关于elasticsearch:ElasticSearch通过Nginx-http-basic-限制访问

原文: Elasticsearch平安篇，通过Nginx http basic 限度拜访

1. tengine配置:

        #关键点，配置帐号密码
        auth_basic "ElasticSearch登录";#提示信息
        auth_basic_user_file /var/local/password; #密码文件（docker中tengine挂载密码文件）
        autoindex on;

        proxy_pass  http://es服务内网ip:9200;

2. docker-compose配置

    volumes:
      # elasticsearch通过nginx http-basic 限度公网拜访
      - /data/tengine/conf/password:/var/local/password

留神: 须要手动进入 docker tengine 容器创立/var/local/password文件并将明码数据复制进去

3. elasticsearch.yml

cluster.name: "docker-es"
# es在docker外面, 不能用127.0.0.1
network.host: 0.0.0.0
# 跨域
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "X-Requested-With, Content-Type, Content-Length, X-User"

4. 重启elasticsearch & tengine

docker restart elasticsearch
docker-compose up -d tengine

5. 而后外网通过域名拜访es服务时会弹出登录窗口, 填写登录胜利即可(如果登录失败, 须要敞开浏览器从新关上才会弹出登录窗口)