Apologies if my approach in the described in the following is stupid.
- set up elasticsearch 7.13 on node-1 as a single node cluster, enabled TLS and ran
bin/elasticsearch-setup-passwords interactive - set up elasticsearch 7.13 on node-2 the same way and changed settings in both nodes to be part of the same cluster, both becoming master nodes and seed nodes. The plan was, to add node by node (all of them hosted on different machines but telneting from one node to the other works fine.)
My naive assumption was that running:
bin/elasticsearch-setup-passwords auto -u "https://node-1.somehere.here:9200"
on node-2 would setup the passwords and allow it to join the cluster but insted I got:
Failed to authenticate user 'elastic' against https://node-1.somehere.here:9200/_security/_authenticate?pretty
Possible causes include:
* The password for the 'elastic' user has already been changed on this cluster
* Your elasticsearch node is running against a different keystore
This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore
ERROR: Failed to verify bootstrap password
which makes sense.
My question:
How can I add a new node to a cluster where passwords are already setup? Is it only possible to setup passwords on a fresh cluster using the bootstrap password?