Faster/easier way to secure a v7 production-mode Cluster without loosing data

Fact is one cannot use Elasticsearch-setup-passwords in a unsecure production-mode Elasticsearch 7.17 Cluster.

I know some people turned each possible master node into a single dev-mode cluster with data apart (so Elasticsearch-setup-passwords works fine) before reverting to a production-mode Cluster but I wonder if a simpler and/or faster way is safe.

For instance, did anybody succeed in using
// Elasticsearch-setup-passwords interactive
with the same set of passwords on every node (while ignoring the warning) then activate TLS transport ?

You simply cannot setup passwords if security is not enabled. The endpoints that it uses will not exist on a cluster that does not have security turned on.

1 Like


So I should fool the passwords setup tool, making it believe each node is a single one in a dev-mode Cluster, so I can get minimal security before shutting down Elasticsearch everywhere.

Of course, nothing new should be indexed meanwhile, so data consistency is preserved.

Then, assuming the set of passwords is the same everywhere, I should have no problem generating CA & common certificate before restarting the initial Cluster in production-mode, getting basic security at last.

Or will I just completely confuse the nodes of this Cluster in the end ?

Yep, you will.

Thanks again, another dead end I avoided with your help. :sunglasses:

So, my only option with a reasonbly short performance impact is :

  1. Make sure there is a primary shard for every index on the master node and shut down Elasticsearch everywhere
  2. Restart this node as a single one in a dev-mode Cluster
  3. Apply minimal then basic security setup procedures
  4. Restart this node as a single one in a production-mode Cluster
  5. Make a fresh install of Elasticsearch on every other node (loosing all previous shards within)
  6. Start each of these empty nodes to join the Cluster
  7. Wait for shards balancing across the Cluster

Did I miss a step ?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.