I recently restarted some nodes in our cluster after a configuration change and unfortunately they aren't coming back up cleanly. There appears to be an issue with marvel. There is a reference to __marvel_user however I never configured a user by this name. It may have been that we installed marvel before shield so this wasn't required? I don't have anything configured for exporters as this is not a monitoring cluster. Should I?
Caused by: ElasticsearchException[failure in bulk execution:
[0]: index [.marvel-es-1-2016.09.01], type [node_stats], id [AVbmWt6A4696eKrladi 9], message [RemoteTransportException[[iot-prod-5][10.19.17.84:9300][indices:dat a/write/bulk[s]]]; nested: ElasticsearchSecurityException[action [indices:data/w rite/bulk[s]] is unauthorized for user [__marvel_user]];]]
at org.elasticsearch.marvel.agent.exporter.local.LocalBulk.flush (LocalBulk.java:118)
Which version of Elasticsearch is running on those nodes?
They all have different versions of plugins, which implies different versions of Elasticsearch. You should always have the same version of the plugin as the running version of ES.
I am assuming that your environment has two versions running: 2.3.4 on one node and 2.3.3 on another.
I verified that the version of the plugin is 2.3.3 which is the same as the version of ES running on that node. At the moment this errors is just repeating in the log. It hints that __marvel_user doesn't have permissions to create a new index. I never had to configure this user previously.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.