[Solved] Issuing error with "elasticsearch-setup-passwords auto" command

Hyrastios · June 6, 2019, 9:38am

Hi,
I'm trying to set up native authentification feature on my local ELK 7.1 installation.
Yesterday, I asked here if it was possible to use it with a basic license and the answer was : yes since 6.8 version.

So in theory, it should be fine but in practice when I try to execute the command "elasticsearch-setup-passwords auto (or interactive)" I get this error message :

 Unexpected response code [403] from calling GET http://127.0.0.1:9200/_security/_authenticate?pretty
It doesn't look like the X-Pack security feature is available on this Elasticsearch node.
Please check if you have installed a license that allows access to X-Pack Security feature.

ERROR: X-Pack Security is not available.

I tried to execute the same query : "GET /_security/_authenticate" in Kibana console and it returns this error message :

 {
  "error": {
    "root_cause": [
      {
        "type": "security_exception",
        "reason": "current license is non-compliant for [security]",
        "license.expired.feature": "security"
      }
    ],
    "type": "security_exception",
    "reason": "current license is non-compliant for [security]",
    "license.expired.feature": "security"
  },
  "status": 403
}

I checked the state of my license with "GET/_license" :

 {
  "license" : {
    "status" : "active",
    "uid" : "fa928891-2373-49e4-8903-85fc86937ba2",
    "type" : "basic",
    "issue_date" : "2019-05-02T14:01:37.468Z",
    "issue_date_in_millis" : 1556805697468,
    "max_nodes" : 1000,
    "issued_to" : "elasticsearch",
    "issuer" : "elasticsearch",
    "start_date_in_millis" : -1
  }
}

And here's the moment I don't understand anymore : I got the confirmation that I can use the security features I want to, I got an active basic license, and yet I still get this error message :

"type": "security_exception",
"reason": "current license is non-compliant for [security]",
"license.expired.feature": "security"*

Is there a step I forgot ? Maybe the "status" : "active" line does not mean that my license hasn't expired ?

I'm sorry to bother you once again guys but I really don't get it...

TimV · June 7, 2019, 4:03am

What do you get from

GET /

and

GET /_xpack

?

Hyrastios · June 7, 2019, 7:25am

Hi,

GET / :

{
  "name" : "node-1",
  "cluster_name" : "cluster_de_test_NR",
  "cluster_uuid" : "Bo9wHPlcSxqzqaP4o0ICng",
  "version" : {
    "number" : "7.0.1",
    "build_flavor" : "default",
    "build_type" : "zip",
    "build_hash" : "e4efcb5",
    "build_date" : "2019-04-29T12:56:03.145736Z",
    "build_snapshot" : false,
    "lucene_version" : "8.0.0",
    "minimum_wire_compatibility_version" : "6.7.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

GET /_xpack :

{
  "build" : {
    "hash" : "e4efcb5",
    "date" : "2019-04-29T12:57:49.344766Z"
  },
  "license" : {
    "uid" : "fa928891-2373-49e4-8903-85fc86937ba2",
    "type" : "basic",
    "mode" : "basic",
    "status" : "active"
  },
  "features" : {
    "ccr" : {
      "description" : "Cross Cluster Replication",
      "available" : false,
      "enabled" : true
    },
    "graph" : {
      "description" : "Graph Data Exploration for the Elastic Stack",
      "available" : false,
      "enabled" : true
    },
    "ilm" : {
      "description" : "Index lifecycle management for the Elastic Stack",
      "available" : true,
      "enabled" : true
    },
    "logstash" : {
      "description" : "Logstash management component for X-Pack",
      "available" : false,
      "enabled" : true
    },
    "ml" : {
      "description" : "Machine Learning for the Elastic Stack",
      "available" : false,
      "enabled" : true,
      "native_code_info" : {
        "version" : "7.0.1",
        "build_hash" : "6a88928693d862"
      }
    },
    "monitoring" : {
      "description" : "Monitoring for the Elastic Stack",
      "available" : true,
      "enabled" : true
    },
    "rollup" : {
      "description" : "Time series pre-aggregation and rollup",
      "available" : true,
      "enabled" : true
    },
    "security" : {
      "description" : "Security for the Elastic Stack",
      "available" : false,
      "enabled" : true
    },
    "sql" : {
      "description" : "SQL access to Elasticsearch",
      "available" : true,
      "enabled" : true
    },
    "watcher" : {
      "description" : "Alerting, Notification and Automation for the Elastic Stack",
      "available" : false,
      "enabled" : true
    }
  },
  "tagline" : "You know, for X"
}

TimV · June 7, 2019, 7:43am

You are running 7.0.1 (you had said earlier it was 7.1).
Per the previous thread, security is not available on a basic license in 7.0.

Hyrastios · June 7, 2019, 7:55am

Yeah I spotted that whilereading the result of the query, I thought I was running in 7.1 but I was wrong, sorry ^^'...

Is there a way to upgrade my install without losing the data I already imported in my cluster ? (Something like copying the data folder) or does upgrading ES means I have to import the data one more time ?

Hyrastios · June 7, 2019, 8:36am

Nevermind, I remembered this page : https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-upgrade.html

Thanks for your help !

system · July 5, 2019, 8:36am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.