I have an 3 node ES Cluster (version 5.6.3). I have deleted the data from each Node and tried to bring up the cluster (as I am still experimenting with the cluster, the data is not important).
I get the below error:
[2018-01-05T09:41:26,410][ERROR][o.e.x.s.a.e.ReservedRealm] [c2-5a-c1-c2-d3-93] failed to retrieve password hash for reserved user [elastic]
[2018-01-05T09:41:26,411][WARN ][o.e.x.s.a.AuthenticationService] [c2-5a-c1-c2-d3-93] An error occurred while attempting to authenticate [elastic] against realm [reserved] - ElasticsearchSecurityException[failed to authenticate user [elastic]]
How can I fix this? With the data deleted, I would have thought this would been seen as a clean cluster?
I can't seem to amend the elastic user password through ../bin/x-pack/users command as it is a reserved user. It seems the password is corrupt? How can I reset this?
There should be more context to this error message. The code that produces this error also reports on the problem that caused it. Can you check your logs to see if there is additional information?
This introduction on how security works for the Elastic stack might be helpful. Also, this page from our documentation would help explain that by deleting all the indices (deleting the data dir), you deleted the .security index too, that's where builtin users are stored and this is why you can't use them anymore.
Running the users command, you created new a super user in the File Realm
Hi Thanks for your reply. but if I had reprovision the VMs. This means the environment has been reset back to the default? The data folder would be recreated by ES as per the elasticsearch.yml.
This is where my confusion is. I thought resetting the entire environment should mean I would be back to square one.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.