Adding users is failing

pjanzen · October 19, 2018, 11:33am

Hi All,

ES version 6.4.2

I am executing:
bin/elasticsearch-setup-passwords auto

But that gives me the following error:

Unexpected response code [404] from calling GET http://10.80.4.1:9200/_xpack/security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.

ERROR: X-Pack Security is disabled by configuration.

Ok, clear enough, however when xpack.security is enabled I am getting the following.

root@tb-clog-esm1:/usr/share/elasticsearch# bin/elasticsearch-setup-passwords auto
Your cluster health is currently RED.
This means that some cluster data is unavailable and your cluster is not fully functional.

It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.

Do you want to continue with the password setup process [y/N]y

cluster.name: clog
Initiating the setup of passwords for reserved users elastic,kibana,logstash_system,beats_system.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y



Connection failure to: http://10.80.4.1:9200/_xpack/security/user/kibana/_password?pretty failed: Read timed out

ERROR: Failed to set password for user [kibana].

Of course my cluster cannot recover as the nodes cannot authenticate. So I must be missing something here.

Could someone please help me out?

Thanks,
Paul.

TimV · October 19, 2018, 12:11pm

I'm sorry, I don't follow what you're saying here.
Are you suggesting that turning on security is preventing your cluster from forming? That's possible, but there's no reason to believe that it is actually the case - you haven't provided any details about why your cluster is red.

There's no point guessing about the cause of the problem - please check the Elasticsearch logs for errors.

pjanzen · October 19, 2018, 12:26pm

HI Tim,

I am running version 6.4.2 and according to the documentation there are no default users. So I have to create them.

When I have set:
xpack.security.enabled: false

I cannot add users due to the error above.
When I set:

xpack.security.enabled: true

I am seeing the following in my elasticsearch logs.

[2018-10-19T13:21:59,405][INFO ][o.e.b.BootstrapChecks    ] [tb-clog-esd1.tb.acc.iss.local] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2018-10-19T13:22:03,099][INFO ][o.e.c.s.ClusterApplierService] [tb-clog-esd1.tb.acc.iss.local] detected_master {tb-clog-esm1.tb.acc.iss.local}{2eLPs3PJRfCBSnbJcH3Sug}{exUsIaxpTg6bD8AqEIBocw}{10.80.4.1}{10.80.4.1:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true}, added {{tb-clog-esm2.tb.acc.iss.local}{w4fCtCDZTuGo2SBWDTbJwQ}{ZtEFrL_RSyOBpuRRa6XNtw}{10.80.4.2}{10.80.4.2:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true},{tb-clog-esd2.tb.acc.iss.local}{U9e4z60mTsaeQIkQmmUOaw}{WvKjhO_3TRKnXxVlSvwPjg}{10.80.4.6}{10.80.4.6:9300}{ml.machine_memory=16826785792, ml.max_open_jobs=20, xpack.installed=true, box_type=ssd, ml.enabled=true},{tb-clog-esm3.tb.acc.iss.local}{mXLMwZuIQua24relgYNPxg}{91WYllU5RhmI0XE-RL8RnQ}{10.80.4.3}{10.80.4.3:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true},{tb-clog-esm1.tb.acc.iss.local}{2eLPs3PJRfCBSnbJcH3Sug}{exUsIaxpTg6bD8AqEIBocw}{10.80.4.1}{10.80.4.1:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true},}, reason: apply cluster state (from master [master {tb-clog-esm1.tb.acc.iss.local}{2eLPs3PJRfCBSnbJcH3Sug}{exUsIaxpTg6bD8AqEIBocw}{10.80.4.1}{10.80.4.1:9300}{ml.machine_memory=4143489024, ml.max_open_jobs=20, xpack.installed=true, box_type=no_data, ml.enabled=true} committed version [4]])
[2018-10-19T13:22:03,624][INFO ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [tb-clog-esd1.tb.acc.iss.local] publish_address {10.80.4.5:9200}, bound_addresses {127.0.0.1:9200}, {10.80.4.5:9200}
[2018-10-19T13:22:03,625][INFO ][o.e.n.Node               ] [tb-clog-esd1.tb.acc.iss.local] started
[2018-10-19T13:22:04,047][INFO ][o.e.c.s.ClusterSettings  ] [tb-clog-esd1.tb.acc.iss.local] updating [cluster.routing.allocation.enable] from [all] to [none]
[2018-10-19T13:22:04,146][INFO ][o.e.l.LicenseService     ] [tb-clog-esd1.tb.acc.iss.local] license [d7e473a4-5058-4aad-a9d2-1efdbe2a1bd1] mode [platinum] - valid
[2018-10-19T13:22:04,276][INFO ][o.e.x.s.a.TokenService   ] [tb-clog-esd1.tb.acc.iss.local] refresh keys
[2018-10-19T13:22:04,842][INFO ][o.e.x.s.a.TokenService   ] [tb-clog-esd1.tb.acc.iss.local] refreshed keys
[2018-10-19T13:22:06,625][INFO ][o.e.x.s.a.AuthenticationService] [tb-clog-esd1.tb.acc.iss.local] Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]
[2018-10-19T13:22:12,093][INFO ][o.e.x.s.a.AuthenticationService] [tb-clog-esd1.tb.acc.iss.local] Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]
[2018-10-19T13:22:17,329][ERROR][o.e.x.s.a.e.ReservedRealm] [tb-clog-esd1.tb.acc.iss.local] failed to retrieve password hash for reserved user [elastic]
org.elasticsearch.action.NoShardAvailableActionException: No shard available for [get [.security][doc][reserved-user-elastic]: routing [null]]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.perform(TransportSingleShardAction.java:207) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.start(TransportSingleShardAction.java:186) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:95) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:59) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.TransportAction.doExecute(TransportAction.java:143) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.action.support.TransportAction$RequestFilterChain.proceed(TransportAction.java:167) ~[elasticsearch-6.4.2.jar:6.4.2]
	at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.lambda$apply$0(SecurityActionFilter.java:90) ~[?:?]

Which of course make sence as I am unable to create the users in the first place..

pjanzen · October 19, 2018, 12:34pm

Ok, not sure what happend here but after a full restart (which I had done before, yes I am sure of it) I could create users...

Weird...

system · November 16, 2018, 12:34pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Failed to Authenticate User after Installing X-Pack Elasticsearch	3	1669	April 5, 2018
Unable to run set-up password after enabling x-pack security on a cluster Elasticsearch elastic-stack-security	7	1017	June 9, 2020
After X-pack Installation : Failed to authenticate user [elastic] Elasticsearch elastic-stack-security	7	11877	April 17, 2020
Missing authentication credentials for REST request Elasticsearch elastic-stack-security	5	6945	September 7, 2022
Catch 22 with creating passwords Elasticsearch elastic-stack-security	23	725	May 4, 2021

Adding users is failing

Related topics