Elasticsearch 7.1 fresh install errors with "master not discovered exception" when security is enabled

I just installed es 7.1 using the msi package on a windows server 2012R2 box.

After install I checked the newly created cluster with a single node and health is green.

I enabled the xpack.security.enabled and restarted the es service.

Then I tried to setup the passwords as in the docs, but I get this error. I tried to say Yes and apply the passwords anyway, but it obviously failed.

If I disabled the xpack.security.enabled, the cluster starts just fine.

Any idea on what I'm doing wrong?

D:\Elastic\Elasticsearch\7.1.0\bin>elasticsearch-setup-passwords.bat interactive

Failed to determine the health of the cluster running at http://127.0.0.1:9200
Unexpected response code [503] from calling GET http://127.0.0.1:9200/_cluster/health?pretty
Cause: master_not_discovered_exception

It is recommended that you resolve the issues with your cluster before running e
lasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.

Do you want to continue with the password setup process [y/N]

My config:

bootstrap.memory_lock: false
cluster.initial_master_nodes:
  - myhostname
cluster.name: mycluster
http.port: 9200
node.data: true
node.ingest: true
node.master: true
node.max_local_storage_nodes: 1
node.name: myhostname
path.data: D:\Elastic\Elasticsearch\data
path.logs: D:\Elastic\Elasticsearch\logs
transport.tcp.port: 9300
xpack.license.self_generated.type: basic
xpack.security.enabled: true
xpack.security.authc.accept_default_password: true

Apparently I was missing this parameter in the config. It works now:

xpack.security.transport.ssl.enabled: true

4 Likes

Thanks alot.

Hello everyone, everything good?
I'm having the same problem.
I am trying to enable security in ElasticSearch 7.1.1.
However I am taking the following error, when executing the command "elasticsearch-setup-passwords auto":

"Failed to determine the health of the cluster running at http://192.168.70.71:9200
Unexpected response code [503] from calling GET http://192.168.70.71:9200/_cluster/health?pretty
Cause: master_not_discovered_exception"

There are three servers with the following configuration in the file elasticsearch.yml:

cluster.name: elk-cluster
node.name: elk-node01
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.seed_providers: file
cluster.initial_master_nodes: ["elk-node01", "elk-node02", "elk-node03"]
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true

The only parameter that changes from one node to another is the "node.name" (elk-node02 and elk-node03).
Are there any other settings I need to adjust?

I thank you for your attention. Thank you.

I think you probably need this:
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

I followed this tutorial to set it up:
https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls.html

1 Like

@Everton_Azevedo please start a new thread with your question.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.