How to activate security at kubernetes (es, kibana 6.3.2)

i installed elasticsearch and kibana 6.3.2 from docker images. (kubernetes environment)
and then i change to trail license.

now i can see the x-pack funtion. but i can't activate security funtion (log-in /log-out)
i aready write my yaml file (xpack.security.enabled: true , elasticsearch.username, elasticsearch.password)

at 6.2.4 i can activate security funtion like this. (make some above configuration )

how can i activate..?

is xpack.security.enabled: true set on the elasticsearch side of things? What is returned when you try to access the / endpoint from one of the elasticsearch nodes?

[root@elasticsearch-data-2 elasticsearch]# curl localhost:9200/
{
"name" : "gk41YSd",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "diJ6RUCOTX6H5qfJVjqOig",
"version" : {
"number" : "6.3.2",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "053779d",
"build_date" : "2018-07-20T05:20:23.451332Z",
"build_snapshot" : false,
"lucene_version" : "7.3.1",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}

i can see that.
i already set xpack.security.enabled: true to elasticsearch.yaml and kibana.yaml

after changing trial license at kibana, i try to restart elasticsearch node.
but my environment is kubernetes, so if i restart es node. k8s do auto healing and es is recreated.
and then, the license back to basic. because k8s create new es. that is k8s necessary function.
so i can't restart es node.

sorry for the complicated question.

If you are trying to run ES as stateless K8s service then you're going to run into all sorts of problems. Your options are incredibly limited if you can never restart your nodes. You will lose all your data anytime your node crashes or is shutdown. That's a massive limitation.

However, if that's what you want, then you need to configure all of this before your start up your node.
Try these putting these configurations into your container:

xpack.license.self_generated.type: trial
xpack.security.enabled: true

thank you for your answer.

i already put these configurations in my yaml and container.

xpack.license.self_generated.type: trial
xpack.security.enabled: true

in v6.2.4 i can make security to use these configurations.

but i think v6.3.2 is only starting with basic license.
if only i cant start basic license, do i have to restart my es-node for make security(log-in / out)?

thank you.

You need to set those before you start the cluster for the first time. Once the cluster has generated a basic license it is too late, and you have to use the API to change the license, you cannot do it with config settings.

If you you have tried that and aren't getting the results you expected then you will need to describe exactly what you are seeing, because that configuration definitely works, I use it all the time.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.