Adding users is failing

Hi All,

ES version 6.4.2

I am executing:
bin/elasticsearch-setup-passwords auto

But that gives me the following error:

Unexpected response code [404] from calling GET http://10.80.4.1:9200/_xpack/security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.

ERROR: X-Pack Security is disabled by configuration.

Ok, clear enough, however when xpack.security is enabled I am getting the following.

root@tb-clog-esm1:/usr/share/elasticsearch# bin/elasticsearch-setup-passwords auto
Your cluster health is currently RED.
This means that some cluster data is unavailable and your cluster is not fully functional.

It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.

Do you want to continue with the password setup process [y/N]y

cluster.name: clog
Initiating the setup of passwords for reserved users elastic,kibana,logstash_system,beats_system.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y



Connection failure to: http://10.80.4.1:9200/_xpack/security/user/kibana/_password?pretty failed: Read timed out

ERROR: Failed to set password for user [kibana].

Of course my cluster cannot recover as the nodes cannot authenticate. So I must be missing something here.

Could someone please help me out?

Thanks,
Paul.

I'm sorry, I don't follow what you're saying here.
Are you suggesting that turning on security is preventing your cluster from forming? That's possible, but there's no reason to believe that it is actually the case - you haven't provided any details about why your cluster is red.

There's no point guessing about the cause of the problem - please check the Elasticsearch logs for errors.

HI Tim,

I am running version 6.4.2 and according to the documentation there are no default users. So I have to create them.

When I have set:
xpack.security.enabled: false

I cannot add users due to the error above.
When I set:

xpack.security.enabled: true

I am seeing the following in my elasticsearch logs.

[2018-10-19T13:21:59,405][INFO ][o.e.b.BootstrapChecks    ] [tb-clog-esd1.tb.acc.iss.local] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2018-10-19T13:22:03,099][INFO ][o.e.c.s.ClusterApplierService] [tb-clog-esd1.tb.acc.iss.local] detected_master {tb-clog-esm1.tb.acc.iss.local}{2eLPs3PJRfCBSnbJcH3Sug}{exUsIaxpTg6bD8AqEIBocw}{10.80.4.1}{10.80.4.1:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true}, added {{tb-clog-esm2.tb.acc.iss.local}{w4fCtCDZTuGo2SBWDTbJwQ}{ZtEFrL_RSyOBpuRRa6XNtw}{10.80.4.2}{10.80.4.2:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true},{tb-clog-esd2.tb.acc.iss.local}{U9e4z60mTsaeQIkQmmUOaw}{WvKjhO_3TRKnXxVlSvwPjg}{10.80.4.6}{10.80.4.6:9300}{ml.machine_memory=16826785792, ml.max_open_jobs=20, xpack.installed=true, box_type=ssd, ml.enabled=true},{tb-clog-esm3.tb.acc.iss.local}{mXLMwZuIQua24relgYNPxg}{91WYllU5RhmI0XE-RL8RnQ}{10.80.4.3}{10.80.4.3:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true},{tb-clog-esm1.tb.acc.iss.local}{2eLPs3PJRfCBSnbJcH3Sug}{exUsIaxpTg6bD8AqEIBocw}{10.80.4.1}{10.80.4.1:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true},}, reason: apply cluster state (from master [master {tb-clog-esm1.tb.acc.iss.local}{2eLPs3PJRfCBSnbJcH3Sug}{exUsIaxpTg6bD8AqEIBocw}{10.80.4.1}{10.80.4.1:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true} committed version [4]])
[2018-10-19T13:22:03,624][INFO ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [tb-clog-esd1.tb.acc.iss.local] publish_address {10.80.4.5:9200}, bound_addresses {127.0.0.1:9200}, {10.80.4.5:9200}
[2018-10-19T13:22:03,625][INFO ][o.e.n.Node               ] [tb-clog-esd1.tb.acc.iss.local] started
[2018-10-19T13:22:04,047][INFO ][o.e.c.s.ClusterSettings  ] [tb-clog-esd1.tb.acc.iss.local] updating [cluster.routing.allocation.enable] from [all] to [none]
[2018-10-19T13:22:04,146][INFO ][o.e.l.LicenseService     ] [tb-clog-esd1.tb.acc.iss.local] license [d7e473a4-5058-4aad-a9d2-1efdbe2a1bd1] mode [platinum] - valid
[2018-10-19T13:22:04,276][INFO ][o.e.x.s.a.TokenService   ] [tb-clog-esd1.tb.acc.iss.local] refresh keys
[2018-10-19T13:22:04,842][INFO ][o.e.x.s.a.TokenService   ] [tb-clog-esd1.tb.acc.iss.local] refreshed keys
[2018-10-19T13:22:06,625][INFO ][o.e.x.s.a.AuthenticationService] [tb-clog-esd1.tb.acc.iss.local] Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]
[2018-10-19T13:22:12,093][INFO ][o.e.x.s.a.AuthenticationService] [tb-clog-esd1.tb.acc.iss.local] Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]
[2018-10-19T13:22:17,329][ERROR][o.e.x.s.a.e.ReservedRealm] [tb-clog-esd1.tb.acc.iss.local] failed to retrieve password hash for reserved user [elastic]
org.elasticsearch.action.NoShardAvailableActionException: No shard available for [get [.security][doc][reserved-user-elastic]: routing [null]]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.perform(TransportSingleShardAction.java:207) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.start(TransportSingleShardAction.java:186) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:95) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:59) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.TransportAction.doExecute(TransportAction.java:143) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.TransportAction$RequestFilterChain.proceed(TransportAction.java:167) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.lambda$apply$0(SecurityActionFilter.java:90) ~[?:?]

Which of course make sence as I am unable to create the users in the first place..

Ok, not sure what happend here but after a full restart (which I had done before, yes I am sure of it) I could create users...

Weird...

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.