Our cluster have 6 nodes(1 coordinating, 3 master+data, 2 data nodes). We have implemented basic auth in the coordinating node, as our kibana is calling only coordinating node and it is working fine.
However , we have received a new requirement , where we need to secure all the elasticsearch node. We tried to make one of our master+data node secure.
PS : our coordinating node was working with only one property enabled
xpack.security.enabled: true
After enabling property when we try to run elasticsearch-setup-password, it is throwing below error :
[master_not_discovered_exception] .
Can someone please suggest whether there is some different configuration for master+data and coordinating node and why is it mandatory to enable ssl layer as well for master+data node
Since you're running a multi-node production cluster, you will need to perform at least the "Basic security" steps.
If you're following those steps and running into issues, then please indicate which step you got to, and what went wrong.
Based on the settings you have listed as being configured, it doesn't look like you are following those steps, so please start there.
SSL is the mechanism that we use to ensure that only trusted nodes can connect to your cluster. Without that protection, your security is useless because anyone with access to your network could connect to port 9300 and pretend to be a node.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
