Adding a new node to a cluster with passwords already set

Apologies if my approach in the described in the following is stupid.

  • set up elasticsearch 7.13 on node-1 as a single node cluster, enabled TLS and ran
    bin/elasticsearch-setup-passwords interactive
  • set up elasticsearch 7.13 on node-2 the same way and changed settings in both nodes to be part of the same cluster, both becoming master nodes and seed nodes. The plan was, to add node by node (all of them hosted on different machines but telneting from one node to the other works fine.)

My naive assumption was that running:
bin/elasticsearch-setup-passwords auto -u "https://node-1.somehere.here:9200"
on node-2 would setup the passwords and allow it to join the cluster but insted I got:

Failed to authenticate user 'elastic' against https://node-1.somehere.here:9200/_security/_authenticate?pretty
Possible causes include:
 * The password for the 'elastic' user has already been changed on this cluster
 * Your elasticsearch node is running against a different keystore
   This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore

ERROR: Failed to verify bootstrap password

which makes sense.

My question:
How can I add a new node to a cluster where passwords are already setup? Is it only possible to setup passwords on a fresh cluster using the bootstrap password?

There is no connection between adding nodes to a cluster and users' passwords.
Once you successfully join a new node to the cluster it will have access to all of the passwords that you setup.

If there is a problem adding a node to the cluster then it doesn't have anything to do with the setup of passwords.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.