elasticsearch-6.8.23配置transport连接xpack密码，springboot2.1.18_x-pack-transport

项目场景：

项目使用spring-boot-starter-data-elasticsearch集成操作es，现在需要给es新增密码配置并成功连接es，项目版本写法比较老，代码耦合太多，无法升级high-level-client，只能配置transport连接

ES版本：6.8.23

springboot版本：2.0.1.RELEASE

---

1.配置ES

1.1 生成证书

在es项目目录bin中，运行命令

./elasticsearch-certutil ca
./elasticsearch-certutil cert --ca elastic-stack-ca.p12

会生成两个证书

elastic-cerificates.p12
elastic-stack-ca.p12

将两个文件移动到es中config文件夹

1.2 配置密码

编辑es配置文件elasticsearch.yml，新增以下配置

xpack.security.enabled: true #开启密码配置
xpack.security.transport.ssl.enabled: true #开启ssl连接
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /es/elasticsearch-6.8.23/config/elastic-certificates.p12 #证书路径
xpack.security.transport.ssl.truststore.path: /es/elasticsearch-6.8.23/config/elastic-certificates.p12 #证书路径

在es中bin目录，运行命令
./elasticsearch-setup-passwords interactive

会让你输入多个内置账户的密码，自己记录一下。这里同时修改证书路径，1.1中生成的p12证书绝对路径；

注意：这里ssl必须设置为开启状态，否则es将无法启动，报错[ Transport SSL must be enabled…]

2.java配置

2.1 java配置类

import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.elasticsearch.client.Client;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.xpack.client.PreBuiltXPackTransportClient;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.elasticsearch.core.ElasticsearchTemplate;
import org.springframework.util.Assert;

import java.net.InetAddress;
@Slf4j
@Configuration
public class ElasticsearchConfig {
    //连接信息改成自己的

    @Value("${elasticsearch.clusterName}")
    private String clusterName;

    @Value("${elasticsearch.clusterNodes}")
    private String clusterNodes;

    //用户名：密码
    @Value("${elasticsearch.clusterPassword}")
    private String clusterPassword;

    @Value("${elasticsearch.certPath}")
    private String certPath;

    static final String COLON = ":";//分号
    static final String COMMA = ",";//逗号

    @Bean
    public Client client() throws Exception {
        Settings settings = Settings.builder()
                .put("cluster.name", clusterName)
                .put("xpack.security.user", clusterPassword)
                .put("xpack.security.enabled", true)
                .put("xpack.security.transport.ssl.keystore.path", certPath)
                .put("xpack.security.transport.ssl.truststore.path", certPath)
                .put("xpack.security.transport.ssl.verification_mode", "certificate")
                .put("xpack.security.transport.ssl.enabled", true)
                .build();
        PreBuiltXPackTransportClient client = new PreBuiltXPackTransportClient(settings);
        for (String clusterNode : StringUtils.split(clusterNodes, COMMA)) {
            String hostName = StringUtils.substringBeforeLast(clusterNode, COLON);
            String port = StringUtils.substringAfterLast(clusterNode, COLON);
            Assert.hasText(hostName, "[Assertion failed] missing host name in 'clusterNodes'");
            Assert.hasText(port, "[Assertion failed] missing port in 'clusterNodes'");
            log.info("adding transport node : " + clusterNode);
            client.addTransportAddress(new TransportAddress(InetAddress.getByName(hostName), Integer.parseInt(port)));
        }
        return client;
    }

    @Bean
    public ElasticsearchTemplate elasticsearchTemplate() throws Exception {
        ElasticsearchTemplate elasticsearchTemplate;
        try {
            elasticsearchTemplate = new ElasticsearchTemplate(client());
            return elasticsearchTemplate;
        } catch (Exception e) {
            e.printStackTrace();
            return new ElasticsearchTemplate(client());
        }
    }

}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

配置文件

elasticsearch.clusterName=my-application
elasticsearch.clusterNodes=192.168.223.132:9300
elasticsearch.clusterPassword=elastic:123456
elasticsearch.certPath=/es/elasticsearch-6.8.23/config/elastic-certificates.p12
1
2
3
4

2.2 依赖版本不对

由于es和spring-data的依赖版本不一致，导致ElasticsearchConfig中许多类没有，这里是spring-data与es的版本对应关系

重新配置依赖，需要引入transport和x-pack依赖

<dependency>
    <groupId>org.elasticsearch</groupId>
    <artifactId>elasticsearch</artifactId>
    <version>6.8.0</version>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-data-elasticsearch</artifactId>
    <version>2.1.18.RELEASE</version>
</dependency>
<dependency>
    <groupId>org.springframework.data</groupId>
    <artifactId>spring-data-elasticsearch</artifactId>
    <version>3.2.13.RELEASE</version>
</dependency>
<dependency>
    <groupId>javax.jms</groupId>
    <artifactId>javax.jms-api</artifactId>
    <version>2.0.1</version>
</dependency>
<dependency>
    <groupId>org.elasticsearch.plugin</groupId>
    <artifactId>transport-netty4-client</artifactId>
    <version>6.8.0</version>
</dependency>
<dependency>
    <groupId>org.elasticsearch.client</groupId>
    <artifactId>transport</artifactId>
    <version>6.8.0</version>
</dependency>
        <!-- https://mvnrepository.com/artifact/org.elasticsearch.client/x-pack-transport -->
<dependency>
    <groupId>org.elasticsearch.client</groupId>
    <artifactId>x-pack-transport</artifactId>
    <version>6.8.11</version>
</dependency>
<dependency>
    <groupId>com.unboundid</groupId>
    <artifactId>unboundid-ldapsdk</artifactId>
    <version>3.2.0</version>
</dependency>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

需要修改spring-boot版本为2.1.18

<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.18.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
1
2
3
4