Kibana "Reindex" Failed

oliverlucas1 · July 26, 2019, 9:20am

Elasticsearch and Kibana was running with 5.x for some time and I've updated to 6.x after some pain, the next logical jump is to 7.0.

Following the documentation, I understand that I need to reindex my indicies via the 7.0 upgrade wizard, however I'm experiencing some massive issues with doing this.

Clicking the button that says "Reindex" it asks me to confirm that the _all field will be removed, and I accept this and click "Continue with Reindex" then select "Run reindex" - At this point, it changes from blue to grey and then back to blue.

Going back to the Kibana console, the reindex button says "Failed" but there's no additional information as to why it failed.

Where's a good place to start? Looking at the logs I cannot see anything that would indicate a problem.

tylersmalley · July 26, 2019, 11:14pm

If you click on the button with "Failed", do you see the failure details in the flyover?

oliverlucas1 · July 26, 2019, 11:34pm

Hi @tylersmalley - Unfortunately not, I don't see anything pop up that indicates a problem at all, it just allows me to run the reindex again! Quite frustrating! Where would I find the specific log that would detail UI errors?

tylersmalley · July 27, 2019, 12:07am

Can I get the response from this API call?

http://localhost:5601/api/upgrade_assistant/reindex/filebeat-2016.12.20

(You will need to replace http://localhost:5601 with the URL to your Kibana instance.)

oliverlucas1 · July 27, 2019, 2:37pm

@tylersmalley - Just ran that command and the following response was provided:

{"reindexOp":null,"warnings":[0],"hasRequiredPrivileges":true}

I'm not sure what I was expecting but that looks overly positive, sadly!

oliverlucas1 · July 27, 2019, 2:47pm

So I ran kibana again from the console and hitting the button to reindex seems to generate the below:

 error  [14:37:29.949]  [cluster_block_exception] blocked by: [FORBIDDEN/8/index
 write (api)]; :: {"path":"/.kibana/doc/upgrade-assistant-telemetry%3Aupgrade-as
sistant-telemetry/_update","query":{"refresh":"wait_for","_source":"true"},"body
":"{\"script\":{\"source\":\"\\n              if (ctx._source[params.type][param
s.counterFieldName] == null) {\\n                ctx._source[params.type][params
.counterFieldName] = params.count;\\n              }\\n              else {\\n
              ctx._source[params.type][params.counterFieldName] += params.count;
\\n              }\\n              ctx._source.updated_at = params.time;\\n
       \",\"lang\":\"painless\",\"params\":{\"count\":1,\"time\":\"2019-07-27T14
:37:29.949Z\",\"type\":\"upgrade-assistant-telemetry\",\"counterFieldName\":\"ui
_open.overview\"}},\"upsert\":{\"upgrade-assistant-telemetry\":{\"ui_open.overvi
ew\":1},\"type\":\"upgrade-assistant-telemetry\",\"updated_at\":\"2019-07-27T14:
37:29.949Z\"}}","statusCode":403,"response":"{\"error\":{\"root_cause\":[{\"type
\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORBIDDEN/8/index write
 (api)];\"}],\"type\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORB
IDDEN/8/index write (api)];\"},\"status\":403}"}
    at respond (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch\src\lib\transport
.js:308:15)
    at checkRespForFailure (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch\src\l
ib\transport.js:267:7)
    at HttpConnector.<anonymous> (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch
\src\lib\connectors\http.js:166:7)
    at IncomingMessage.wrapper (C:\ELK-6.8.1\Kibana\node_modules\elasticsearch\n
ode_modules\lodash\lodash.js:4935:19)
    at IncomingMessage.emit (events.js:194:15)
    at endReadableNT (_stream_readable.js:1103:12)
    at process._tickCallback (internal/process/next_tick.js:63:19)

Does that mean anything?

tylersmalley · July 27, 2019, 2:49pm

What user are you logged in as, what roles or privileges does it have? Looks like your getting forbidden write exceptions.

oliverlucas1 · July 27, 2019, 3:02pm

There's no RBAC at all on the cluster, its completely open - Very strange indeed!

oliverlucas1 · July 27, 2019, 3:11pm

I ran the following on the Elasticsearch cluster:

elasticsearch-users list
No users found

I then tried using Kibana dev tools with:
GET /_security/user

which generated the below expected response:

{
  "error": {
    "root_cause": [
      {
        "type": "exception",
        "reason": "Security must be explicitly enabled when using a [basic] license. Enable security by setting [xpack.security.enabled] to [true] in the elasticsearch.yml file and restart the node."
      }
    ],
    "type": "exception",
    "reason": "Security must be explicitly enabled when using a [basic] license. Enable security by setting [xpack.security.enabled] to [true] in the elasticsearch.yml file and restart the node."
  },
  "status": 500
}

system · August 24, 2019, 3:11pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.