curl -X GET -k -H "Authorization: Bearer AAEAAWVsYXN0aWMva2liYW5hL215LXRva2VuOnEtTm1IY1c4UTRxMDNUM2YzVUNOcFE" "https://139.177.199.119:9200/_security/_authenticate"
Which gave this result:
{"error":{"root_cause":[{"type":"index_not_found_exception","reason":"no such index [.security]","resource.type":"index_expression","resource.id":".security","index_uuid":"_na_","index":".security"}],"type":"security_exception","reason":"error attempting to authenticate request","caused_by":{"type":"index_not_found_exception","reason":"no such index [.security]","resource.type":"index_expression","resource.id":".security","index_uuid":"_na_","index":".security"},"header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}
Service tokens created using the CLI is per node, i.e. you can authenticate with it only to the node where you generated it. If you use it to talk to a different node, it won't work and you can observed the error if security index is also not created yet.
Please either make sure you talk to the same node that generated the token or copy the service_tokens file to all nodes.
Also now the command systemctl restart elasticsearch.service fails to start up the elastic service. My /var/log/elasticsearch/my-application.log shows this:
[2022-10-06T13:23:16,729][ERROR][o.e.b.Elasticsearch ] [localhost] fatal exception while booting Elasticsearch
java.lang.IllegalStateException: security initialization failed
at org.elasticsearch.xpack.security.Security.createComponents(Security.java:562) ~[?:?]
at org.elasticsearch.node.Node.lambda$new$15(Node.java:696) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.plugins.PluginsService.lambda$flatMap$0(PluginsService.java:236) ~[elasticsearch-8.4.3.jar:?]
at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:273) ~[?:?]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197) ~[?:?]
at java.util.AbstractList$RandomAccessSpliterator.forEachRemaining(AbstractList.java:720) ~[?:?]
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509) ~[?:?]
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499) ~[?:?]
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:575) ~[?:?]
at java.util.stream.AbstractPipeline.evaluateToArrayNode(AbstractPipeline.java:260) ~[?:?]
at java.util.stream.ReferencePipeline.toArray(ReferencePipeline.java:616) ~[?:?]
at java.util.stream.ReferencePipeline.toArray(ReferencePipeline.java:622) ~[?:?]
at java.util.stream.ReferencePipeline.toList(ReferencePipeline.java:627) ~[?:?]
at org.elasticsearch.node.Node.<init>(Node.java:710) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.node.Node.<init>(Node.java:311) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.bootstrap.Elasticsearch$2.<init>(Elasticsearch.java:214) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.bootstrap.Elasticsearch.initPhase3(Elasticsearch.java:214) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:67) ~[elasticsearch-8.4.3.jar:?]
Caused by: java.lang.IllegalStateException: Failed to load service_tokens file [/etc/elasticsearch/service_tokens]
at org.elasticsearch.xpack.security.authc.service.FileServiceAccountTokenStore.<init>(FileServiceAccountTokenStore.java:72) ~[?:?]
at org.elasticsearch.xpack.security.Security.createComponents(Security.java:742) ~[?:?]
at org.elasticsearch.xpack.security.Security.createComponents(Security.java:550) ~[?:?]
... 17 more
Caused by: java.nio.file.AccessDeniedException: /etc/elasticsearch/service_tokens
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) ~[?:?]
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106) ~[?:?]
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?]
at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:218) ~[?:?]
at java.nio.file.Files.newByteChannel(Files.java:380) ~[?:?]
at java.nio.file.Files.newByteChannel(Files.java:432) ~[?:?]
at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:422) ~[?:?]
at java.nio.file.Files.newInputStream(Files.java:160) ~[?:?]
at java.nio.file.Files.newBufferedReader(Files.java:2923) ~[?:?]
at java.nio.file.Files.readAllLines(Files.java:3413) ~[?:?]
at org.elasticsearch.xpack.security.support.FileLineParser.parse(FileLineParser.java:21) ~[?:?]
at org.elasticsearch.xpack.security.authc.service.FileServiceAccountTokenStore.parseFile(FileServiceAccountTokenStore.java:156) ~[?:?]
at org.elasticsearch.xpack.security.authc.service.FileServiceAccountTokenStore.<init>(FileServiceAccountTokenStore.java:70) ~[?:?]
at org.elasticsearch.xpack.security.Security.createComponents(Security.java:742) ~[?:?]
at org.elasticsearch.xpack.security.Security.createComponents(Security.java:550) ~[?:?]
... 17 more
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.