Elasticsearch 6.3: X-Pack and remote connection doesn't work

cmenendez · June 20, 2018, 6:44am

Hi,

I'm trying to install Elasticsearch 6.3 in my PC. The first problem I find is when I want to set an user and a password. I follow the documentation and use

bin/elasticsearch-setup-passwords interactive

but the result is:

Unexpected response code [403] from calling GET http://127.0.0.1:9200/_xpack/security/_authenticate?pretty
It doesn't look like the X-Pack security feature is available on this Elasticsearch node.
Please check if you have installed a license that allows access to X-Pack Security feature.

ERROR: X-Pack Security is not available.

If I try to install X-Pack, the error is X-Pack is already install.

Another problem is when I try to connect remotely with Elasticsearch, I change the network.host in elasticsearch.yml: network.host: "myIP" or network.host: 0.0.0.0. In any case, I get it.

Any ideas??? Thank you very much.

Jon_Hourany · June 21, 2018, 2:09am

I'm in the same exact boat: fresh install of ES and Kibana through DEB on a remote Ubuntu 16.04 machine.

What I've gathered so far is that this seems to relate to the X-Pack licence now shipping in 6.3. In previous versions this error could appear if the licence expired, but X-Pack basic is free now so this shouldn't be the case.

When I do a GET to _xpack/security this is the response

GET "http://127.0.0.1:9200/_xpack/security/_authenticate?pretty"
{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "current license is non-compliant for [security]",
        "license.expired.feature" : "security"
      }
    ],
    "type" : "security_exception",
    "reason" : "current license is non-compliant for [security]",
    "license.expired.feature" : "security"
  },
  "status" : 403
}

And querying the X-Pack licence API get me this:

GET "http://localhost:9200/_xpack/license"{
  "license" : {
    "status" : "active",
    "uid" : "a5100a6a-cce1-4d51-b197-97fc2304e50a",
    "type" : "basic",
    "issue_date" : "2018-06-20T22:13:12.053Z",
    "issue_date_in_millis" : 1529532792053,
    "max_nodes" : 1000,
    "issued_to" : "elasticsearch",
    "issuer" : "elasticsearch",
    "start_date_in_millis" : -1
  }
}

I have tried setting xpack.security.enabled: false in elasticsearch.yml as some older posts have recommended, but all that did was chance the status from a 403 to a 404.

Srikanth_YMS · June 27, 2018, 8:14pm

Hey! Same problem here..
ERROR: X-Pack Security is not available.
x-pack is open source right??

dadoonet · June 27, 2018, 8:42pm

Read this: https://www.elastic.co/products/x-pack/open

Jon_Hourany · June 27, 2018, 8:49pm

Hi @dadoonet. The link you provided is only an explanation that some parts of X-Pack are now open. Unless I didn't see it, It doesn't address the problem and potential bug being reported here that some installs of 6.3 through DEB don't appear to be shipping with the right X-Pack license.

Jon_Hourany · June 27, 2018, 11:18pm

I've filed a bug report on this issue here

dadoonet · June 28, 2018, 1:19am

If you scroll down you'll see:

If the code of X-Pack is open, does that mean it's all free?

No. Many features in X-Pack are free, such as monitoring, tile maps, Grok Debugger, and Search Profiler. Some features in X-Pack are paid, and require a license that comes with a Gold or Platinum subscription.

weyderfs · July 5, 2018, 12:48pm

So how to work around the problem? I can't login in Kibana because this...

weyderfs · July 5, 2018, 12:52pm

I have tried setting xpack.security.enabled: false in elasticsearch.yml as some older posts have recommended, but all that did was chance the status from a 403 to a 404.

I not found this: " xpack.security.enabled: false" in my kibana.yml and elasticsearch.yml.

cooljsz · July 6, 2018, 7:13am

because X-Pack [basic] license did not contain any security.

In the old way(5.x version),elasticsearch.yml had elasticsearch.username: "elastic" elasticsearch.password: "search".It did not work now.

dadoonet · July 6, 2018, 7:27am

@cooljsz just to clarify: Xpack security has never been free.

raparis · July 8, 2018, 10:35am

Does that mean creating passwords and providing authentication just the way we were doing it until 6.2.4 version is not available from now on?
Cheers

dadoonet · July 8, 2018, 11:43am

No. May be you have been using a trial version?

I mean that security (login/password) has never been free. It did not change from 2.x to 6.3

weyderfs · July 11, 2018, 8:31pm

Okay, it's okay that it will not be free, but how am I going to login into Kibana then?
I installed the tool following your own documentation

dadoonet · July 11, 2018, 9:37pm

If you don't have the security feature, you won't have to log in Kibana.

Hari_Prasad · July 30, 2018, 5:36pm

So are there no ways to use ELK stack after one month trial? even without any security features ?

dadoonet · July 30, 2018, 8:39pm

@Hari_Prasad Of course you can use Elastic stack after the trial. Just revert to Basic license.
Or use a pure OSS version which is also available on download page.

See https://www.elastic.co/subscriptions

Rafael_Simonelli · August 14, 2018, 5:22pm

@dadoonet I'm a little confused here, could you help me please?

I'm a newcomer to Elasticsearch and I'm following the tutorial provided in Portuguese by Luiz Guilherme Santos, hosted in Elastic. In the tutorial, he performs the following steps:

Downloads Elasticsearch 6.2.3 (I downloaded 6.3.2 which is the latest) and Kibana
Extracts the TAR files
Installs X-Pack with elasticsearch-plugin (6.3.2 already comes with it, so I didn't installed it)
Runs Elasticsearch
Runs "X-Pack\setup-passwords interactive"

He didn't set any licenses for X-Pack (fresh installation) and "setup-passwords" worked. So why it isn't working in 6.3.2? Is the tutorial outdated? What are the implications of not setting passwords this way?

Thanks!

system · September 28, 2018, 7:06pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.