Cannot install Search-Guard plugin and enable xPacks. Version 6.4.2

Hello,

I installed the elastic stack on the Kubernetes cluster.
I wanted to enable Search-guard plugin.
Before that, the installation did not work at all, added two variables to the environment.

Elastiksearch/Kibana Versions : 6.4.2

bash-4.4# wget https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-6/6.4.2-24.1/search-guard-6-6.4.2-24.1.zip
Connecting to oss.sonatype.org (18.235.158.122:443)
search-guard-6-6.4.2 100% |*********************************************************************************************************************************************************************************************************************************| 25452k  0:00:00 ETA
bash-4.4# export ES_TMPDIR=/tmp
bash-4.4# export NODE_NAME=""
bash-4.4# pwd
/elasticsearch
bash-4.4# bin/elasticsearch-plugin install -b search-guard-6-6.4.2-24.1.zip
A tool for managing installed elasticsearch plugins

Commands
--------
list - Lists installed elasticsearch plugins
install - Install a plugin
remove - removes a plugin from Elasticsearch

Non-option arguments:
command              

Option         Description        
------         -----------        
-h, --help     show help          
-s, --silent   show minimal output
-v, --verbose  show verbose output
ERROR: Unknown plugin search-guard-6-6.4.2-24.1.zip
bash-4.4#

Kibana.
The documentation says that xpack plugins are installed by default. But it is not. And I can not install them either. There are no corresponding settings in the kibana.yml file.

bash-4.2$ ls
kibana.example.org.crt  kibana.example.org.key  kibana.yml
bash-4.2$ more kibana.yml 
---
# Default Kibana configuration from kibana-docker.

server.name: kibana
server.host: "0"
elasticsearch.url: http://elasticsearch:9200
bash-4.2$ curl http://elasticsearch-efk-cluster:9200
{
  "name" : "17444417-3c04-4716-b52c-35dfd83274ea",
  "cluster_name" : "efk-cluster",
  "cluster_uuid" : "MesAoWoyRBmke7iIQOJ_Fw",
  "version" : {
"number" : "6.4.2",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "04711c2",
"build_date" : "2018-09-26T13:34:09.098244Z",
"build_snapshot" : false,
"lucene_version" : "7.4.0",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}
bash-4.2$ pwd
/opt/kibana/config
bash-4.2$ more kibana.yml 
---
# Default Kibana configuration from kibana-docker.

server.name: kibana
server.host: "0"
elasticsearch.url: http://elasticsearch:9200
bash-4.2$ cd ..
bash-4.2$ bin/kibana-plugin list

bash-4.2$ 

What am I doing wrong?

From version 6.3 of the stack, X-Pack is no longer installed as a separate plugin, but rather a natural part of the default distribution. I suspect this is why it does not show up when you query kibana-plugins. The same applies to Elasticsearch.

I installed the stack from here. Perhaps the reason and the problem is that this chart uses the oss version?

But no, the chart pulls the version from here.
https://quay.io/repository/pires/docker-elasticsearch-kubernetes/manifest/sha256:06a1228b8bf1dd44f357cf509ed61cd0c9959f6a6ec723d1391f20df851665c2

Yes, that seem to install the OSS distribution, which does not include X-Pack. If you want to use X-Pack you need to change to use the default distribution.

Hmm. But no. From this link can see file..
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.4.2.tar.gz.asc
This is the default distribution, or not?

Based on the server output, you have the correct distribution of Elasticsearch. The helm chart however seems to reference docker.elastic.co/kibana/kibana-oss (if I am reading it right) which is not the default distribution.

Understood thanks. Can you tell me - is this version a bit stable?

The README file says it is in alpha status, so I guess it may be subject to change.

The argument to elasticsearch-plugin install must be a URL or the name of a plugin in the official Elastic plugin repository.

You need to reference the zip file as a file:// URL, or point it to the https:// plugin on sonatype.

1 Like

Thanks. This is helpful advice that I overlooked.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.