Issues with Elasticsearch clustering

cisco-oops · May 17, 2024, 3:04pm

Hello,

We're attempting to build a 3-node Elastic cluster and were looking to get some assistance.

We have a master node that we're trying to join two other Elastic nodes to. We were able to generate an enrollment token on the master node, but when plugging the token in to the others with the command "elasticsearch --enrollment-token" we get: "Skipping security auto configuration because it appears that security is already configured., with exit code 80"

We're not really sure what the next step is based on this error or what is expected when applying a token.

I have not started up elasticsearch on the nodes I'm trying to join to the cluster or touched the yml config file.

The existing cluster's status on node 1 is green.

Here's the config for the master node:

cluster.name: OVPR_Log_Cluster

node.name: u-es8-int

path.data: /var/lib/elasticsearch

path.logs: /var/log/elasticsearch

network.host: 0.0.0.0

http.port: 9200

cluster.initial_master_nodes: ["es1.ovpr.uga.edu", "es2.ovpr.uga.edu" ,"es3.ovpr.uga.edu"]

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
  client_authentication: none
  verification_mode: none

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  client_authentication: none
  verification_mode: none
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12

And here's the config for the other two:

path.data: /var/lib/elasticsearch

path.logs: /var/log/elasticsearch

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["u-es9-int"]

# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0

Topic		Replies	Views
Problems Joining a Cluster Elasticsearch	33	925	March 1, 2024
Skipping security auto configuration Elasticsearch elastic-stack-security	2	5554	October 25, 2022
Configure multi node configuration with enrollment token - Elasticsearch 8.0.0 Elasticsearch elastic-stack-security	7	5894	March 22, 2022
3-Node cluster setup Elasticsearch elastic-stack-security	5	1120	February 2, 2023
ERROR: Skipping security auto configuration because it appears that the node is not starting up for the first time. The node might already be part of a cluster and this auto setup utility is designed to configure Security for new clusters only., with exit Elasticsearch	1	725	November 1, 2023

Issues with Elasticsearch clustering

Related topics