sudo /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node
ERROR: Failed to determine the health of the cluster. , with exit code 69
Only configuration change so far is the setup of ReadOnlyRest.
bellow is the result of requesting health manually
I'd be very surprised if enrollment works with ReadOnlyRest - we certainly don't test or support it.
The enrollment token functionality is only designed to work with Elasticsearch security.
Is there a particular reason you're using ROR instead of the builtin security features of Elasticsearch?
user@host:~$ sudo /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node
13:25:13.425 [main] ERROR org.elasticsearch.xpack.security.enrollment.ExternalEnrollmentTokenGenerator - Error 400when calling GET http://x.x.x.x:9200/_security/api_key. ResponseBody: {error=no handler found for uri [/_security/api_key] and method [POST]}
Unable to create enrollment token for scope [node]
ERROR: Unexpected response code [400] from calling POST http://x.x.x.x:9200/_security/api_key, with exit code 73
Read Only Rest is a third party plugin that replaces core functionality from Elasticsearch. If you choose to use Read Only Rest instead of Elasticsearch's built in security features then you lose the ability to use those builtin features, which includes automated enrollment.
I don't think you have any chance of making this work.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.