Elasticsearch 6.3: X-Pack and remote connection doesn't work

Elastic Stack Elasticsearch
1

Hi,

I'm trying to install Elasticsearch 6.3 in my PC. The first problem I find is when I want to set an user and a password. I follow the documentation and use

bin/elasticsearch-setup-passwords interactive

but the result is:

Unexpected response code [403] from calling GET http://127.0.0.1:9200/_xpack/security/_authenticate?pretty
It doesn't look like the X-Pack security feature is available on this Elasticsearch node.
Please check if you have installed a license that allows access to X-Pack Security feature.

ERROR: X-Pack Security is not available.

If I try to install X-Pack, the error is X-Pack is already install.

Another problem is when I try to connect remotely with Elasticsearch, I change the network.host in elasticsearch.yml: network.host: "myIP" or network.host: 0.0.0.0. In any case, I get it.

Any ideas??? Thank you very much.

3 Likes
2

I'm in the same exact boat: fresh install of ES and Kibana through DEB on a remote Ubuntu 16.04 machine.

What I've gathered so far is that this seems to relate to the X-Pack licence now shipping in 6.3. In previous versions this error could appear if the licence expired, but X-Pack basic is free now so this shouldn't be the case.

When I do a GET to _xpack/security this is the response

GET "http://127.0.0.1:9200/_xpack/security/_authenticate?pretty"
{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "current license is non-compliant for [security]",
        "license.expired.feature" : "security"
      }
    ],
    "type" : "security_exception",
    "reason" : "current license is non-compliant for [security]",
    "license.expired.feature" : "security"
  },
  "status" : 403
}

And querying the X-Pack licence API get me this:

GET "http://localhost:9200/_xpack/license"{
  "license" : {
    "status" : "active",
    "uid" : "a5100a6a-cce1-4d51-b197-97fc2304e50a",
    "type" : "basic",
    "issue_date" : "2018-06-20T22:13:12.053Z",
    "issue_date_in_millis" : 1529532792053,
    "max_nodes" : 1000,
    "issued_to" : "elasticsearch",
    "issuer" : "elasticsearch",
    "start_date_in_millis" : -1
  }
}

I have tried setting xpack.security.enabled: false in elasticsearch.yml as some older posts have recommended, but all that did was chance the status from a 403 to a 404.

1 Like
3

Hey! Same problem here..
ERROR: X-Pack Security is not available.
x-pack is open source right??

4

Read this: https://www.elastic.co/products/x-pack/open

5

Hi @dadoonet. The link you provided is only an explanation that some parts of X-Pack are now open. Unless I didn't see it, It doesn't address the problem and potential bug being reported here that some installs of 6.3 through DEB don't appear to be shipping with the right X-Pack license.

2 Likes
6

I've filed a bug report on this issue here

1 Like
7

If you scroll down you'll see:

If the code of X-Pack is open, does that mean it's all free?

No. Many features in X-Pack are free, such as monitoring, tile maps, Grok Debugger, and Search Profiler. Some features in X-Pack are paid, and require a license that comes with a Gold or Platinum subscription.

8

So how to work around the problem? I can't login in Kibana because this...

9

I have tried setting xpack.security.enabled: false in elasticsearch.yml as some older posts have recommended, but all that did was chance the status from a 403 to a 404.

I not found this: " xpack.security.enabled: false" in my kibana.yml and elasticsearch.yml.

:frowning_face:

10

because X-Pack [basic] license did not contain any security.

image
image.png1126×655 36.7 KB

In the old way(5.x version),elasticsearch.yml had elasticsearch.username: "elastic" elasticsearch.password: "search".It did not work now.

11

@cooljsz just to clarify: Xpack security has never been free.

12

Does that mean creating passwords and providing authentication just the way we were doing it until 6.2.4 version is not available from now on?
Cheers

13

No. May be you have been using a trial version?

I mean that security (login/password) has never been free. It did not change from 2.x to 6.3

14

Okay, it's okay that it will not be free, but how am I going to login into Kibana then?
I installed the tool following your own documentation

15

If you don't have the security feature, you won't have to log in Kibana.

16

So are there no ways to use ELK stack after one month trial? even without any security features ?

17

@Hari_Prasad Of course you can use Elastic stack after the trial. Just revert to Basic license.
Or use a pure OSS version which is also available on download page.

See https://www.elastic.co/subscriptions

18

@dadoonet I'm a little confused here, could you help me please?

I'm a newcomer to Elasticsearch and I'm following the tutorial provided in Portuguese by Luiz Guilherme Santos, hosted in Elastic. In the tutorial, he performs the following steps:

  • Downloads Elasticsearch 6.2.3 (I downloaded 6.3.2 which is the latest) and Kibana
  • Extracts the TAR files
  • Installs X-Pack with elasticsearch-plugin (6.3.2 already comes with it, so I didn't installed it)
  • Runs Elasticsearch
  • Runs "X-Pack\setup-passwords interactive"

He didn't set any licenses for X-Pack (fresh installation) and "setup-passwords" worked. So why it isn't working in 6.3.2? Is the tutorial outdated? What are the implications of not setting passwords this way?

Thanks!

20

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.