Is Xpack related to "master_not_discovered_exception"? 503

Hello everyone! I have a single-node cluster running which I have enabled the Xpack security on. I'd like to add a node to this cluster, but I get "master_not_discovered_exception". I have set the discovery.seed_hosts as well as discovery.zen.minimum_master_nodes on both nodes (named node-1 and node-2).
Can someone please help me? how can I add node-2 to my-cluster? I have provided the configurations and logs of each node:

node-1:

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-cluster
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["192.168.xx.xxx", "192.168.yy.yyy"]
#
discovery.zen.minimum_master_nodes: 2
#discovery.type: single-node
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
#xpack.license.self_generated.type: trial
xpack.security.audit.enabled: true
xpack.monitoring.enabled: true
xpack.monitoring.collection.enabled: true
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/my-cluster.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/my-cluster.p12 
path.repo: ["/es-backup"]

node-2:

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: my-cluster
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
node.name: node-2
node.master: true
node.data: ture
#
# Add custom attributes to the node:
#
node.master: true
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["192.168.xx.xxx", "192.168.yy.yyy"]
#
discovery.zen.minimum_master_nodes: 2
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true

Does this have anything to do with Xpack? nodes can see each other via telnet and I have tried deleting data folder (either node-2 or both which caused data loss :slight_smile: as well).
I have tried removing discovery.zen.minimum_master_nodes plus uncommenting cluster_initial_master_nodes.
I also have tried reinstalling ealsticsearch but I get different types of exceptions on node-2 log including:

[2021-02-17T08:29:38,472][WARN ][o.e.c.c.ClusterFormationFailureHelper] [node-2] master not discovered yet, this node has not previously joined a bootstrapped (v7+) cluster, and this node must discover master-eligible nodes [node-1, node-2] to bootstrap a cluster: have discovered [{node-2}{nPrbtpavS7SeKnVfXoRvXw}{zEKZttqLRAWmG4oJKuq9mw}{192.168.yy.yyy}{192.168.yy.yyy:9300}{dilmrt}{ml.machine_memory=6087491584, xpack.installed=true, transform.node=true, ml.max_open_jobs=20}]; discovery will continue using [192.168.xx.xxx:9300] from hosts providers and [{node-2}{nPrbtpavS7SeKnVfXoRvXw}{zEKZttqLRAWmG4oJKuq9mw}{192.168.yy.yyy}{192.168.yy.yyy:9300}{dilmrt}{ml.machine_memory=6087491584, xpack.installed=true, transform.node=true, ml.max_open_jobs=20}] from last-known cluster state; node term 0, last-accepted version 0 in term 0

I have tried restarting ealsticsearch on both nodes but the only achievement I got was that I uncomment cluster_initial_master_nodes on node-2 and set it to node-2 which was not the solution but I could check cluster health via API.
I'd be so thankful if anyone could help me with this. I've been trying to solve this for days. :broken_heart: :broken_heart: Thanks in advance! :smiley:

The configuration for node-1 includes SSL settings such as

xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/my-cluster.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/my-cluster.p12 

But the node-2 configuration doesn't appear to include any of those settings.

You cannot connect a non-SSL node to an SSL-node. You will need to add SSL configuration to node-2

1 Like

Thank you Tim! You are right; I just tested it by removing Xpack from node-1 and it worked. Just one more question: so I need to add Xpack security to node-2 before adding it to the cluster? can I add the Xpack security at this level (that the node has been added to the cluster)? Thank you for the consideration!

Yes. You should set both of these settings

  • xpack.security.enabled
  • xpack.security.transport.ssl.enabled

to the same value on each node in your cluster.

Sorry, I don't understand the question.
If I haven't already answered it (above), can you rephrase it?

1 Like

Thank you Tim! I had already added node-2 to the cluster and I was wondering if I had to remove the node and apply Xpack.security before adding the node (right after installation, while configuring) to the cluster. I generated an SSL certificate on node-1 and shared it with all nodes. Also added Xpack security configurations on all of my nodes and it's working now.