honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updates the esvm files to esvm 0.0.10, and latest shield format 

This moves the esvm files into dev-tools and collapses the settings with "." This will require the latest version of esvm 0.0.10.  It combines the ldap and ad config into the same file.
Added readme to dev-tools/esvm

Original commit: elastic/x-pack-elasticsearch@dab9fa643d
This commit is contained in:
c-a-m 2014-11-24 16:11:30 -07:00
parent af0f04ed17
commit 2902ccb5f0
10 changed files with 103 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
.esvmrc
View File

@ -1,41 +0,0 @@
{
"defaults": {
"plugins": [ "lmenezes/elasticsearch-kopf", { "name": "shield", "path" : "file:./target/releases/elasticsearch-shield-1.0.0-SNAPSHOT.zip" } ],
"config" : {
"cluster": { "name": "shield" },
"indices.store.throttle.max_bytes_per_sec": "100mb",
"discovery" : {
"type" : "zen",
"zen.ping.multicast.enabled": false,
"zen.ping.unicast.hosts" : [ "localhost:9300", "localhost:9301" ]
},
"shield" : {
"enabled" : true,
"system_key.file": ".esvm-shield-config/system_key",
"audit.enabled" : false,
"transport.ssl": true,
"http.ssl": true,
"ssl" : {
"keystore" : "src/test/resources/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.jks",
"keystore_password" : "testnode"
},
"authc": {
"esusers.files" : {
"users" : ".esvm-shield-config/users",
"users_roles" : ".esvm-shield-config/users_roles"
}
},
"authz.store.files.roles" : ".esvm-shield-config/roles.yml"
}
}
},
"clusters": {
"shield": {
"version": "1.4",
"nodes": [
{ "node": { "name": "node01" } },
{ "node": { "name": "node02" } }
]
}
}
}

49
.esvmrc_active_dir
View File

@ -1,49 +0,0 @@
{
"defaults": {
"plugins": [ "lmenezes/elasticsearch-kopf", { "name": "shield", "path" : "file:./target/releases/elasticsearch-shield-1.0.0-SNAPSHOT.zip" } ],
"config" : {
"cluster": { "name": "shield" },
"indices.store.throttle.max_bytes_per_sec": "100mb",
"discovery" : {
"type" : "zen",
"zen.ping.multicast.enabled": false,
"zen.ping.unicast.hosts" : [ "localhost:9300", "localhost:9301" ]
},
"shield" : {
"enabled" : true,
"system_key.file": ".esvm-shield-config/system_key",
"audit.enabled" : false,
"transport.ssl": true,
"http.ssl": true,
"ssl" : {
"keystore" : "src/test/resources/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.jks",
"keystore_password" : "testnode"
},
"authc": {
"esusers.files" : {
"users" : ".esvm-shield-config/users",
"users_roles" : ".esvm-shield-config/users_roles"
},
"active_directory" : {
"domain_name" : "ad.test.elasticsearch.com",
"url" : "ldaps://ad.test.elasticsearch.com:636",
"unmapped_groups_as_roles" : "false",
"files" : {
"role_mapping": ".esvm-shield-config/role_mapping.yml"
}
}
},
"authz.store.files.roles" : ".esvm-shield-config/roles.yml"
}
}
},
"clusters": {
"shield": {
"version": "1.4",
"nodes": [
{ "node": { "name": "node01" } },
{ "node": { "name": "node02" } }
]
}
}
}

47
.esvmrc_open_ldap
View File

@ -1,47 +0,0 @@
{
"defaults": {
"plugins": [ "lmenezes/elasticsearch-kopf", { "name": "shield", "path" : "file:./target/releases/elasticsearch-shield-1.0.0-SNAPSHOT.zip" } ],
"config" : {
"cluster": { "name": "shield" },
"indices.store.throttle.max_bytes_per_sec": "100mb",
"discovery" : {
"type" : "zen",
"zen.ping.multicast.enabled": false,
"zen.ping.unicast.hosts" : [ "localhost:9300", "localhost:9301" ]
},
"shield" : {
"enabled" : true,
"system_key.file": ".esvm-shield-config/system_key",
"audit.enabled" : false,
"transport.ssl": true,
"http.ssl": true,
"ssl" : {
"keystore" : "src/test/resources/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.jks",
"keystore_password" : "testnode"
},
"authc": {
"ldap" : {
"url" : "ldaps://54.200.235.244:636",
"user_dn_templates": ["uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"],
"group_search.group_search_dn" : "ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com",
"group_search.subtree_search" : false,
"unmapped_groups_as_roles" : "false",
"files" : {
"role_mapping": ".esvm-shield-config/role_mapping.yml"
}
}
},
"authz.store.files.roles" : ".esvm-shield-config/roles.yml"
}
}
},
"clusters": {
"shield": {
"version": "1.4",
"nodes": [
{ "node": { "name": "node01" } },
{ "node": { "name": "node02" } }
]
}
}
}

0
.esvm-shield-config/role_mapping.yml → dev-tools/esvm/.esvm-shield-config/role_mapping.yml
View File

0
.esvm-shield-config/roles.yml → dev-tools/esvm/.esvm-shield-config/roles.yml
View File

0
.esvm-shield-config/system_key → dev-tools/esvm/.esvm-shield-config/system_key
View File

0
.esvm-shield-config/users → dev-tools/esvm/.esvm-shield-config/users
View File

0
.esvm-shield-config/users_roles → dev-tools/esvm/.esvm-shield-config/users_roles
View File

77
dev-tools/esvm/.esvmrc Normal file
View File

@ -0,0 +1,77 @@
{
"defaults": {
"plugins": [
"lmenezes/elasticsearch-kopf",
{ "name": "shield", "path" : "file:../../target/releases/elasticsearch-shield-1.0.0-SNAPSHOT.zip" },
{ "name": "license", "path" : "file:/Users/<user>/.m2/repository/org/elasticsearch/elasticsearch-license-plugin/1.0.0-beta1/elasticsearch-license-plugin-1.0.0-beta1.jar" }
],
"config" : {
"cluster.name": "shield",
"indices.store.throttle.max_bytes_per_sec": "100mb",
"discovery": {
"type": "zen",
"zen.ping" : {
"multicast.enabled": false,
"unicast.hosts": [ "localhost:9300", "localhost:9301" ]
}
},
"shield": {
"enabled": true,
"system_key.file": ".esvm-shield-config/system_key",
"audit.enabled": true,
"transport.ssl": true,
"http.ssl": true,
"ssl.keystore": {
"path": "../../src/test/resources/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.jks",
"password": "testnode"
},
"authc.realms" : {
"esusers": {
"type" : "esusers",
"order" : 0,
"files" : {
"users" : ".esvm-shield-config/users",
"users_roles" : ".esvm-shield-config/users_roles"
}
}
},
"authz.store.files.roles" : ".esvm-shield-config/roles.yml"
}
}
},
"clusters": {
"shield": {
"version": "1.4"
},
"oldap": {
"version": "1.4",
"config": {
"shield.authc.realms.oldap": {
"type": "ldap",
"order": 1,
"url": "ldaps://54.200.235.244:636",
"user_dn_templates": ["uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"],
"group_search.group_search_dn": "ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com",
"group_search.subtree_search": false,
"unmapped_groups_as_roles": "false",
"files": {
"role_mapping": ".esvm-shield-config/role_mapping.yml"
}
}
}
},
"ad": {
"version": "1.4",
"config": {
"shield.authc.realms.ad": {
"type": "active_directory",
"order": 1,
"domain_name": "ad.test.elasticsearch.com",
"url": "ldaps://ad.test.elasticsearch.com:636",
"unmapped_groups_as_roles": "false",
"files": {"role_mapping": ".esvm-shield-config/role_mapping.yml"}
}
}
}
}
}

26
dev-tools/esvm/readme.txt Normal file
View File

@ -0,0 +1,26 @@
Running ESVM with Shield
Upgrade/Install:
npm install esvm -g
Running:
1) cd to elasticsearch-shield/dev-tools/esvm
2) modify the elasticsearch-license plugin directory in .esvmrc file
3-a) For native users
./esvm
3-b) For openldap users
esvm oldap
3-c) For active directory users
esvm ad
Users and roles are stored in .esvm-shield-config
Troubleshooting:
- elasticsearch is installed under ~/.esvm/<version>
- turn on debug in ~/.esvm/1.4.1/config/logging.yml
- esvm --fresh will reinstall ES
- plugins will not re-install, you can remove them manually by ~/.esvm/1.4.1/bin/plugin --remove shield
- errors during startup will not show up. If esvm fails startup look in ~/.esvm/1.4.1/logs/*