Fala pessoal, blz? Então.. estou com dificuldade em configurar um cluster de 3 nós, com o modo security ativo na versão 7.4.0 segue a configuração realizada no cluster:
elk_master:
cluster.name: homolog
node.name: elk_master
node.master: true
node.data: false
node.ingest: false
node.ml: false
discovery.seed_hosts: ["10.200.19.121", "10.200.19.122", "10.200.19.123"]
cluster.initial_master_nodes: ["10.200.19.121"]
cluster.remote.connect: false
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/elk_master.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/elk_master.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/certs/elk_master.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/certs/elk_master.p12
elk_node1:
cluster.name: homolog
node.name: elk_node1
node.data: true
node.master: false
node.ingest: false
node.ml: false
discovery.seed_hosts: ["10.200.19.121", "10.200.19.122", "10.200.19.123"]
cluster.initial_master_nodes: ["10.200.19.121"]
cluster.remote.connect: false
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/elk_node1.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/elk_node1.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/certs/elk_node1.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/certs/elk_node1.p12
elk_node2:
cluster.name: homolog
node.name: elk_node2
node.data: true
node.master: false
node.ingest: false
node.ml: false
discovery.seed_hosts: ["10.200.19.121", "10.200.19.122", "10.200.19.123"]
cluster.initial_master_nodes: ["10.200.19.121"]
cluster.remote.connect: false
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/elk_node2.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/elk_node2.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/certs/elk_node2.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/certs/elk_node2.p12
Segui os passos conforme documentação porém ao iniciar o serviço do elasticsearch recebo as seguintes informações nos logs do elk_master:
org.elasticsearch.xpack.monitoring.exporter.ExportException: failed to flush export bulks
at org.elasticsearch.xpack.monitoring.exporter.ExportBulk$Compound.lambda$doFlush$0(ExportBulk.java:109) [x-pack-monitoring-7.4.0.jar:7.4.0]
at org.elasticsearch.action.ActionListener$1.onFailure(ActionListener.java:70) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.xpack.monitoring.exporter.local.LocalBulk.lambda$doFlush$1(LocalBulk.java:112) [x-pack-monitoring-7.4.0.jar:7.4.0]
at org.elasticsearch.action.ActionListener$1.onFailure(ActionListener.java:70) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.action.support.ContextPreservingActionListener.onFailure(ContextPreservingActionListener.java:50) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.action.support.TransportAction$1.onFailure(TransportAction.java:79) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.action.support.ContextPreservingActionListener.onFailure(ContextPreservingActionListener.java:50) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.action.bulk.TransportBulkAction.doExecute(TransportBulkAction.java:227) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.action.bulk.TransportBulkAction.doExecute(TransportBulkAction.java:93) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.action.support.TransportAction$RequestFilterChain.proceed(TransportAction.java:153) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.lambda$apply$0(SecurityActionFilter.java:86) [x-pack-security-7.4.0.jar:7.4.0]
at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:62) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.lambda$authorizeRequest$4(SecurityActionFilter.java:172) [x-pack-security-7.4.0.jar:7.4.0]
at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:62) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.xpack.security.authz.AuthorizationService.lambda$runRequestInterceptors$15(AuthorizationService.java:342) [x-pack-security-7.4.0.jar:7.4.0]
at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:62) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.common.util.concurrent.ListenableFuture$1.doRun(ListenableFuture.java:99) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.common.util.concurrent.EsExecutors$DirectExecutorService.execute(EsExecutors.java:225) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.common.util.concurrent.ListenableFuture.notifyListener(ListenableFuture.java:93) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.common.util.concurrent.ListenableFuture.lambda$done$0(ListenableFuture.java:85) [elasticsearch-7.4.0.jar:7.4.0]
at java.util.ArrayList.forEach(ArrayList.java:1507) [?:?]
at org.elasticsearch.common.util.concurrent.ListenableFuture.done(ListenableFuture.java:85) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.common.util.concurrent.BaseFuture.set(BaseFuture.java:144) [elasticsearch-7.4.0.jar:7.4.0]
at org.elasticsearch.common.util.concurrent.ListenableFuture.onResponse(ListenableFuture.java:114) [elasticsearch-7.4.0.jar:7.4.0]
OBS.: Também não consigo gerar senha no modo interativo
exibe a seguinte mensagem:
Unexpected response code [500] from calling GET https://10.200.19.123:9200/_security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.
ERROR: X-Pack Security is disabled by configuration.
alguém já passou por isso? poderiam ajudar ?