elasticsearch-cloud-aws 插件不适用于 IAM 角色
elasticsearch-cloud-aws plugin not working with IAM role
我正在尝试使用 elasticsearch-cloud-aws 插件在 aws ec2 机器上设置一个 elasticsearch 集群。我按照 github 自述文件中的说明进行操作,但无法使其与 IAM 角色设置一起使用。
我使用的是 ES 1.7.1 和插件版本 2.7.0
已启动具有与以下策略关联的 IAM 角色的 EC2 实例:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1439999260000",
"Effect": "Allow",
"Action": [
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:DescribeSecurityGroups",
"ec2:DescribeTags"
],
"Resource": [
"*"
]
}
]
}
在所有实例的 elasticsearch 配置文件中修改了以下设置:
cluster.name: my_cluster
discovery.zen.ping.multicast.enabled: false
discovery.type: ec2
discovery.type: ec2
discovery.ec2.groups: my_security_group
discovery.ec2.availability_zones: eu-west-1b
在 es 日志中发现以下发现模块的 DEBUG 级别。
[2015-08-19 18:41:12,024][DEBUG][discovery.ec2 ] [Misfit] using ping.timeout [3s], join.timeout [1m], master_election.filter_client [true], master_election.filter_data [false]
[2015-08-19 18:41:12,025][DEBUG][discovery.zen.fd ] [Misfit] [master] uses ping_interval [1s], ping_timeout [30s], ping_retries [3]
[2015-08-19 18:41:12,027][DEBUG][discovery.zen.fd ] [Misfit] [node ] uses ping_interval [1s], ping_timeout [30s], ping_retries [3]
[2015-08-19 18:41:12,785][DEBUG][discovery.ec2 ] [Misfit] using host_type [PRIVATE_IP], tags [{}], groups [[ES-development-expose]] with any_group [true], availability_zones [[eu-west-1b]]
[2015-08-19 18:41:13,479][INFO ][node ] [Misfit] initialized
[2015-08-19 18:41:13,479][INFO ][node ] [Misfit] starting ...
[2015-08-19 18:41:13,560][INFO ][transport ] [Misfit] bound_address {inet[/0:0:0:0:0:0:0:0:9300]}, publish_address {inet[/10.0.0.29:9300]}
[2015-08-19 18:41:13,581][INFO ][discovery ] [Misfit] es-aws-dev/W24WvY0yQyew0khFFDrQVA
[2015-08-19 18:41:14,805][DEBUG][discovery.ec2 ] [Misfit] using dynamic discovery nodes []
[2015-08-19 18:41:16,433][DEBUG][discovery.ec2 ] [Misfit] using dynamic discovery nodes []
[2015-08-19 18:41:18,064][DEBUG][discovery.ec2 ] [Misfit] using dynamic discovery nodes []
[2015-08-19 18:41:18,067][DEBUG][discovery.ec2 ] [Misfit] filtered ping responses: (filter_client[true], filter_data[false]) {none}
[2015-08-19 18:41:18,074][INFO ][cluster.service ] [Misfit] new_master [Misfit][W24WvY0yQyew0khFFDrQVA][ip-10-0-0-29.eu-west-1.compute.internal][inet[/10.0.0.29:9300]], reason: zen-disco-join (elected_as_master)
[2015-08-19 18:41:18,101][INFO ][http ] [Misfit] bound_address {inet[/0:0:0:0:0:0:0:0:9200]}, publish_address {inet[/10.0.0.29:9200]}
[2015-08-19 18:41:18,101][INFO ][node ] [Misfit] started
[2015-08-19 18:41:18,102][INFO ][gateway ] [Misfit] recovered [0] indices into cluster_state
没有形成集群,而是两个独立的主控。
我已验证计算机上的 IAM 角色有效。但是是否可以验证哪些条目返回到 ec2 节点?
有什么提示我忽略了吗?
感谢
当我也通过 cloud.aws.region 设置 aws 区域时,它开始按预期运行。
我正在尝试使用 elasticsearch-cloud-aws 插件在 aws ec2 机器上设置一个 elasticsearch 集群。我按照 github 自述文件中的说明进行操作,但无法使其与 IAM 角色设置一起使用。
我使用的是 ES 1.7.1 和插件版本 2.7.0
已启动具有与以下策略关联的 IAM 角色的 EC2 实例:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1439999260000",
"Effect": "Allow",
"Action": [
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:DescribeSecurityGroups",
"ec2:DescribeTags"
],
"Resource": [
"*"
]
}
]
}
在所有实例的 elasticsearch 配置文件中修改了以下设置:
cluster.name: my_cluster
discovery.zen.ping.multicast.enabled: false
discovery.type: ec2
discovery.type: ec2
discovery.ec2.groups: my_security_group
discovery.ec2.availability_zones: eu-west-1b
在 es 日志中发现以下发现模块的 DEBUG 级别。
[2015-08-19 18:41:12,024][DEBUG][discovery.ec2 ] [Misfit] using ping.timeout [3s], join.timeout [1m], master_election.filter_client [true], master_election.filter_data [false]
[2015-08-19 18:41:12,025][DEBUG][discovery.zen.fd ] [Misfit] [master] uses ping_interval [1s], ping_timeout [30s], ping_retries [3]
[2015-08-19 18:41:12,027][DEBUG][discovery.zen.fd ] [Misfit] [node ] uses ping_interval [1s], ping_timeout [30s], ping_retries [3]
[2015-08-19 18:41:12,785][DEBUG][discovery.ec2 ] [Misfit] using host_type [PRIVATE_IP], tags [{}], groups [[ES-development-expose]] with any_group [true], availability_zones [[eu-west-1b]]
[2015-08-19 18:41:13,479][INFO ][node ] [Misfit] initialized
[2015-08-19 18:41:13,479][INFO ][node ] [Misfit] starting ...
[2015-08-19 18:41:13,560][INFO ][transport ] [Misfit] bound_address {inet[/0:0:0:0:0:0:0:0:9300]}, publish_address {inet[/10.0.0.29:9300]}
[2015-08-19 18:41:13,581][INFO ][discovery ] [Misfit] es-aws-dev/W24WvY0yQyew0khFFDrQVA
[2015-08-19 18:41:14,805][DEBUG][discovery.ec2 ] [Misfit] using dynamic discovery nodes []
[2015-08-19 18:41:16,433][DEBUG][discovery.ec2 ] [Misfit] using dynamic discovery nodes []
[2015-08-19 18:41:18,064][DEBUG][discovery.ec2 ] [Misfit] using dynamic discovery nodes []
[2015-08-19 18:41:18,067][DEBUG][discovery.ec2 ] [Misfit] filtered ping responses: (filter_client[true], filter_data[false]) {none}
[2015-08-19 18:41:18,074][INFO ][cluster.service ] [Misfit] new_master [Misfit][W24WvY0yQyew0khFFDrQVA][ip-10-0-0-29.eu-west-1.compute.internal][inet[/10.0.0.29:9300]], reason: zen-disco-join (elected_as_master)
[2015-08-19 18:41:18,101][INFO ][http ] [Misfit] bound_address {inet[/0:0:0:0:0:0:0:0:9200]}, publish_address {inet[/10.0.0.29:9200]}
[2015-08-19 18:41:18,101][INFO ][node ] [Misfit] started
[2015-08-19 18:41:18,102][INFO ][gateway ] [Misfit] recovered [0] indices into cluster_state
没有形成集群,而是两个独立的主控。
我已验证计算机上的 IAM 角色有效。但是是否可以验证哪些条目返回到 ec2 节点? 有什么提示我忽略了吗?
感谢
当我也通过 cloud.aws.region 设置 aws 区域时,它开始按预期运行。