[Security] Add log4j vulnerability mitigation in Elasticsearch
Change-Id: I2d4a4fab35771723be82a1c8b98dbe4cc3164f58
(cherry picked from commit ecbd96bebb
)
This commit is contained in:
parent
65f95a99ed
commit
f35e44aaf7
|
@ -38,7 +38,7 @@ elasticsearch_enable_keystone_registration: False
|
|||
|
||||
elasticsearch_cluster_name: "kolla_logging"
|
||||
es_heap_size: "1g"
|
||||
es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%}"
|
||||
es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%} -Dlog4j2.formatMsgNoLookups=true"
|
||||
|
||||
#######################
|
||||
# Elasticsearch Curator
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
security:
|
||||
- |
|
||||
Adds mitigation for the Apache Log4j2 Remote Code Execution (RCE)
|
||||
Vulnerability in Elasticsearch - CVE-2021-44228.
|
Loading…
Reference in New Issue