Reset elastic user password in docker container

I have inherited a 7.16.2 elastic cluster with Basic license, running in docker containers(using docker-compose) and am trying to add xpack.security.enabled=true as an intermediate step to configure internal user passwords before applying the rest of the TLS/xpack related config(transport, http).

The issue I'm having is that someone before me has already ran elasticsearch-setup-passwords so I cannot run it again and ultimately not able to figure out how to reset the current elastic user password to continue on.

I have tried to use ELASTIC_PASSWORD=passwd and also ELASTIC_PASSWORD_FILE=/path/to/file in my docker compose file to no avail. I'm not sure if i'm missing something related to docker but I did docker rm the elastic containers for a fresh start before bringing up configs with these changes. The other solutions that i'm finding don't seem to apply to elasticsearch running in containers.

Any help would be appreciated.

use ELASTIC_PASSWORD_FILE, just don't forget to mount the file into the container... and when you run your container, check logs..

I did add the password file to the volume i'm using for the certs I intend on using. After fixing some file perms, I got the elasticsearch containers to start with this in the logs, which suggests it should be working:

Setting ELASTIC_PASSWORD from ELASTIC_PASSWORD_FILE at /usr/share/elasticsearch/config/ssl/elastic_password

The password I added to the file did not work to authenticate a curl request. Does using the ELASTIC_PASSWORD_FILE override a previously set password? I'm curious because the documentation is referring to this method as an 'Elasticsearch bootstrap password', which perhaps suggests that one isn't already set??

You can just go into one of the container and manually add a file realm superuser following this doc page. Then use the file realm superuser to change other user's password.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.