I have been playing around with ES for a while now. It got a stage where the company wants to see a demo of the monitoring / security functions that ES offer.
I have been using a version of the Ansible playbook, with some modifications to allow version 5 of the software. This all works fine, until I install Xpack.
So the problem I have is the playbook always fails on " List Native Users"
fatal: [54.77.239.235]: FAILED! => {"changed": false, "content": "
{\"error\":{\"root_cause\":
[{\"type\":\"illegal_state_exception\",\"reason\":\"users cannot be
retrieved as native user service has not been started\"}],\"type\":\"illegal_state_exception\",\"reason\":\"users cannot be retrieved as native user service has not been started\"},\"status\":500}", "content_length": "269", "content_type": "application/json; charset=UTF-8", "failed": true, "json": {"error": {"reason": "users cannot be retrieved as native user service has not been started", "root_cause": [{"reason": "users cannot be retrieved as native user service has not been started", "type": "illegal_state_exception"}], "type": "illegal_state_exception"}, "status": 500}, "msg": "Status code was not [200]: HTTP Error 500: Internal Server Error", "redirected": false, "status": 500, "url": "http://localhost:9200/_xpack/security/user"}
I can't seem to find any information on this error, is anyone able to help me out? Also on the 2nd run of the playbook, the default user stopped working and I had to use one that was created in the "vars" section, I assumed this was intentional but I could not see any task that made that user inactive.
Some more information:
es_enable_xpack: true
es_xpack_features: ["alerting", "security"]
# Experimental below
es_api_basic_auth_username: es_admin
es_api_basic_auth_password: changeMe
es_role_mapping:
power_user:
- "cn=admins,dc=example,dc=com"
user:
- "cn=users,dc=example,dc=com"
- "cn=admins,dc=example,dc=com"
es_users:
native:
kibana4_server:
password: changeMe
roles:
- kibana4_server
file:
es_admin:
password: changeMe
roles:
- admin
testUser:
password: changeMeAlso!
roles:
- power_user
- user
es_roles:
file:
admin:
cluster:
- all
indices:
- names: '*'
privileges:
- all
power_user:
cluster:
- monitor
indices:
- names: '*'
privileges:
- all
user:
indices:
- names: '*'
privileges:
- read
kibana4_server:
cluster:
- monitor
indices:
- names: '.kibana'
privileges:
- all
native:
logstash:
cluster:
- manage_index_templates
indices:
- names: 'logstash-*'
privileges:
- write
- delete
- create_index