How to reset password user elastic

I can't access the elasticsearch to retrieve the information of the cluster. The elasticsearch is run on docker with version 7.x.

You will need to provide a lot more information about your cluster and setup, ideally together with logs, for someone to be able to help you troubleshoot the issue.

The cluster contain 3 master nodes and 3 data nodes with deploy on docker. The version of elasticsearch is v7.3. I need to access cluster with curl command but i forgot the password of user elastic. Please kindly help to reset password.

Hi @gugurigon Welcome to the community.

First 7.3 is very old and EOL.yiu should upgrade!

Let's see... I think you are going to need to exec into one of the running elasticsearch docker container and us this command line tool.

When i run the command "bin/elasticsearch-users passwd elastic", the error message has shown as below: 
----------------------------------------------------------------------------------------------------------------------------------
OpenJDK 64-Bit Server VM warning: INFO: os::commit_memory(0x00000006aaaa0000, 5726666752, 0) failed; error='Not enough space' (errno=12)
#
# There is insufficient memory for the Java Runtime Environment to continue.
# Native memory allocation (mmap) failed to map 5726666752 bytes for committing reserved memory.
# An error report file with more information is saved as:
# /usr/share/elasticsearch/hs_err_pid171.log
-----------------------------------------------------------------------`Preformatted text`

Hmmm Looks like you are going to need to increase the memory resources for that container

Was there any additional information in the log
/usr/share/elasticsearch/hs_err_pid171.log

Actually question do you know if you are using native vs file realm?

I suspect you are not using file realm ... So that is probably not the right approach..

7.3 us so old it does not have some in the new command line tools

@gugurigon

I found this article from one of our experts

I can run the command "bin/elasticsearch-setup-password interactive" by decrease heap size. But found the error message "ERROR: Failed to set password for user [apm_system]." Please kindly help. 

After append option -verbose the error message has shown:
-----------------------------------------------------------------------------------------------------------------------
Running with configuration path: /usr/share/elasticsearch/config

Testing if bootstrap password is valid for http://x.x.x.x:9200/_security/_authenticate?pretty
{
  "username" : "elastic",
  "roles" : [
    "superuser"
  ],
  "full_name" : null,
  "email" : null,
  "metadata" : {
    "_reserved" : true
  },
  "enabled" : true,
  "authentication_realm" : {
    "name" : "reserved",
    "type" : "reserved"
  },
  "lookup_realm" : {
    "name" : "reserved",
    "type" : "reserved"
  }
}


Checking cluster health: http://x.x.x.x:9200/_cluster/health?pretty
{
  "error" : {
    "root_cause" : [
      {
        "type" : "master_not_discovered_exception",
        "reason" : null
      }
    ],
    "type" : "master_not_discovered_exception",
    "reason" : null
  },
  "status" : 503
}


Failed to determine the health of the cluster running at http://x.x.x.x:9200
Unexpected response code [503] from calling GET http://x.x.x.x:9200/_cluster/health?pretty
Cause: master_not_discovered_exception

It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.

Do you want to continue with the password setup process [y/N]y

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:

Trying user password change call http://x.x.x.x:9200/_security/user/apm_system/_password?pretty
{
  "error" : {
    "root_cause" : [
      {
        "type" : "status_exception",
        "reason" : "Cluster state has not been recovered yet, cannot write to the [null] index"
      }
    ],
    "type" : "status_exception",
    "reason" : "Cluster state has not been recovered yet, cannot write to the [null] index"
  },
  "status" : 503
}


Unexpected response code [503] from calling PUT http://10.2.173.226:9200/_security/user/apm_system/_password?pretty
Cause: Cluster state has not been recovered yet, cannot write to the [null] index

Possible next steps:
* Try running this tool again.
* Try running with the --verbose parameter for additional messages.
* Check the elasticsearch logs for additional error details.
* Use the change password API manually.

ERROR: Failed to set password for user [apm_system].
-----------------------------------------------------------------------------------------------------------------------

The tool is trying very hard to explain the problem to you.
Your cluster is not healthy (master_not_discovered_exception) and it is not possible to reset the password in a cluster that has no elected master node.

You need to work through the problem with your cluster before you can make changes to user passwords:

Thank you so much. I will check log of the cluster again. 
I have found the error message "client did not trust this server's certificate, closing connection Netty4TcpChannel{localAddress=0.0.0.0/0.0.0.0:9300". Should i configure Transport Layer Security (TLS) before reset password ? 

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.