I see that in version 7.1.0, the security module was made available to basic licenses but I am not seeing it in my 7.1.1 install. Do I have to setup transport and http security first for those features to expose themselves?
Did you download the default distribution or the -oss one?
Default distribution from elastic.co
Do I need to use the -oss one??
What does GET _xpack?pretty return?
Below is my output
{
"build" : {
"hash" : "7a013de",
"date" : "2019-05-23T14:05:50.009976Z"
},
"license" : {
"uid" : "381c5986-9fb8-4e14-a6bc-fc98f3a6f245",
"type" : "basic",
"mode" : "basic",
"status" : "active"
},
"features" : {
"ccr" : {
"description" : "Cross Cluster Replication",
"available" : false,
"enabled" : true
},
"graph" : {
"description" : "Graph Data Exploration for the Elastic Stack",
"available" : false,
"enabled" : true
},
"ilm" : {
"description" : "Index lifecycle management for the Elastic Stack",
"available" : true,
"enabled" : true
},
"logstash" : {
"description" : "Logstash management component for X-Pack",
"available" : false,
"enabled" : true
},
"ml" : {
"description" : "Machine Learning for the Elastic Stack",
"available" : false,
"enabled" : true,
"native_code_info" : {
"version" : "7.1.1",
"build_hash" : "fd619a36eb77df"
}
},
"monitoring" : {
"description" : "Monitoring for the Elastic Stack",
"available" : true,
"enabled" : true
},
"rollup" : {
"description" : "Time series pre-aggregation and rollup",
"available" : true,
"enabled" : true
},
"security" : {
"description" : "Security for the Elastic Stack",
"available" : true,
"enabled" : false
},
"sql" : {
"description" : "SQL access to Elasticsearch",
"available" : true,
"enabled" : true
},
"watcher" : {
"description" : "Alerting, Notification and Automation for the Elastic Stack",
"available" : false,
"enabled" : true
}
},
"tagline" : "You know, for X"
}
So I looked at my elasticsearch.yml configuration and saw that I had xpack.security.enabled: false. Not sure when/why I did that, but I changed it to true and the following events were logged:
[2019-06-17T09:20:22,962][INFO ][o.e.b.BootstrapChecks ] [ESIPS1] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2019-06-17T09:20:23,008][ERROR][o.e.b.Bootstrap ] [ESIPS1] node validation exception
[1] bootstrap checks failed
[1]: Transport SSL must be enabled if security is enabled on a [basic] license. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]
So I set ssl.enabled to true and xpack.security to true and restarted elasticsearch. It starts up, but I see a ton of closed connections and handshake failures, which leads me to believe it's because I haven't configured SSL on the transport.
@warkolm, does this mean transport security needs to be configured before I can enable Kibana user access, or do I need to configure both HTTPS and transport security? I realize the benefits of doing so, I just want to step into this as methodically as possible.
My understanding is that it all needs to be configured.