It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-password s.
It is very likely that the password changes will fail when run against an unhealthy cluster.
Do you want to continue with the password setup process [y/N]n
You probably need to change cluster.initial_master_nodes and remove the http port from it. This setting should contain the node name and the port number is not part of the name.
When your cluster is healthy , you will be able to run elasticsearch-setup-passwords in one of your 6 nodes and set the password of the built-in users.
When I take out xpack.security.transport.ssl.enabled: true then it fails for other reasons :
[1]: Transport SSL must be enabled if security is enabled on a [basic] license. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]
I tired to see if I could add the master nodes in this way and got this error:
bin/elasticsearch -Ecluster.initial_master_nodes=atl-deves01,met-deves02
Exception in thread "main" java.lang.RuntimeException: starting java failed with [1]
output:
#
# There is insufficient memory for the Java Runtime Environment to continue.
# Native memory allocation (mmap) failed to map 12884901888 bytes for committing reserved memory.
# An error report file with more information is saved as:
# /var/log/elasticsearch/hs_err_pid178846.log
error:
OpenJDK 64-Bit Server VM warning: INFO: os::commit_memory(0x00000004c0000000, 12884901888, 0) failed; error='Not enough space' (errno=12)
at org.elasticsearch.tools.launchers.JvmErgonomics.flagsFinal(JvmErgonomics.java:126)
at org.elasticsearch.tools.launchers.JvmErgonomics.finalJvmOptions(JvmErgonomics.java:88)
at org.elasticsearch.tools.launchers.JvmErgonomics.choose(JvmErgonomics.java:59)
at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.java:137)
at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:95)
Yes, in order to make use of security, then you need to also enable transport SSL.
However, @ikakavas's point is that you can't simply set enabled: true
Configuring SSL requires additional steps that are explained in the documentation that he linked to.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.