Hi, so I am fairly new to the Elastic Stack. I've setup a cluster of elasticsearch nodes (Masters, Datas, Clients). I also have Kibana setup as well. Both Elasticsearch and Kibana have Shield installed on their respective nodes. The issue that I am running into is that I need to create Kibana4 users so that people can login to Kibana Web Interface. If I create the user on the Elasticsearch client node that Kibana4 is pointed to, they can login. If I create the user on a Elasticsearch Master that Kibana is not pointed to, they cannot login. Is there a way for me to create the users on a Elasticsearch node and have that populate to all servers in the cluster? Thanks!
Hi Kevin,
Today, as an administrator of a Shield protected Elasticsearch cluster, it is up to you to keep the users, roles, and user-role mapping files in sync across all nodes in the cluster. This is not optional - you cannot just add a user to one node, but not another; it won't be secure.
As you might imagine, we are working on a proper API, which includes seamless distribution of configuration across all nodes. This is planned for a near-term release, and will make this much easier.
In the mean time, you will need to keep the configuration in sync on all nodes.
Hope that helps!
That is exactly the answer I was looking for. Okay, I will do that then. Thanks skearns! I look forward to the next release for the seamless distribution.