch && searchguard
が原因にクラスタ状態を取得できません:構成されたノードのどれも用意されています[{#トランスポート#-1} {6PPXnCNqTt-W5g-0fmeZuQ} {ホスト} {ホスト:9200}。これはエラーではない、しようとし続けます
エラー:elasticsearch.ymlで
WARNING: JAVA_HOME not set, will use /usr/bin/java
Search Guard Admin v5
WARNING: Seems you want connect to the a HTTP port.
sgadmin connect through the transport port which is normally 9300.
Will connect to host:9200 ... done
### LICENSE NOTICE Search Guard ###
If you use one or more of the following features in production
make sure you have a valid Search Guard license
(See https://floragunn.com/searchguard-validate-license)
* Kibana Multitenancy
* LDAP authentication/authorization
* Active Directory authentication/authorization
* REST Management API
* JSON Web Token (JWT) authentication/authorization
* Kerberos authentication/authorization
* Document- and Fieldlevel Security (DLS/FLS)
* Auditlogging
In case of any doubt mail to <[email protected]>
###################################
Contacting elasticsearch cluster 'eslcl1' and wait for YELLOW clusterstate ...
Cannot retrieve cluster state due to: None of the configured nodes are available: [{#transport#-1}{6PPXnCNqTt-W5g-0fmeZuQ}{host}{host:9200}]. This is not an error, will keep on trying ...
Root cause: NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{6PPXnCNqTt-W5g-0fmeZuQ}{host}{host:9200}]] (org.elasticsearch.client.transport.NoNodeAvailableException/org.elasticsearch.client.transport.NoNodeAvailableException)
* Try running sgadmin.sh with -icl (but no -cl) and -nhnv (If thats works you need to check your clustername as well as hostnames in your SSL certificates)
* Make also sure that your keystore or cert is a client certificate (not a node certificate) and configured properly in elasticsearch.yml
* If this is not working, try running sgadmin.sh with --diagnose and see diagnose trace log file)
* Add --accept-red-cluster to allow sgadmin to operate on a red cluster.
私のconfには
######## Start Search Guard Demo Configuration ########
searchguard.ssl.transport.keystore_filepath: CN=x.x.x.x-keystore.jks
searchguard.ssl.transport.keystore_password: 8a17368ff585a2c3afdc
searchguard.ssl.transport.truststore_filepath: truststore.jks
searchguard.ssl.transport.truststore_password: 90f3cbdb3eabe04f815b
searchguard.ssl.transport.enforce_hostname_verification: false
searchguard.ssl.http.enabled: false
searchguard.ssl.http.keystore_filepath: CN=x.x.x.x-keystore.jks
searchguard.ssl.http.keystore_password: 8a17368ff585a2c3afdc
searchguard.ssl.http.truststore_filepath: truststore.jks
searchguard.ssl.http.truststore_password: 90f3cbdb3eabe04f815b
searchguard.authcz.admin_dn:
- CN=sgadmin
cluster.name: eslcl1
network.host: x.x.x.x
私はに見てする必要があるかもしれませんどのような構成はありますか?
'ks'の値に' CN = 'という接頭辞を付けることはできますか? – mcsilvio