mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-15 01:16:09 +00:00
b433ee390c
This commit changes the groupId to the above mentioned one
so that S3 uploads will end up in the right bucket. This will
allow the Elasticsearch plugin manager to install the commercial
plugins like
```
bin/plugin install {watcher,shield,license,marvel}
```
like the official ones.
Original commit: elastic/x-pack-elasticsearch@642f1f006a
55 lines
2.6 KiB
Plaintext
55 lines
2.6 KiB
Plaintext
[[getting-started]]
|
|
== Getting Started with Shield
|
|
|
|
This getting started guide walks you through installing Shield, setting up basic authentication, and getting started with role-based
|
|
access control. You can install Shield on nodes running Elasticsearch 1.5 or later.
|
|
|
|
IMPORTANT: The Shield plugin must be installed on every node in the cluster and every
|
|
node must be restarted after installation. Plan for a complete cluster restart before beginning the installation process.
|
|
|
|
To install and run Shield:
|
|
|
|
. Run `bin/plugin install` from `ES_HOME` to install the license plugin.
|
|
+
|
|
[source,shell]
|
|
----------------------------------------------------------
|
|
bin/plugin install license
|
|
----------------------------------------------------------
|
|
|
|
. Run `bin/plugin install` to install the Shield plugin.
|
|
+
|
|
[source,shell]
|
|
----------------------------------------------------------
|
|
bin/plugin install shield
|
|
----------------------------------------------------------
|
|
+
|
|
NOTE: If you are using a <<deb-rpm-install, DEB/RPM distribution>> of Elasticsearch, you need to specify the configuration directory and run the installation with superuser permissions. To perform an offline installation, <<offline-install,download the Shield binaries>>.
|
|
|
|
. Start Elasticsearch.
|
|
+
|
|
[source,shell]
|
|
----------------------------------------------------------
|
|
bin/elasticsearch
|
|
----------------------------------------------------------
|
|
|
|
. To verify that Shield is up and running, check the startup log entries. When Shield is operating normally, the log indicates that the network transports are using Shield:
|
|
+
|
|
[source,shell]
|
|
----------------
|
|
[2014-10-09 13:47:38,841][INFO ][transport ] [Ezekiel Stane] Using [org.elasticsearch.shield.transport.ShieldServerTransportService] as transport service, overridden by [shield]
|
|
[2014-10-09 13:47:38,841][INFO ][transport ] [Ezekiel Stane] Using [org.elasticsearch.shield.transport.netty.ShieldNettyTransport] as transport, overridden by [shield]
|
|
[2014-10-09 13:47:38,842][INFO ][http ] [Ezekiel Stane] Using [org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport] as http transport, overridden by [shield]
|
|
----------------
|
|
|
|
Now you're ready to secure your cluster! Here are a few things
|
|
you might want to do to start with:
|
|
|
|
* <<enable-basic-auth, Control Access with Basic Authentication>>
|
|
* <<enable-message-authentication, Enable Message Authentication>>
|
|
* <<enable-auditing, Enable Auditing>>
|
|
|
|
include::getting-started/enable-basic-auth.asciidoc[]
|
|
include::getting-started/enable-message-authentication.asciidoc[]
|
|
include::getting-started/enable-auditing.asciidoc[]
|
|
include::getting-started/moving-on.asciidoc[]
|