-
Notifications
You must be signed in to change notification settings - Fork 24.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[DOCS] Update archive install docs for security ON by default (#80375) (
#80441) * [DOCS] Update archive install docs for security ON by default * Remove extra attribute references that aren't needed * Incorporate security info into start page * Update heading
- Loading branch information
Adam Locke
authored
Nov 5, 2021
1 parent
6b6d6c1
commit b2e6972
Showing
9 changed files
with
84 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,65 @@ | ||
==== Running Elasticsearch from the command line | ||
==== Run {es} from the command line | ||
|
||
Elasticsearch can be started from the command line as follows: | ||
Run the following command to start {es} from the command line: | ||
|
||
[source,sh] | ||
-------------------------------------------- | ||
---- | ||
./bin/elasticsearch | ||
-------------------------------------------- | ||
---- | ||
|
||
When starting {es} for the first time, security features are enabled and | ||
configured by default. The following security configuration occurs | ||
automatically: | ||
|
||
* Authentication and authorization are enabled, and a password is generated for | ||
the `elastic` built-in superuser. | ||
* Certificates and keys for TLS are generated for the transport and HTTP layer, | ||
and TLS is enabled and configured with these keys and certificates. | ||
* An enrollment token is generated for {kib}, which is valid for 30 minutes. | ||
The password for the `elastic` user and the enrollment token for {kib} are | ||
output to your terminal. For example: | ||
|
||
[source,sh] | ||
---- | ||
The generated password for the elastic built-in superuser is: | ||
H16Wd=K4dcmgZVA-GE2I | ||
The enrollment token for Kibana instances, valid for the next 30 minutes: | ||
eyJ2ZXIiOiI4LjAuMCIsImFkciI6WyIxOTIuMTY4Ljg2LjEyMjo5MjAwIl0sImZnciI6ImU5MmVhYWM0ZWMzMGExY2EzMDA0MzM4NDgyM2I3Y2YwNTFkMWQ3OTdkNGJlNTQxYzE3ZWY4NGFiMzBjMjlmNGUiLCJrZXkiOiJFM05YNFh3QkVYOVV2SUs0QlU2YTphVEhESktYRVFEbTctUjlFYlBneGlnIn0= | ||
The hex-encoded SHA-256 fingerprint of the generated HTTPS CA DER-encoded certificate: | ||
e92eaac4ec30a1ca30043384823b7cf051d1d797d4be541c17ef84ab30c29f4e | ||
You can complete the following actions at any time: | ||
Reset the password of the elastic built-in superuser with | ||
'bin/elasticsearch-reset-password -u elastic'. | ||
Generate an enrollment token for Kibana instances with | ||
'bin/elasticsearch-create-enrollment-token -s kibana'. | ||
Generate an enrollment token for Elasticsearch nodes with | ||
'bin/elasticsearch-create-enrollment-token -s node'. | ||
---- | ||
|
||
If you have password-protected the {es} keystore, you will be prompted | ||
to enter the keystore's password. See <<secure-settings>> for more | ||
details. | ||
|
||
By default {es} prints its logs to the console (`stdout`) and to the `<cluster | ||
name>.log` file within the <<path-settings,logs directory>>. {es} logs some | ||
information while it is starting up, but once it has finished initializing it | ||
information while it is starting, but after it has finished initializing it | ||
will continue to run in the foreground and won't log anything further until | ||
something happens that is worth recording. While {es} is running you can | ||
interact with it through its HTTP interface which is on port 9200 by default. | ||
interact with it through its HTTP interface which is on port `9200` by default. | ||
|
||
To stop {es}, press `Ctrl-C`. | ||
|
||
NOTE: All scripts packaged with Elasticsearch require a version of Bash | ||
NOTE: All scripts packaged with {es} require a version of Bash | ||
that supports arrays and assume that Bash is available at `/bin/bash`. | ||
As such, Bash should be available at this path either directly or via a | ||
symbolic link. | ||
|
||
To enroll additional nodes in your cluster, create an enrollment token with the | ||
`elasticsearch-create-enrollment-token` tool. You can then start a node with the `--enrollment-token` parameter so that it | ||
{ref}/configuring-stack-security.html#stack-enroll-nodes[joins an existing cluster]. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters