Elasticsearch 8.5.0 docker fail elasticsearch-reset-password

abkrim · November 9, 2022, 5:52pm

Hi.

Today I've update my develop single cluster from 8.4.X to 8.5.0

When I've tried to reset password get error (same from host that from terminal of docker desktop)

❯ docker exec -it sitelight-es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -a -u root
This tool will reset the password of the [root] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y



ERROR: Failed to reset password for the [root] user
❯ docker exec -it sitelight-es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -a -u elasticsearch
WARNING: Owner of file [/usr/share/elasticsearch/config/users] used to be [root], but now is [elasticsearch]
WARNING: Owner of file [/usr/share/elasticsearch/config/users_roles] used to be [root], but now is [elasticsearch]
This tool will reset the password of the [elasticsearch] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y


ERROR: Failed to reset password for the [elasticsearch] user

I have deleted containers and rebuild containers.

Also problems with http_ca.crt

Certs not exists

sh-5.0$ ls -lisah /usr/share/elasticsearch/config/certs/http_ca.crt
ls: cannot access '/usr/share/elasticsearch/config/certs/http_ca.crt': No such file or directory
sh-5.0$ ls -lisah /usr/share/elasticsearch/config/                 
total 72K
 141871 4.0K drwxrwxr-x 1 elasticsearch root 4.0K Nov  9 17:53 .
 141894 8.0K drwxrwxr-x 1 root          root 4.0K Nov  9 17:53 ..
3542672 4.0K -rw-rw-r-- 1 root          root 1.1K Oct 24 16:53 elasticsearch-plugins.example.yml
1186180 4.0K -rw-rw---- 1 elasticsearch root  199 Nov  9 17:53 elasticsearch.keystore
3542673 4.0K -rw-rw-r-- 1 root          root   53 Oct 24 20:26 elasticsearch.yml
3542674 4.0K -rw-rw-r-- 1 root          root 2.6K Oct 24 16:53 jvm.options
 141872 4.0K drwxrwxr-x 1 elasticsearch root 4.0K Oct 24 16:57 jvm.options.d
3542676  20K -rw-rw-r-- 1 root          root  18K Oct 24 16:57 log4j2.file.properties
3542677  12K -rw-rw-r-- 1 root          root  12K Oct 24 20:26 log4j2.properties
3542678 4.0K -rw-rw-r-- 1 root          root  473 Oct 24 16:57 role_mapping.yml
3542679 4.0K -rw-rw-r-- 1 root          root  197 Oct 24 16:57 roles.yml
3542680    0 -rw-rw-r-- 1 root          root    0 Oct 24 16:57 users
3542681    0 -rw-rw-r-- 1 root          root    0 Oct 24 16:57 users_roles

Manual

abkrim · November 10, 2022, 6:22am

I finally understood what the issue is. If I have created my single-node without security with docker, no password or certificates are needed, but the communication is done without https, only with http

 curl -XGET "http://localhost:9200/" -H "kbn-xsrf: reporting"
{
  "name" : "44edbbb60101",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "6seEH0VRR8mX98dIkzSySg",
  "version" : {
    "number" : "8.5.0",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "c94b4700cda13820dad5aa74fae6db185ca5c304",
    "build_date" : "2022-10-24T16:54:16.433628434Z",
    "build_snapshot" : false,
    "lucene_version" : "9.4.1",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

system · December 8, 2022, 6:23am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.