I am attempting to upgrade to 6.2.2 from 5.2.1. Thankfully I can just install a clean version, no upgrade.
I am using just the Basic License.
I believe that the basic authentication from version 5 is no longer available.
If I understand the documentation correctly, I need to install X-Pack and use the security features therein if I want to secure my stack with a username and password.
Possible causes include:
The password for the 'elastic' user has already been changed on this cluster
Your elasticsearch node is running against a different keystore
This tool used the keystore at C:\Elasticsearch\config\elasticsearch.keystore
My Question:
Can I set up Basic Authentication using a Basic License of Elasticsearch?
I am just looking for Basic Authentication for a Single Node.
I do not have multiple users/roles.
Sorry, I feel a bit confused.
In our current setup I use 'elastic'/'changeme' to "secure" our stack. Yes, I know, shame on me.
Everything I'm reading now for 6+ says there is no longer a default password and you need to install X-Pack and run through setup-passwords to create built-in user passwords for elasticsearch, kibana and logstash. (As mentioned, I've tried a couple times without success).
Is it possible for me, using a Basic License, to secure my Elasticsearch, Kibana & Logstash using a username and password?
So now I'm questioning my sanity. Obviously I'm still an ES rookie.
When I originally set up Elasticsearch, did it perhaps ask for a Username & Password since it was on a Trial license.
Once the trial license ran out and I got a Basic License, I must have continued submitting the username and password with my requests even though they aren't required and just never noticed.
Thankfully our stack lives behind the firewall with no external access.
So just to be clear, if I am going to install X-Pack for monitoring with a Basic License and thus not have security, do I need to disable security in the elasticsearch, kibana and logstash .yml files?
Using this setting: xpack.security.enabled: false
Or does it not matter?
You don't have to, but it can be helpful.
If you don't explicitly disable security, then X-Pack will start with security enabled, form a cluster, and then detect that the cluster has a basic license, and turn the security features off.
We need to do this, as the license is a cluster setting and an individual node does not know what licence type is in use until it gets the cluster state from the active master.
But that means that security is active until your node joins a cluster, which can make it difficult to monitor a node that is still looking for a cluster.
Explicitly disabling security avoids that minor issue.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.